Private Technology (CEO Kim Young-rang) announced that its next-generation zero trust communication solution, 'PRIBIT Connect v2.0,' has obtained the domestic CC certification EAL2 level.
The domestic CC (Common Criteria) certification is a system where the IT Security Certification Office verifies and certifies the security, stability, and reliability of IT products.
'PRIBIT Connect v2.0' is the world's first application access control solution that adds an independent alpha layer called the Application Flow Layer to the existing OSI 7 layers, verifying from the communication starting points such as users, terminals, and applications.
Private Technology independently developed the 'pre-authentication post-connection' mechanism and, after two years of dedication to comply with regulations in the domestic network environment lacking profiles for zero trust communication models, obtained the CC certification.
Private Technology's ZTNA (Zero Trust Network Access) is characterized by the ability to easily upgrade existing network boundary elements, which are prone to various security incidents due to the nature of network security environments, to ZTNA, the trend in the global network market.
In the existing internet environment, a tunnel is a technology that provides confidentiality on a network where anyone can eavesdrop on data packets by encapsulating and encrypting protected IP and port information to logically separate the network.
Once a tunnel is created, numerous risks such as ransomware and malware present on terminals can maintain constant access to business networks or the cloud, and many security incidents occur through vulnerabilities in these tunnels.
Furthermore, the method of creating tunnels after authentication does not differ from existing VPN technology, posing the risk of security incidents caused by the same reasons.
The zero trust model using tunnels must control and regulate the network access of the actual communication target software through the 'pre-authentication post-connection' mechanism and transmit only trusted data packets through authorized tunnels.
Based on this mechanism, Micro Segmentation must be performed, and dynamic control of centralized PDPs (Policy Decision Points) over PEPs (Policy Enforcement Points) located in various places (cloud, data centers, business networks, etc.) must be possible. Additionally, the security compliance of terminals must be continuously evaluated, and tunnels must be immediately disconnected if unsafe.
Private Technology has proven verified technology and significantly improved quantitative effects based on experience building and operating various references over the past three years. Through this CC certification, it plans to provide a network environment that improves vulnerabilities of existing boundary technologies.
Moreover, it plans to expand the CC scope to Mac OS, iOS, Android, and Gureum OS to supply ZTNA that can be safely used on all terminals.
Kim Young-rang, CEO of Private Technology, said, "It is a zero trust model with a 'pre-authentication post-connection' mechanism that identifies and controls assets such as communication and protection targets that could not be identified by existing network boundary elements and various risks," adding, "Following the global network market trend adopting reliable ZTNA, it will be the optimal solution providing a safe network and work environment anytime and anywhere."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
