COLDSTOR Data's IC3ETM Architecture; An Overview
COLDSTOR Data's patented, Integrated Communication and Content Containment Environment ( IC3ETM) Architecture is designed to:
- insulate and secure content in transit to and from the archive,
- ensure its integrity over many years of storage,
- provide proof that your data has been kept secure and unaltered,
- ensure that data can be recovered in a useable form, and
- document that guidelines regarding its handling, distribution and disposition have been observed throughout its lifetime.
Here is a quick guide to the system's components and a guide to how they work
The Client-side Appliance
Content worth archiving is worth properly securing in transit. If an enterprise seeks to transfer terabytes of content, efficiency is important as well. content needs to be delivered back and forth as quickly as possible.
COLDSTOR Data ensures high speed delivery of deeply encrypted content using a client side software appliance we call the ICEBoxTM.
The ICEBox sits at the customer premises and can be set up as a stand-alone unit or integrated into your company's internal network. It generates a highly secure, high-speed communications link to its dedicated remote archive. Because content should not be modified after being collected, the ICEBox is designed to be the location for caching frequently accessed content, performing pre-archive maintenance tasks such as de-duplication, and for performing content analyses.
The Communications Channel
Communications between the customer site and the remote archives are encapsulated in a proprietary clusterfile nicknamed the ICECube by COLDSTOR Data staffer. The ICECube amalgamates all data, metadata, authenticity proofs and related files transmitted between the customer site and the archives in a form readable only by its dedicated remote archive manager.
The Archive Manager
The guardian of the system is our remote archive manager called the ICETray. ICETrays are designed to provide another layer of safety guarding against unwanted external intrusions. Only they can pass data to and from the remote archives, and only to their specific counterparts. Like other parts of the system they tracks all access requests in a write once encoded log. The ICEtray also monitors the security of the remote archive data elements and perform a variety of authentication and integrity checks of stored content plus a variety of checks on the physical integrity of storage media and hardware.
Deep (but active) Archive Repositories
Content is stored in redundant arrays that are replicated in at least two identical, geographically distant repositories. These repositories have been designed to be almost infintely scalable, with capacities that can extend to exabytes of content. They contain content data, access rights, all metadata needed to authenticate content security and integrity, records of all access attempts and other system events, plus "engines" needed to get your data back up in a form your current system can recognize and effectively access, even generations from now.
COLDSTOR Data Archive Repositories are generally in "DEEPFreeze" mode, being logically offline except when being monitored for authenticity or in active use by the customer. However, they are not "COLD" stored! They don't need to be "mounted" in the manner of tape or optical storage and can be brought online in a matter of minutes if not seconds.