Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Security

Data security is of the upmost importance for medical information. GazooResearch was developed with data security as priority number 1!

Security Features

On-Premise Design

GazooResearch does not run in the cloud it was designed to run locally on your physical hardware.

*Use of GazooReseach's AI model(s) requires data to be sent to Gazoo's servers via encrypted pathways (TLS and other state-of-the-art cryptographic methods), if this is a security issue, then use your OpenAI API compatible LLM servers.

Database Encryption

Gazoo uses an encrypted sqlite database. All the files which make up the database are always encrypted on the disk. It only decrypts blocks as they are read from disk.

Since the data is stored on a disk, we naturally base our approach on “Disk Encryption Theory”. For each type of file, we use the 256-bit AES cipher in the appropriate mode of operation. The AES cipher itself encrypts/decrypts individual files in the most efficient way possible. Your data will be safe on disk.

Document Encryption

Documents are stored on disk using a 256-bit AES CBC mode cipher. 256-bit AES encryption is considered safe against brute-force attacks. It has 2128 potential key choices, making it difficult to crack. A machine that can crack a DES key in a second would take 149 trillion years to crack a 128-bit AES key.

Transport Encryption

Communication between the different components of the software are secure, having been reviewed by a third party.

Suggested Security Features

Full Disk Encryption

MacOS: It's suggested that you use FileVault to encrypt all data written to disk. Debian: It's suggested that you use Linux Unified Key Setup (LUKS) hardrive encryption.

Air-Gapped Environment

For further data protection, Gazoo can run in an air-gapped environment (not connected to the internet), this is the gold standard for data security.

Example Security Paragraph

Medical information is secured using 6 layers of security:

Physical data security begins with the medical data being located 1) on-premise, 2) behind physical locked doors. The computer is 3) air-gapped from the outside network, and only accessed physically, with the 4)correct login credentials. The hardrive containing the data is 5)fully encrpyted at rest using the Linux Unified Key Setup (LUKS) which is a trusted hardrive encryption technique. While the computer is turned on, but the medical information is not being accessed (data is 'at rest'), the 6) data is encrypted using a 256-bit AES cipher.