Security System

for Cloud Environments

Compliant to FedRAMP Level 4 Authentication

based on biometrics (fingerprint) validation

and hardware tokens (PIV Chip Cards)

IT Security Partner for Cloud Hosting Providers

SETECS Cloud Security System is unique combination of FedRAMP Level 4

security system for cloud environments combined with patented blockchain

Identity and Certificates Management Systems

Reliable and Validated Identities

Identities of users and business identities are created based on the X.500 Standard, validated using Bank ID / KYC procedures, encrypted for privacy protection, and stored in the secure Ledger

Three-Factor Authentication

Users are authenticated using three factors: possession of a smart card, PIN to activate smart card, and verification of the fingerprint stored in the card:

Role-based Authorization

Authorization to use applications and data are based on roles of users and enforced using “Smart Contracts” of the secure Ledger with nodes stored in the secure cloud servers

Encryption of Software Modules

Software modules as components of applications in cloud servers or as smart contracts are encrypted and resistant to all malware attacks

Location Access Control

Control of access by users to cloud servers and blockchain nodes is based on location of users so that national privacy, financial, and IT security regulations and policies can be applied and enforced

Database Encryption

All sensitive and personal data in database tables is transparently encrypted and protected against illegal access, hacks and theft

Subsystems and Components

PIV Cards Management

CannaFinex Payment System accepts payments by customers using either bank cards or Mobile Wallet with stable virtual currency (“digital dollar”)

System Administration

Web merchants can use Web Plug-ins to accept payments by customers using bank cards and they can also pay vendors with US $ or virtual currency.

User Security Services

Our system is validated by Payments Card Industry (PCI/DSS), it runs in FedRAMP certified cloud, and performs validation of customers using Bank ID System.

System Administration and Use

Setup and PKI Activation

The first step when activating an instance of Cloud Security System is to register the business operating the instance, start PKI / CA and issue X.509 certificates to the entity operating the instance. This step established reliable identity of the operating entiry

Download White Paper

Registration of Organization and Users

The next step is to register all organizational entities (Organization and Organizational Units) and users associated with those Units. These registrations are “hierarchical” and represent foundation of the PKI / Certification System

Download White Paper

Issuing PIV Cards

For every registered user PIV Card is issued. In that process, user’s photo, fingerprints and personal data are captured and stored in the chip of the Card. Two X.509 certificates are generated and also stored in theCard

Download Brochure

Administration of Roles

Authorization of users to access and use applications or specific functions is based on users’ roles in the organization. In this step pee-defined roles are associated with users what creates the foundation of Role-based Access Control (RBAC) system . .

Download Brochure

User Authentication

Authentication of users when accessing cloud applications is based on three factors: possession of the PIV Card, use of correct PIN, and successful verification of a fingerprint stored in the Card

Download White Paper