Encrypted Channel
The e-Capsule™ Secure Channel is an encrypted transmission protocol which is used in all communications between
the e-Capsule™ client applications running on the PCs and the e-Capsule™ application servers. It has several
advantages over standard Virtual Private Network (VPN) technologies, since it tunnels the SOCKS5 protocol, an
international standard that provides a flexible networking framework supported by the majority of applications.
The basic benefit of the SOCKS5 protocol is that it enables hosts on one side of a SOCKS server to gain access to hosts on the other side of a SOCKS5 Server, without requiring direct IP-reachability. What this means in practice is that two e-Capsule™ clients will be able to securely exchange sensitive information over the e-Capsule™ Secure Channel in situations where other VPNs would fail.
The e-Capsule™ Secure Channel delivers all the benefits of standard VPNs without requiring any client installation, enabling the users to establish an encrypted communication channel to the server from any Internet-enabled PC :
The basic benefit of the SOCKS5 protocol is that it enables hosts on one side of a SOCKS server to gain access to hosts on the other side of a SOCKS5 Server, without requiring direct IP-reachability. What this means in practice is that two e-Capsule™ clients will be able to securely exchange sensitive information over the e-Capsule™ Secure Channel in situations where other VPNs would fail.
The e-Capsule™ Secure Channel delivers all the benefits of standard VPNs without requiring any client installation, enabling the users to establish an encrypted communication channel to the server from any Internet-enabled PC :
|
Local PCThe client application is launched from the USB Access Token and establishes as its first task the encrypted tunnel for authentication and authorization. All the session data is encrypted before it leaves the PC and decrypted only at the PC level. No information is ever left in clear while in transit or while stored on the server side. |
Internet LagAll data in transit is at least doubly-encrypted: first at the PC level and then while in the transmission tunnel. During this lag, the e-Capsule™ Secure Channel connects the client to the application server using the SOCKS5 proxy mechanism and delivers VPN-level security. All of this with the advantage of mobility and higher usability over traditional VPN technologies. |
Application ServersThe e-Capsule™ Application Server handles all security and remote file management requests initiated by the client components. Crucial security operations, such as user authentication and identification, as well as storage, management and exchanges of encryption/decryption keys, database storage and retrieval, data backups and data transport protocols are handled by the e-Capsule™ Server. However, no sensitive data are ever stored in clear on the server side: even system administrators cannot access or even just see the encrypted files. |