Public Key Infrastructure
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Public Key Infrastructure as PDF for free.
More details
- Words: 1,743
- Pages: 5
Public Key Infrastructure: an e-business view As e-business evolves, new business models are bringing about a plethora of changes. Interconnectivity between vendors, suppliers, customers, and employees has gained a new level of importance as a competitive edge.
The value of intellectual property has skyrocketed. Accompanying these changes are e-business related risks. Business to business and business to consumer e-business applications require information security to develop new approaches in regards to infrastructure and trust models.One of the primary concerns identified by both businesses and consumers in establishing and participating in e-business is the potential loss of assets due to security breaches of commercial transactions and corporate computer systems. A security breach not only erodes confidence in the business but also impacts the organization’s reputation capital. Case studies have discussed various risks ranging from breach of privacy, breach of confidentiality, sabotage, vandalism, loss of data integrity, theft and fraud. Do these concerns sound familiar? Fraud, unauthorized access, observation, content alteration and denial of action are the same primary concerns we face in the brick and mortar world. However, when you move from physical world security to security in the networked world, additional variables must be considered. The requirements to manage these concerns remain the same and respectively they are authentication, authorization, privacy, data integrity and non-repudiation. The manner, in which the requirements are met, however, changes significantly. Most communications today are not private nor are they secure unless explicitly protected by encryption mechanisms. Digital media are susceptible to malicious attacks and random errors. Data that is stored on a network, or that is passed from one user to another, must be protected from these and other threats. As a result network security is paramount to every corporation that stores sensitive data digitally. To be sure that the data is secure, a security policy, which ensures entity authentication, non-repudiation, data integrity, data confidentiality, and access control, is an absolute necessity. Data confidentiality plays a major role within the transaction framework. Sensitive data, including, but not limited to, business plans, financial transactions, etc. must be safeguarded from prying eyes. Data integrity systems insure that the message sent and the message received are the same. Non-repudiation gives a recipient the confidence that the sender cannot successfully deny having sent a particular message.
1
This is quite important in financial transactions where someone may wish to refuse a bill claiming that they hadn’t requested the service in the first place. Using a system that provides non-repudiation, the service or data provider can produce irrefutable evidence that the request was in fact made and therefore the bill is legitimate. In a secure system, entity authentication is required so that each user can be satisfied that they are communicating with only the person, corporation, or server, they wish to be communicating with. For example, users sending their credit card number across a network to make a purchase want to be certain that they are dealing with a trustworthy merchant rather than a fraud who wishes to steal their credit card number for a private spending spree. If the user verifies the identity of the merchant, they will send their credit information with greater confidence. Sensitive data stored on a network requires policies to administer access rights. Access control enables an administrator to ascertain access privileges of an entity before allowing them access to the data, or even before verifying the existence of the data. A public key infrastructure (PKI) can provide much greater assurances than other methods to meet the collective requirements of digital security for entity authentication, non-repudiation, data integrity, data confidentiality, and access control. Cryptographic theory is the basis upon which the PKI creates this secure environment. By meeting these security needs, a PKI is a very effective tool to provide trust in networks in both intranet, extranet and Internet environments, insuring that sensitive data is protected. Public-Key Infrastructure A PKI is comprised of several components, policies, and users that combine to perform the tasks required for digital security. The primary components of a PKI are the Certification authority (CA), the Registration Authority (RA), Certificate Repository, the applications that use the PKI, the subscribers to the PKI, and the policies being implemented by the components of any specific PKI. The Certification authority (CA) The Certification authority is at the very core of the PKI. It is the responsibility of the CA to create, distribute, and possibly revoke the certificates used in the PKI. The Certification authority is trusted to perform the function of binding a public key pair to a given identity. The CA certifies the key pair / identity binding by digitally signing a data structure that contains some representation of the identity and a corresponding public key. This data structure is called a public key 2
