Black Forest Database™


We have made a breakthrough in high performance searchable encryption that fundamentally transforms the enterprise data layer into a zero knowledge trust layer. Black Forest DB™ safeguards your information while making it usable, valuable, and quickly accessible; relying solely on cryptography for trust.


Learn more

What is Black Forest DB™?

A truly zero knowledge database that delivers transformational digital trust. Black Forest DB™ provides the unprecedented security, performance, and scalability required for today's most demanding enterprise applications. Totally encrypted and completely private. Black Forest DB™ provides the security you need, the privacy you demand, and the data integrity you expect.

Security

Black Forest DB™ provides sophisticated security capabilities that applications can leverage including compartmented security labels and trusted user assertions so that applications can protect their users' data.

Learn more

Privacy

Zero Knowledge means just that. Black Forest DB™ has no knowledge of the encrypted data within it, even when indexing or searching the data. It can never be accessed or decrypted within the database.

Learn more

Integrity

Trusted user assertions, security labels, and zero knowledge indexing all add up to assured data integrity. Feel safe knowing the data you put in is the data you get out, and it's never accessible to anyone else.

Learn more

Zero Knowledge Encryption is the key to data security

  Databases are terrible at protecting information. Once a hacker or insider threat gets inside a database server they can steal everything, even if the database employs encryption features. The hacker or insider threat can easily access the unencrypted data the database needs to use to index records. For encrypted columns, the hacker or insider threat simply has to find the encryption keys inside that database server and then decrypt the data and steal it.

Data Arrives Encrypted

Your data is strongly encrypted before it ever reaches the Black Forest database server. You can trust that the data you enter is the data that gets stored.

Data Leaves Encrypted

Your data stays encrypted as you retrieve it from Black Forest and it can only be decrypted by you. The data you retrieve is the data you expect.

Data Never Unencrypted

Fully encrypted data full-time. Queries, indexes, and computations are done on your data in its strongly encrypted form. Data is never decrypted for any operation. Black Forest's patent-pending features will never put your data at risk.

No Encryption Keys Ever

Your encryption keys are never stored in Black Forest DB™ nor on its servers. Decryption of your data can never occur in Black Forest. If transactions are intercepted or a breach occurs, you can rest easy knowing the data cannot be decrypted by the intruder.

Zero Knowledge Application Architecture

Our application architecture minimizes attack surface and maximizes trusted surface.

A Full-Featured Database

The features you expect from a database, with the added power of zero knowledge

Transactional Operations

Operations in Black Forest DB™ can be executed in transactions. Incomplete transactions will roll back if any operation fails preventing data corruption and maintaining data integrity within the database.

ACID Properties

Black Forest DB™ transactions are atomic, consistent, isolated, and durable. Data modifications can be perfomed on multiple encrypted tuples as part of a transaction, even though the database can't decrypt the data.

Indexing/Searching

Black Forest DB™ supports efficient zero knowledge indexing of tuple, key-value, spatial, temporal, ngram, lexigraphic, multi-dimensional, and combination data types. Fully encrypted data, completely indexed.

Semantic Data Models

Black Forest DB™ natively represents data as N-tuples, typically consisting of a subject, predicate, object, and security label. This extremely flexible and powerful data model supports very simple key/value data as well as very sophisticated semantic relationships.

Massively Parallel

Nodes can be distributed over any number of servers. Data operations and queries are performed in parallel. This includes spatial, temporal, and semantic search operations. Black Forest DB™'s novel data partitioning method supports incredibly fast parallel queries and transactions.

Multiple Query Types

Unlike many other NoSQL databases, Black Forest DB™'s distributed indexing technology supports a variety of query types including range, spatial, temporal, semantic, and other complex query types all in parallel.

Partitioning

Black Forest DB™ utilizes a novel approach to partitioning data that doesn't sacrifice speed or data integrity. Data partitions can be created, removed, or replicated amongst multiple servers seemlessly and on the fly.

Access Control

Black Forest DB™ enforces access control using digitally signed user assertions. Combining this with multiple sophisticated layers of security, data is protected and only accessible to valid parties.

Security Labels

Data tuples stored within Black Forest DB™ can have application assigned security labels, which add an additional layer of protection and control. Applications can manage their encryption keys based on the security level, compartment and group they assign to their data tuples.

Flexible Data Model

An extremely flexible, agile data model for a wide variety of data needs.

Ontology

All data records are stored as literal or non-literal tuples. Black Forest DB™ has zero knowledge of a tuple's subject, predicate, or object.

Complexity

Subjects of data records can vary from simple semantic strings to complex data types including spatial and temporal types.

Customization

Pluggable indexing functions for complex and compound subject data types provide optimized indexing and querying performance.

Relationships

Easily model data relationships in the database. These relationships are also treated as first-class objects.

Extensibility

Extend data models at run-time by adding additional predicates. Build up a more complex data model over the lifetime of the application.

Access Control

Each literal and non-literal tuple allows for label-based access control. Each record can be restricted through fine grain access rights.

Assured Data Integrity

In many cases, unauthorized changes to information is as dangerous as outright data theft. Black Forest DB™ and its Zero Knowledge Encryption makes it easy for applications to ensure data integrity.

Checksums

Applications can digitally checksum data tuples using their secret encryption keys and verify those checksums to ensure data has not been manipulated maliciously.

Compartmentalization

Data can be compartmentalized using a combination of security labels on each tuple ensuring only those who need the data have access to it.

Zero Knowledge

With no saved encryption keys and all data entirely encrypted, storage and data layers are completely protected from possible intrusion and theft.

No Comparison

Where other databases fall short, Black Forest DB™ has you covered.

In a single second Black Forest DB™ can

index 100,000 records

perform 75,000 queries

on just 1 server instance*

Fully
Encrypted
ZERO
Knowledge
* - single Amazon EC2 server instance

Black Forest DB™'s revolutionary zero knowledge indexing technology provides the ability to index and rapidly query encrypted data without having to decrypt it.

Other databases must decrypt the data when indexing, searching, and querying which puts the data at risk of theft and increases the time it takes to return results.

Compartmented Security

Providing sophisticated security capabilities that applications can leverage to reduce their cyber threat exposure.

Benefits

Application Layer

  • Minimized Attack Surface

  • Multi-Level Data Access

  • Reduced Risk of Data Theft

  • More Resources for UX and Optimization

  • Reduced Cost and Time to Market

Features

Security

  • Compartmented Security Labels

  • Trusted User Assertions

  • Verifiable Strong Encryption

  • Individually Encrypted Compartments

  • Keyless, Zero Knowledge

Benefits

Data Layer

  • Nonexistent Attack Surface

  • Meets Regulatory Compliance Req's

  • Mitigates Insider Threats

  • Eliminates Intentional Data Corruption

  • Reduced Security Costs and Labor