Instead of attempting to replace or replicate existing user authorization, system authentication and access control security methods, ALTR follows a zero-trust model of assuming those methods have already been compromised through methods such as stolen credentials, hacked service requests or system-level jailbreaks. The solution automatically profiles how the enterprise’s application suite should use data, and monitors SQL layer requests to report out-of-bounds events and block specious consumption requests, even if authorized. ALTR uses a real-time tokenization service in a private ledger — independent but not mutually exclusive to encryption schemes — to instantly check the flow incoming request sources and types against the profile — retrieving and reassembling data from the vault if the requests are allowable, while preventing direct access to data resources.