certificate. In the digital world of the PKI a certificate is a file that contains a user’s public key and identifying information about that user. This identifying information is usually data such as their name, address, phone number, etc. The creation of the digital certificates is a process of binding the identification data to the public key data. The CA accomplishes this by digitally signing the information with its’ private key. Before signing the certificate, the CA verifies the information contained in it, for example by meeting the applicant in person. This verification process is known as vetting the certificate. Vetting or verification processes will vary according to the security policy of the organization. Since the CA is a fundamental part of the PKI, its public key is widely known and trusted. Once the certificate is created it is stored in a certificate repository, the CA then distributes copies to authorized users as required. Although all certificates are issued with a validity period, immediate certificate revocation may also be a necessity. Should the information reflected in the certificate change, or if the key pair should no longer be trusted, it is the responsibility of the CA to rescind the authority granted by the certificate through the process of certificate revocation. Many implementations use a Certificate Revocation List (CRL) to control certificate revocation. Periodically the CA publishes a list the CRL of certificates that are no longer valid within the PKI. In some cases a CRL may be an acceptable method for certificate revocation. There are, however, difficulties inherent in the use of a CRL that must be accepted or overcome in a secure implementation. The CRL can grow large over the lifespan of a PKI, as many certificates may need to be revoked. Publishing a large list may be a problem for some limited bandwidth systems. Sending CRL updates saves bandwidth when updating the CRLs. In this case a full CRL is sent out periodically, during times of lower demand on the available resources. It is also possible to distribute a list containing the certificates revoked since the last full publication is published. These smaller updates keep the CRL fresher while creating less network traffic. Another technique is to use distributed CRLs, which spread the entire CRL over several locations so that the lists are smaller in each place. Unfortunately smaller lists create additional management and synchronization problems. Another issue to be considered when using a CRL is that the data contained in the list may be out of date as soon as it is published. A certificate is revoked moments after a CRL or CRL update is published will be considered valid until the next publication. The Online Certificate Status Protocol (OCSP) has been developed to address the difficulties involved with using CRLs. OCSP allows direct 3
queries for up to date certificate revocation data. A particular response to an OCSP query contains only the information about the certificates in question, saving bandwidth. PKI security may also be increased using OCSP as features may more easily applied which will ensure strong access to the OCSP system. OCSP allows for real-time certificate status checking supplying immediate revocation information on a given certificate. The Registration Authority (RA) The Registration Authority provides an administrative role in the PKI. One of the roles an RA plays in a PKI is that of a certificate vettor. Often the RA function is a part of the responsibility of the CA organization. The vetting of certificates can be quite a time intensive job and for achieving trust, it must be taken care of as close to the holder of the keys to be certified as possible. In the case of a global PKI it may be inconvenient for all the members to travel to a particular centre to have their identity verified. The RAs can be distributed so that personal travel and inconvenience is minimized. The RA function also allows the vetting and issuing process to be separated. The CA creates the certificate and may either distribute the certificate directly to the end user, or to the RA who then distributes the certificate to the requestor. The Policy In order to effectively implement a PKI, a series of policies to govern the human element of the PKI must be in place. These are spelt out in documents such as the Certification Practice Statement (CPS) and the Certificate Policy (CP). A CPS describes the practices employed in issuing and managing certificates. It may include a description of service offerings, detailed procedures for life-cycle management operational information, etc. Furthermore the CPS provides a legal framework describing the obligations and liabilities of the CA. By contrast, a CP generally consists of a set of rules that indicate the applicability of the certificate to a particular community and/or class of applications with common security requirements. The CP generally addresses higher level policy requirements the CPS tends to be a fairly detailed and comprehensive technical and procedural document regarding the operation of the supporting infrastructure. Conclusion Generally speaking PKI usage can be put into three categories: •
Identification of who is accessing information or providing information. 4
• •
Securing communications between authenticated parties. Providing for authentication and data integrity in computerized applications and making possible digital signatures, the strongest form of electronic signature now available.
Increased use of digital technology in the business world is inevitable, and PKI provides an integrated set of services which together make possible digital business systems having extremely strong security properties, including entity authentication, non-repudiation, data integrity, data confidentiality, and access control. By meeting these five basic needs of digital security, PKI technology provides a secure foundation upon which a stable e-commerce can be built.
