• What is the problem/issue being addressed?
Although the use of encryption in the business is increasing, most of the data are still stored unencrypted. Companies apply improved security measures but still suffer from cyberattacks and data breaches. Even though hardware security modules (HSM) are the most secure options in cryptographic processing and key management, they are expensive, and their usage is limited to large entities. I4P Ltd. has developed the world’s first multi-party HSM module, which can distribute encryption keys on several devices, thus significantly reducing the security risk. Built on this HSM, I4P aims to develop a scalable cloud-based system (TRIDENT ELASTIC HSM PLATFORM), and E-privacy services based onthis platform, which offers the most comprehensive crypto security services even for users with a single, entry-level HSM device. Besides the large enterprises and organisations, Trident Elastic HSM platform will be available to a great number of cost-sensitive SMEs, significantly increasing the security of digital information management.
• Why is it important for society?
As digital technologies gain share across all businesses, e-privacy is becoming crucial to all players. The most vulnerable market players are the cost-sensitive small and medium enterprises, who cannot afford the most secure and up-to-date cryptographic solutions. The TRIDENT ELASTIC HSM PLATFORM offers the organisations and companies unparallel security at affordable cost, primarily on the following areas:
1. GDPR Compliance for companies – TRIDENT’s solution for general GDPR compliance for employment addresses the growing need of employees, who want to be the dominant player, practically enforcer of the secure protocol, as data providers, in contrast with legacy human resource management systems or traditional HR protocols, where data collector is the enforcer (the company). TRIDENT users gain total control over their employment data and other personally identifiable information (or personal data as referenced in GDPR), while the multi-party HSM system ensures cutting edge security. The two-sided platform mediates between employees and companies by providing split access control and secure data share between the relevant parties.
2. Patient Data Privacy Service – TRIDENT’s solution for the E-Health application introduces a disruptive approach to the share and storage of patient data. Powered by the HSM Elastic Platform, TRIDENT E-Health Privacy service addresses the growing need of patients, who want to be the dominant player and enforcer of the secure protocol, as data providers. TRIDENT users gain total control over their health data, while the multi-party HSM system ensures cutting edge security. The two-sided platform mediates between patients and General Practitioners (GPs) or larger Healthcare institutions, by providing split access control and secure data share between the relevant parties.
3. General Personal Data Access Control – TRIDENT offers a mobile application-based solution for the mass consumer market, that enables the available most secure and reliable way for personal users to generate, store, share and manage their cryptographic keys, to protect access to their data.
4. Digital Document Security Service - TRIDENT’s solution for the Document Security application introduces a disruptive approach to disclose and enclose private or public documents safely. In this service, sensitive data that is not stored at discloser’s premise, and access to them can be revoked at any time, while a trusted third party can help to decrypt encrypted data.
• What are the overall objectives?
This feasibility study aims to objectively and rationally uncover the strengths and weaknesses of an existing business of I4P and the proposed innovative ELASTIC HSM Platform and E-privacy services, opportunities and threats present in the environment, the resources required to carry through, and ultimately the prospects for success. The feasibility study provides an industrial environment analysis of the business and the proposed development, a description of the products and services, business plan estimations, details of the operations and management, marketing research and policies, financial data, and legal requirements. The study precedes technical development and project implementation.
The overall business objective is to become the leading e-privacy service provider within the industry segment and achieve €30 million revenue by 2025 with global sales through the established indirect sales channel.