• Open Source Software by eperi

    Transparent Security

When it comes to the security of your data, trust is good, control is better. No matter how good a data protection solution is – if you cannot completely verify the source code of the software and the implementation of the encryption algorithms, there is always the risk that your data is not sufficiently protected against access by unwanted third parties. Transparent open source security solutions, on the other hand, can be fully inspected by you or an expert of your choice. This way you can ensure that your data protection solution works correctly and without any back doors.

The basis of all eperi solutions is open source and thus offers the necessary verifiability and transparency. In addition to the commercial eperi products, eperi offers two open source solutions for free download.

secRT

The basis of the eperi solutions is the secRT (security Runtime). It was developed by eperi together with the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik – BSI), which also tested it. The secRT is downloadable for free on our website. The source code is published under LGPL license. secRT is based on the principles of service-oriented architecture (SOA) as well as on open standards and can therefore be integrated into all system environments. The secRT workflow engine enables the programming of security processes with minimal effort. All administrative functionalities are also available via WSDL-API, so that they can be easily integrated into your own development projects.

Functionality

  • Entity management – manage users and roles
  • Key management – a complete PKI infrastructure for keys and certificates
  • Cryptographic functions – simply select the appropriate algorithm
  • Workflow engine – for automated security processes
  • Platform-independent runtime environment for security software
  • API functionality for partner products

Download versions

eperi XML Gateway

The eperi XML Gateway was developed based on the secRT. It is a security solution that successfully protects Web services and SOA infrastructures while remaining transparent to applications and users. The gateway can be used as software, but also as a virtual appliance – both in the enterprise and in the cloud. The XML Gateway is available for download as Open Source software

Functionality

  • SOA Security: The eperi XML Gateway offers SOA security standard methods such as XML encryption, XML signature, WS security and Security Assertion Markup Language (SAML). This makes the eperi XML Gateway a scalable solution for comprehensive protection of SOA infrastructures.
  • XML Firewall: The XML Firewall logs HTTP/XML traffic and shows an overview of all requests and responses. In addition to real-time monitoring, the eperi XML Gateway detects and blocks a wide variety of attacks.
  • Easy administration: Thanks to predefined XML security functions, even complex security requirements can be configured very easily. Each of these functions can be managed via the web-based interface.
  • Reverse Proxy
  • Low administration effort due to workflows
  • Maximum interoperability through consistent use of standards
  • Prevention of hacker attacks on web services
  • Protected Web Service Availability and Web Service Confidentiality
  • WS Security Standards
  • XML encryption
  • XML signature
  • SAML 1.1/2.0
  • XML firewall
  • XXE attack detection
  • SQL injection detection
  • scheme validation
  • Replay attack detection
  • WSDL scan prevention

Download versions

  • eperi XML Gateway 1.2 – Demonstrator

    Preconfigured system with demo data for Windows: Recommended for users who want to test the latest version of the eperi XML Gateway in a demo environment. Unzip the ZIP archive and follow the instructions in the demonstrator tutorial.

  • eperi XML Gateway 1.2 – Virtual Appliance

    Virtual Machine (Open Virtualization Format Archive which can be used in VMWare, VirtualBox etc.): Recommended for users who want to use the gateway as a virtual appliance. A ZIP archive containing a pre-configured environment (CentOS, Tomcat). Unpack the ZIP archive and follow the instructions in the VM tutorial.

  • eperi XML Gateway 1.2 – WAR

    Multi-platform Java web app for Java Servlet Container: recommended for advanced users who want to use the eperi XML Gateway productively. Requires an existing Java servlet container such as Apache Tomcat. Delivered as a WAR file – follow the instructions in the Quick Installation Guide.

  • eperi XML Gateway: AFC Version

    This version is provided exclusively for Allianz members. In comparison with the Open Source version, it includes additional functionalities such as the possibility to XSLT-transform XML messages.

Do you have any questions or would you like to arrange a live demo of an eperi Cloud Data Protection solution?