5
The value of intellectual property has skyrocketed. Accompanying these changes are e-business related risks. Business to business and business to consumer e-business applications require information security to develop new approaches in regards to infrastructure and trust models.One of the primary concerns identified by both businesses and consumers in establishing and participating in e-business is the potential loss of assets due to security breaches of commercial transactions and corporate computer systems. A security breach not only erodes confidence in the business but also impacts the organization’s reputation capital. Case studies have discussed various risks ranging from breach of privacy, breach of confidentiality, sabotage, vandalism, loss of data integrity, theft and fraud. Do these concerns sound familiar? Fraud, unauthorized access, observation, content alteration and denial of action are the same primary concerns we face in the brick and mortar world. However, when you move from physical world security to security in the networked world, additional variables must be considered. The requirements to manage these concerns remain the same and respectively they are authentication, authorization, privacy, data integrity and non-repudiation. The manner, in which the requirements are met, however, changes significantly. Most communications today are not private nor are they secure unless explicitly protected by encryption mechanisms. Digital media are susceptible to malicious attacks and random errors. Data that is stored on a network, or that is passed from one user to another, must be protected from these and other threats. As a result network security is paramount to every corporation that stores sensitive data digitally. To be sure that the data is secure, a security policy, which ensures entity authentication, non-repudiation, data integrity, data confidentiality, and access control, is an absolute necessity. Data confidentiality plays a major role within the transaction framework. Sensitive data, including, but not limited to, business plans, financial transactions, etc. must be safeguarded from prying eyes. Data integrity systems insure that the message sent and the message received are the same. Non-repudiation gives a recipient the confidence that the sender cannot successfully deny having sent a particular message.
1
This is quite important in financial transactions where someone may wish to refuse a bill claiming that they hadn’t requested the service in the first place. Using a system that provides non-repudiation, the service or data provider can produce irrefutable evidence that the request was in fact made and therefore the bill is legitimate. In a secure system, entity authentication is required so that each user can be satisfied that they are communicating with only the person, corporation, or server, they wish to be communicating with. For example, users sending their credit card number across a network to make a purchase want to be certain that they are dealing with a trustworthy merchant rather than a fraud who wishes to steal their credit card number for a private spending spree. If the user verifies the identity of the merchant, they will send their credit information with greater confidence. Sensitive data stored on a network requires policies to administer access rights. Access control enables an administrator to ascertain access privileges of an entity before allowing them access to the data, or even before verifying the existence of the data. A public key infrastructure (PKI) can provide much greater assurances than other methods to meet the collective requirements of digital security for entity authentication, non-repudiation, data integrity, data confidentiality, and access control. Cryptographic theory is the basis upon which the PKI creates this secure environment. By meeting these security needs, a PKI is a very effective tool to provide trust in networks in both intranet, extranet and Internet environments, insuring that sensitive data is protected. Public-Key Infrastructure A PKI is comprised of several components, policies, and users that combine to perform the tasks required for digital security. The primary components of a PKI are the Certification authority (CA), the Registration Authority (RA), Certificate Repository, the applications that use the PKI, the subscribers to the PKI, and the policies being implemented by the components of any specific PKI. The Certification authority (CA) The Certification authority is at the very core of the PKI. It is the responsibility of the CA to create, distribute, and possibly revoke the certificates used in the PKI. The Certification authority is trusted to perform the function of binding a public key pair to a given identity. The CA certifies the key pair / identity binding by digitally signing a data structure that contains some representation of the identity and a corresponding public key. This data structure is called a public key 2
