Analysis of a confidential object storage model built for data protection.

When dealing with storage, whether remote, public, hybrid, or on-premise, we primarily expect solutions focused on data storage and retrieval. The minimum system requirements in this case are scalability, fault tolerance, and high availability. This is always a compromise, which is addressed differently by different products depending on the chosen persistence model. But what if these truly are the minimum requirements for a storage system? What next?! Making it safe and reliable is the path we have chosen.

When we talk about secure storage, we understand it in its broadest sense. Reliable storage guarantees that data will not be lost in any emergency. If availability is not compromised, then the infrastructure is responsible for ensuring the path through which the data reaches the client. But secure storage encompasses all these concepts.

Our understanding of the CIA triad is implemented in Vivaxdata, meaning that in addition to availability, scalability, and fault tolerance, we must also ensure confidentiality and integrity. This is what distinguishes a resilient, secure storage system from traditional approaches.

We call this confidential, secure storage, where data protection is not some add-on to an existing S3-compatible storage system, but a self-regulating system built from the ground up, where questions of how to store are inseparable from questions of how to protect.

Our design is a unique combination of data storage and confidential computing technologies. Our closed secure environment is built on advanced encryption techniques, which in turn provide unmatched security and performance for various workload types. Multilateral certificates confirming connection and confirmation authenticity leave no hope of a backdoor.

Regardless of whether the cloud is public, hybrid, or even private or all-in-one, our semantic model is described quite simply: the client trusts no one; the storage provider is an attacker for the client. Only the client can see the data and regulate access rights through highly flexible access policies. Again, we, as a provider, are a potential threat to client data, and that's why our architecture is designed this way; that's why we offer zero-knowledge storage.

But let's go further. The client can be compromised. This can be schematically represented as a client acting as an attacker to itself. We address this by adding immutability, snapshots, and object locking (WORM), which prevents even us from physically deleting data.

This is what's called secure confidential storage.

Companies, especially those for whom data is the most valuable resource, are subject to hacks and ransoms. Every day we see various reports of data leaks, system breaches, successful phishing operations, and so on. Then we look at the statistics for the adoption of S3-compatible completely new API which has been growing rapidly for many years. Then we add to this mix the explosive, stunning, and uncontrolled adoption of AI and AI agents, which now have loosely controlled access to company data, and in most cases, direct internet access. Furthermore, with the development of this industry, the attack vector has increased exponentially. The result is a turbulent, explosive mixture with backdoors for every square centimetre.

It is precisely these modern challenges regarding privacy, security, convenient integration, performance, and deep access control that VD is designed to address. For highly regulated environments with high compliance requirements, this is the new standard in data storage systems.