Nexalta's eDAC (edge data access controller) is the key software component that sits above the hardware component (our smart gateway) in our tech stack. eDAC is our customised CASB solution for decentralised private cloud architectures.

eDAC breaks the boundaries of traditional identity-based data access control that has historically been implemented in organisations through resource and user management controllers (think Active Directory), and then extended through CASB and ZTNA solutions to support the public cloud paradigm. In our decentralised architecture, the boundaries between internal and external users are blurred, and the data access policy is embedded in the data itself. eDAC grants access rights to the data each time, and the data cannot be decrypted without eDAC.

eDAC does not require the parties to have a smart gateway at all times, but utilises the onboarding process, where the user only needs to link ONCE to a nearby smart gateway, to deploy the PKI infrastructure that ensures end-to-end encryption.

Thus, eDAC enables our solution to overcome the challenges of healthcare data spaces, where stakeholders belong to different organisations and are geographically distributed, WITHOUT having to resort to the traditional centralised public cloud model, which is a hacker's best friend, as recently demonstrated with the CCC's German ePA cracking proof-of-concept.

More on the topic here: https://www.ccc.de/de/updates/2024/ende-der-epa-experimente