certificate. In the digital world of the PKI a certificate is a file that contains a user’s public key and identifying information about that user. This identifying information is usually data such as their name, address, phone number, etc. The creation of the digital certificates is a process of binding the identification data to the public key data. The CA accomplishes this by digitally signing the information with its’ private key. Before signing the certificate, the CA verifies the information contained in it, for example by meeting the applicant in person. This verification process is known as vetting the certificate. Vetting or verification processes will vary according to the security policy of the organization. Since the CA is a fundamental part of the PKI, its public key is widely known and trusted. Once the certificate is created it is stored in a certificate repository, the CA then distributes copies to authorized users as required. Although all certificates are issued with a validity period, immediate certificate revocation may also be a necessity. Should the information reflected in the certificate change, or if the key pair should no longer be trusted, it is the responsibility of the CA to rescind the authority granted by the certificate through the process of certificate revocation. Many implementations use a Certificate Revocation List (CRL) to control certificate revocation. Periodically the CA publishes a list the CRL of certificates that are no longer valid within the PKI. In some cases a CRL may be an acceptable method for certificate revocation. There are, however, difficulties inherent in the use of a CRL that must be accepted or overcome in a secure implementation. The CRL can grow large over the lifespan of a PKI, as many certificates may need to be revoked. Publishing a large list may be a problem for some limited bandwidth systems. Sending CRL updates saves bandwidth when updating the CRLs. In this case a full CRL is sent out periodically, during times of lower demand on the available resources. It is also possible to distribute a list containing the certificates revoked since the last full publication is published. These smaller updates keep the CRL fresher while creating less network traffic. Another technique is to use distributed CRLs, which spread the entire CRL over several locations so that the lists are smaller in each place. Unfortunately smaller lists create additional management and synchronization problems. Another issue to be considered when using a CRL is that the data contained in the list may be out of date as soon as it is published. A certificate is revoked moments after a CRL or CRL update is published will be considered valid until the next publication. The Online Certificate Status Protocol (OCSP) has been developed to address the difficulties involved with using CRLs. OCSP allows direct 3
queries for up to date certificate revocation data. A particular response to an OCSP query contains only the information about the certificates in question, saving bandwidth. PKI security may also be increased using OCSP as features may more easily applied which will ensure strong access to the OCSP system. OCSP allows for real-time certificate status checking supplying immediate revocation information on a given certificate. The Registration Authority (RA) The Registration Authority provides an administrative role in the PKI. One of the roles an RA plays in a PKI is that of a certificate vettor. Often the RA function is a part of the responsibility of the CA organization. The vetting of certificates can be quite a time intensive job and for achieving trust, it must be taken care of as close to the holder of the keys to be certified as possible. In the case of a global PKI it may be inconvenient for all the members to travel to a particular centre to have their identity verified. The RAs can be distributed so that personal travel and inconvenience is minimized. The RA function also allows the vetting and issuing process to be separated. The CA creates the certificate and may either distribute the certificate directly to the end user, or to the RA who then distributes the certificate to the requestor. The Policy In order to effectively implement a PKI, a series of policies to govern the human element of the PKI must be in place. These are spelt out in documents such as the Certification Practice Statement (CPS) and the Certificate Policy (CP). A CPS describes the practices employed in issuing and managing certificates. It may include a description of service offerings, detailed procedures for life-cycle management operational information, etc. Furthermore the CPS provides a legal framework describing the obligations and liabilities of the CA. By contrast, a CP generally consists of a set of rules that indicate the applicability of the certificate to a particular community and/or class of applications with common security requirements. The CP generally addresses higher level policy requirements the CPS tends to be a fairly detailed and comprehensive technical and procedural document regarding the operation of the supporting infrastructure. Conclusion Generally speaking PKI usage can be put into three categories: •
Identification of who is accessing information or providing information. 4
• •
Securing communications between authenticated parties. Providing for authentication and data integrity in computerized applications and making possible digital signatures, the strongest form of electronic signature now available.
Increased use of digital technology in the business world is inevitable, and PKI provides an integrated set of services which together make possible digital business systems having extremely strong security properties, including entity authentication, non-repudiation, data integrity, data confidentiality, and access control. By meeting these five basic needs of digital security, PKI technology provides a secure foundation upon which a stable e-commerce can be built.
5
Related Documents
Public Key Infrastructure
May 2020 11
Public Key Infrastructure (pki)
November 2019 19
Extra- Public Key Infrastructure
April 2020 19
Public Key Infrastructure
November 2019 13
Public Key Infrastructure
November 2019 12