Guides

Multi-layer security framework

Suggest Edits

Zero trust architecture (ZTA)

Central to the Palisade security framework is ‘Zero Trust Architecture’ (ZTA), a security model which assumes that networks and users are hostile and should not be trusted by default.

In practice, this means that all requests to access your digital assets, whether they originate from inside or outside your organization, are subject to a rigorous authentication process.

In Palisade, ZTA is implemented through a number of features:

  • Multi-factor authentication is required for users to login to their Palisade account
  • User management - organization administrators can assign different levels of access to different users. We recommend assigning the least amount of privilege/access needed for users to complete tasks
  • Policies – organization administrators can select which users are authorized to initiate transactions from wallets
  • Approvals – setting up approval groups means that certain users must approve transactions before they are submitted to the blockchain

Hardware security modules (HSM)

HSMs are secure, tamper-resistant hardware devices specifically designed to store and manage cryptographic keys, execute cryptographic operations and process sensitive information.

Palisade utilizes HSMs that are certified to Federal Information Processing Standard (FIPS) 140-2 Level 3 or higher. They are therefore fully compliant with federal regulations. These HSMs are architected to defend against unauthorized access and tampering, and they respond to intrusions by automatically zeroizing (or erasing) sensitive information.

See our Wallets guide for information on how Palisade HSMs are used to generate and protect your digital asset wallet keys.

Multi-party computation (MPC)

Multi-party computation (MPC) is a cryptographic protocol that allows multiple parties to jointly compute a function over their inputs while keeping them private. This means that even if one party is compromised, the security and privacy of the transaction is preserved as no single party holds the complete key.

See our Wallets guide for information on how Palisade uses MPC to generate and protect your digital asset wallet keys.

Updated about 2 months ago