In the current context where the protection of sensitive data is the primary issue of this new decade marked by digital transformation, we are proud to announce that our PARSEC solution has obtained the CSPN certification delivered by the ANSSI. The guarantee of using an approved solution for sharing and storing files in the cloud is a guarantee of assurance and confidence for companies.
After the evaluation audit by the ANSSI which started on April 16, 2020, the PARSEC security target was validated on April 16, 2021.
See the official publication of the ANSSI
Scope of certification
SCILLE has developed, in collaboration with the DGA (French Ministry of Defence) and the Laboratoire Bordelais de Recherche en Informatique (LaBRI), the highly secure PARSEC solution which guarantees the confidentiality, authenticity and integrity of sensitive data shared and stored anywhere in the world, regardless of the storage cloud.
PARSEC is an open source cryptographic concept of decentralized trust distribution:
- 1) Zero Trust,
- 2) with zero knowledge diffusion or "Zero Knowledge",
- 3) and User-centered Security Model.
- 4) allowing the "micro-segmentation" of sensitive data
- 5) operating in "WORM (Write Once, Read Many)" mode.
The PARSEC sensitive data navigator behaves like an application store whose first operational brick, currently marketed in "SaaS" and "on premise" mode, is a distributed storage of sensitive documents in "Dropbox" mode, with the ergonomics of a virtual USB key synchronized between trusted users.
PARSEC guarantees the traceability, confidentiality, integrity and availability of information to its users.
Security target
The PARSEC research project is based on a strategic vision of the evolution of the cloud and the internet. Network traffic control no longer guarantees data confidentiality, let alone integrity and authenticity. The security strategy must become "Zero-Trust" i.e. "Zero Trust". This notion implies that:
- Any network is by default considered hostile;
- Internal and external threats are present at all times on the network;
- Being inside an internal network is never a guarantee of absolute confidence;
- Each terminal, each user and each network flow must be authenticated and authorized;
- Security policies should be dynamic and defined from as many data sources as possible.
PARSEC is designed for organizations that want to build trusted enclaves on a cloud using low-cost, low-security cloud infrastructures. It is an additional layer of security for a trusted group that already complies with current regulations, including those related to end-users.
