Lock-Keeper
Encyclopedia
Lock-Keeper is a high-level security solution based on the idea of "Physical Separation". It is a hardware-based device and works like a sluice to provide secure data exchange between the physically separated networks. Based on the simple principle that “the ultimate method to secure a network is to disconnect it", the Lock-Keeper can entirely prevent session-based and protocol-based network attacks (i.e. so-called "online attack") by physically isolating the sensitive network from outside intruders.
Lock-Keeper is not proposed to replace the functionality of the conventional firewall
but is generally used in combination with firewall to enhance the security of the protected network. Moreover, other content scanning mechanisms, e.g. anti-virus software, can also be flexibly integrated with Lock-Keeper to prevent some application-level attacks, also referred to as "offline attacks".
The strengths of the Lock-Keeper solution can be summarized as:
Lock-Keeper can meet the security needs in different scenarios, such as most public authorities, national defence institutions or companies with a highly sensitive IT infrastructure, etc.
at Hasso Plattner Institute
(HPI) is now doing R&D works on Lock-Keeper:
Lock-Keeper is not proposed to replace the functionality of the conventional firewall
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
but is generally used in combination with firewall to enhance the security of the protected network. Moreover, other content scanning mechanisms, e.g. anti-virus software, can also be flexibly integrated with Lock-Keeper to prevent some application-level attacks, also referred to as "offline attacks".
The strengths of the Lock-Keeper solution can be summarized as:
- the simplicity of the architecture
- the scalability of the integrated content layer scanning and checking
- the high level security of internal network
Lock-Keeper can meet the security needs in different scenarios, such as most public authorities, national defence institutions or companies with a highly sensitive IT infrastructure, etc.
Lock-Keeper Technology
A research group led by Prof. Dr. Christoph MeinelChristoph Meinel
Univ.-Prof. Dr. sc. nat. Christoph Meinel is a German scientist and university professor of computer sciences. He is president and CEO of the Hasso Plattner Institute for IT Systems Engineering at the University of Potsdam , which is ranked a top university department in computer sciences in...
at Hasso Plattner Institute
Hasso Plattner Institute
The Hasso Plattner Institute ', or HPI, is a German information technology college, affiliated to the University of Potsdam and located in Potsdam-Babelsberg near Berlin. It was founded in 1998 and is the first, and still the only, entirely privately-funded college in Germany...
(HPI) is now doing R&D works on Lock-Keeper:
- Formalization of the "Physical Separation" concept.
- Lock-Keeper Hardware&Software Optimization.
- Implementing Lock-Keeper SDE Using Virtual Machine.
- Design of new Lock-Keeper applications, e.g. Lock-Keeper Web Services Module.
- Secure Database Replication Module through a WS-Based Messaging Framework.
- Lock-Keeper-based Online Police Station.
- Deployment of Lock-Keeper in Service-Oriented-Architecture.
- Research and Development of intelligent gateway device using the Lock-Keeper technology.
- Development of the Lock-Keeper Cluster System.
- Authentication and access control based on the Lock-Keeper technology.
- Performance measurement and comparison between the Lock-Keeper and other similar security solutions.
- ......
External links
- Lock-Keeper Project Portal
- Research work around Lock-Keeper at HPI
- Actisis GmbH: Consulting about Lock-Keeper