Cryptography and Data Security Architecture
The Myrmex platform implements a security-in-depth (defense-in-depth) architecture, combining multiple layers of independent cryptographic controls and tenant isolation to ensure the confidentiality, integrity, and availability of data at every stage of processing.Defense-in-Depth Overview
Our approach ensures that no single layer is a point of failure. Data protection is maintained even if one control layer is under maintenance or analysis.Encryption in Transit
External, internal, and device-level encrypted communication channels.
Encryption at Rest
Full storage-level encryption for all datastores and backups.
Field-Level Protection
Granular encryption of sensitive data before it reaches the database.
Tenant Isolation
Strict logical and cryptographic segregation at organization and context levels.
1. Multi-Layer Encryption in Transit
Myrmex ensures that data is protected from interception throughout its entire journey, from the customer browser to the internal microservices and down to the physical endpoints.Perimeter Security
All external traffic between clients and the platform is protected by TLS 1.2+ using secure cipher suites. Certificates are managed automatically to ensure continuous availability and encryption.Internal Service Mesh
Communication between internal platform services is protected by mutual TLS (mTLS).- Automatic Encryption: All service-to-service traffic is transparently encrypted.
- Cryptographic Identity: Each service has its own identity, ensuring that only authorized services can communicate.
- Zero-Trust: Internal infrastructure components never have access to the plaintext of internal communications.
Device Connectivity (The Tunnel)
The communication channel between the platform and the physical agents implements an additional layer of application-level encryption:- Handshake: Secured by RSA 4096-bit (OAEP/SHA-256).
- Session Key: A unique, ephemeral AES-256 key is generated for each connection.
- Payload Protection: All WebSocket messages are protected by AES-256-GCM, providing both confidentiality and integrity (authenticated encryption).
2. Encryption at Rest
Every piece of data stored in the Myrmex platform is encrypted at the physical level:- Managed Datastores: All databases (PostgreSQL, MongoDB, Redis) use encrypted storage volumes.
- Backups & Snapshots: Automated backups and snapshots are inherently encrypted at the storage level.
- Performance: This layer operates transparently at the hardware/hypervisor level, ensuring data protection without performance impact.
3. Field-Level Encryption (Tenant-Aware)
This is the most granular layer of protection. Sensitive fields are encrypted before being persisted, ensuring that the database itself never holds sensitive plaintext.Decentralized Key Management
Myrmex implements a strict Separation of Duties between data storage and key management.- Databases store only encrypted ciphertext.
- Encryption Engine maintains the cryptographic material and executes operations.
- No Single Point of Access: There is no single component that possesses both the data and the keys in a persistent state.
Hierarchical Isolation (Org & Context)
Isolation is enforced mathematically through unique cryptographic material for each tenant level:org_id(Organization): The primary tenant level. Each organization has its own exclusive encryption keys.context_id(Context): Secure operational scopes within an organization. Each context further isolates data with specific keys.
This prevents “cross-tenant” decryption. Data belonging to Organization A cannot be decrypted using keys from Organization B, even if there was access to the underlying storage.
4. Searchable Encryption
To allow for efficient searching (e.g., searching for a specific user or device) without exposing plaintext in the database, Myrmex uses deterministic search hashes.- Tenant-Bound Hashes: Hashes are generated using the tenant’s unique context.
- Privacy First: This allows for indexed, high-performance lookups while maintaining full data confidentiality.
5. Resilience and Availability
Security includes ensuring that data is protected but also available when needed.- High Availability (HA): All datastores are deployed in multi-zone/regional configurations.
- Point-in-Time Recovery: Sensitive environments support recovery to specific timestamps, with all recovered data maintaining its original encrypted state.
- Continuous Monitoring: Audit logs record every cryptographic operation (encryption, decryption, key rotation) to ensure full traceability.
Summary of Guarantees
| Layer | Implementation | Security Guarantee |
|---|---|---|
| External Network | TLS/HTTPS | Perimeter confidentiality |
| Internal Network | mutual TLS (mTLS) | Zero-trust internal connectivity |
| Device Channel | RSA + AES-GCM | End-to-end payload encryption |
| Storage | Hardware Encryption | Protection of physical disks and backups |
| Data Fields | AES-256-GCM | Field-level protection with separate keys/data |
| Isolation | Org & Context Keys | Cryptographic tenant segregation |