A Secure Endpoint

There are applications — online banking, medical records, and many others — where security is a high priority.

Nimbus is an ideal solution in these environments since it provides a secure endpoint which can be used to access private information safely.

Understanding the Context

Most sensitive information involved in online banking, electronic medical records, or corporate databases is physically stored in a centralized data center.  If professionally managed with standard security procedures, the data center itself is (usually) secure.

The problem arises because most users will access the data center remotely — using a PC, smart phone, or other device to retrieve their information over the Internet.

Surprisingly, the Internet itself is not the issue — most sensistive applications protect all data passing over the network with industrial-grade encryption technology.

The real problem is the endpoint — the PC at the user location which runs the application (or Web browser) which accesses the sensitive information.

It is all too easy to compromise this PC, and pierce the security of the overall context.

The Problem of PC Security

There are a few fundamental problems with using PCs as endpoints when accessing sensitive information:

  • Well known exploits — the common operating systems (Windows, MAC, Linux) all contain security issues.

    These exist in every version of these systems, new exploits are constantly being discovered, and there are even Web sites for hackers which detail how to take advantage of these issues.

  • Multi-use PCs — most PCs are used for multiple purposes, and often by several different people.

    Each separate application issues frequent updates which must be installed, and any one of these may compromise the security of the PC.  The only alternative is to maintain a separate PC which is completely dedicated to the sensitive application, which is both expensive and cumbersome in most environments.

  • Users are not security experts — they do not have the technical expertise to ensure the security of their PC.

    Most consumers or businesses install virus scanners in an attempt to automate this process, but even the vendors will admit that they cannot detect all breaches.  And even if the user does possess the necessary expertise, they also have their regular job and can't spend all of their time monitoring the PC for security exposure.

    There have even been published reports of PCs owned by recognized security experts which have been compromised — which are either humorous or frightening depending on your point of view.

  • Uncontrolled physical access — too many people have access to the PC.

    Unless installed in a location with military-level security procedures and manned checkpoints, most PCs can be accessed by any employee of a company, or even by visitors to a home or business.  Think of the PCs in a busy doctors office and the number of staff and patients who could physically access the equipment.

    And even if you completely trust all of your employees, when was the last time you did a background check on the cleaning crew that comes through your office at night?

... and all these lead to a security problem.

If your sensitive information is regularly accessed by hundreds or thousands of users with standard PCs, it is essentially impossible to ensure that every one of these access points is secure!

The Nimbus Solution

The Nimbus unit provides a fundamentally different approach to this problem, and can provide a low-cost, zero administration, secure endpoint for accessing sensitive information.

  • Encrypted transmission — all information sent between the Nimbus unit and the datacenter is encrypted.

    This is industrial grade encryption following internationally recognized standards.

    (For the non-technical audience, Nimbus uses SSL encryption.  For the technical audience, Nimbus uses TLS 1.0 with a 1,024 bit RSA certificate for key exchange and AES 128-bit encryption of application data.)

  • No operating system — the Nimbus unit does not contain a standard OS (Windows, Linux, etc).

    All code running within the unit is proprietary logic developed by Screen PC or open source libraries which have been vetted by ScreenPC before inclusion.

  • No local user data — no user data is stored within the Nimbus unit.

    When the unit enters a dormant state (either by user directive or through an established timeout period), both the screen buffer and any remaining network buffers are cleared.  The result is that even if someone steals the unit, no user data remains in memory.

  • A single, outbound connection — when the Nimbus unit starts operating, it opens a single, outbound, encrypted connection to the datacenter.

    All information, including any update to the logic within the Nimbus unit itself, is transferred through this encrypted link.  Most importantly, no inbound connections to the unit from the network are accepted — no remote user can access the box.

  • No local execution — no user application code executes within the Nimbus unit.

    Only the ScreenPC code necessary to connect to the datacenter and virtualize the screen and USB devices ever executes — no one can install a key-logger or trojan horse on the unit.

  • Restricted local devices — only the keyboard and mouse are handled locally.

    All other USB devices (flash drives, printers, etc) are virtualized and handled by the datacenter — so you can't insert a USB flash drive with a virus and infect the Nimbus unit.

Beyond security, all of the other Nimbus benefits still apply — low cost, small footprint, minimal power consumption, no installation, zero administration, etc.

Can Nimbus be Hacked?

No piece of computer equipment is completely immune from being hacked, including a Nimbus unit ....

... but the bar is awfully high.  In order to compromise a Nimbus unit in the field you would need:

  • A compromise of the encryption.

    Which is theoretically possible, but has not yet been accomplished (according to security researchers).

    Note that since Nimbus is using internationally standardized encryption, this would then imply that the encryption used by every major bank, all Web sites, and a number of military installations has also been compromised.

  • Physical access to the unit.

    Since only one outbound (encrypted) connection is created, and no inbound  connections are accepted, you cannot compromise the Nimbus unit from a remote location (so all the hackers in Eastern Europe, Russia, and China are blocked).

  • A full electronics laboratory.

    To compromise the unit, you could put traces on the physical leads between the memory and the screen, or the FPGA and the memory, and read out the data.  But this requires physical possession of the unit in order to install, some very expensive electronics equipment, and a very high level of both electronics and manufacturing expertise.

In summary, if the CIA is after you, they probably have the resources, money, and expertise necessary to hack your Nimbus unit — but they probably also have easier ways to keep track of what you're doing!