Upload
mstanislav
View
216
Download
0
Embed Size (px)
Citation preview
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 1/9
Securely Sharing Private Data Through Centralized Key
Management in Large Network Environments
Mark [email protected]
Abstract
As data sharing amongst members of corporations or large organizations
has surpassed the threshold of ubiquity, the need for an effective and
secure manner of private data distribution has emerged as a primary
challenge to rectify. Complexity of authentication mechanisms and
network infrastructure overhauls prevent the average large company or
governmental agency from quickly deploying the needed data solutions of
a modern secure network.
Solutions to this complex situation must fulfill many needs, both as far as
technology integration is concerned, as well as breadth of functionality.
Current secure systems must feature auditing support, as well as schemas
to prevent abuse of privileges. The hardship in delivering such a solution
occurs in providing software that is supported by a large span of platforms
and can be end-user friendly. The essential use of software is highly
lessened, regardless of policy, if the software adds too much complexity to
an end-user’s daily tasks.
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 2/9
Information security is a critical aspect of any modern computing network with the U.S.
federal government projected to spend $9.6B in information security contracts by 2013. The rise
of integrated networks, file-sharing, portable media, mobile devices, and laptops has created a
worrying complexity of how to secure data in a manageable way that won’t impede productivity
and efficiency. Solutions to sharing private keys such as the Diffie-Hellman Key Exchange (D-
H) prove to be highly ineffective when negotiation of technologies in disparate networks exist. In
addition to the complexity of doing wide-scale key distribution, auditing the release of these
private keys is currently hard to accomplish without adding additional layers of trouble for the
everyday end-user.
Compliance with HIPPA and Sarbanes-Oxley (SOX) is becoming more crucial yearly to
companies to provide assurances to their customers and clients that adherence to data privacy is a
priority. Without a proper auditing mechanism within any secure key-sharing or data-sharing
scheme, little confidence can go behind a product which states to be ‘secure’. A lack of proper
implementation is just as dangerous as little or no implementation at all. A proper security
solution for the needs stated prior must allow for proper auditing teams or managers to see how
and when data is being allowed to be seen and by whom. Without accountability for data, policy
will be unable to stand on its own behalf for providing piece of mind to customers, delegates,
and employees.
The concern of employees having control over company or government data as if it was
their data must also be handled in a way that provides assurances against a rogue employee
merely being fired and never releasing the pass phrases to files which contain data that is the true
property of a company and not they them self. A key escrow technology would have to be
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 3/9
present (if even only an option for availability) to ensure that implementations wouldn’t risk
trade secrets from being taken from the people who rightfully own that data. By utilizing a
proper K of N multi-user authentication scheme, integrity of data availability can still remain
while providing a subset of the entire user base the opportunity to still recover data using the
private keys stored in a central database. As the government made apparent with the ‘Clipper
Chip’ initiative, key escrow is a must-have when data that they feel is valid for them to see has
been previously protected. Adoption of any large-scale cryptography option would be met with
heavy resistance by large corporations if the ability to recovery keys and protected files didn’t
exist.
Current solutions for key management are most often found within a standard Public Key
Infrastructure (PKI). While a standard PKI solution provides flexibility, it its self is actually just
another authentication mechanism to architect, implement, and maintain. A PKI solution such as
Microsoft’s is very application specific to their software and doesn’t allow for generic file
encryption in a way that is portable to Mac, Linux, iPhone, BlackBerry, or other platforms. The
limitations of a vendor-specific PKI are many, but the implementation of such an infrastructure
requires a proper Active Directory domain to be in existence, complex configuration throughout
the network, and end-user certificate enrollment. The further task of maintaing an up-to-date
Certificate Revocation List (CRL) only more increases this challenge of implementation. Lastly,
a PKI such as Microsoft’s won’t provide for the in-depth auditing support that is so critical to a
company at this time.
The challenges of finding a single generic technology solution to provide a proper
implementation of most of these features is great. Existing cryptography standards work
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 4/9
extremely well, but none of them as a singular entity garner the breadth of features that a solution
for the large corporations or governments of the world need. The need for a single solution which
implements the aforementioned list of criteria is of desperate importance so that secure data,
whether at rest or in transit, is available when it is needed, by who should have access to it,
whenever it is deemed necessary.
Aegis Data Security, a Michigan based information technology start-up, is trying to
address the previously stated questions in a new way. Aegis provides a suite of products, all
utilizing a single network appliance, to solve the complex set of problems that currently face
information auditors, security managers, and public relations teams worldwide. With a wide
focus of implementation, the line of Aegis products expands the scope of data security from one
platform to nearly every major platform used in modern computing infrastructures. The breadth
of implementation reach is expansive, providing support for all major desktop Operating
Systems (Windows, Mac, Linux) as well as mobile devices (iPhone, BlackBerry, Windows
Mobile) and any platform that has a web browser and current Java Script support through their
web client product. Aegis Data Security is taking the complexity away from security and placing
the power of information back into the hands of its users.
By leveraging existing authentication mechanisms already deployed within a majority of
networks, large and small, Aegis Data Security removes a large hurdle from the feasibility of a
fast, efficient implementation into an existing network infrastructure. Through providing
integration to networks utilizing LDAP, Active Directory, Kerberos, IMAP, and PKI, Aegis takes
away the need for end-users to remember new credentials and administrators from having to
manage them. Removing the need for extra credentials heightens the likelihood that adherence to
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 5/9
best practices are more likely to be done as there is less potential for an efficiency problem with
an additional username and password. End-users with Windows Vista and Windows 7 machines
that are connected to an Active Directory network won’t even have to login to utilize the desktop
application through a special integration with Windows, further helping users take advantage of
this necessary software without adding overhead.
With end-users likely to perform day-to-day information security tasks through the ease
of use of these products, the reality of key recovery becomes essential to administrators and
managers. Aegis Data Security has implemented a K of N authentication scheme which will not
only allow for a specific number of pre-determined users to login all together to recover a key,
but also allow for different weighted value to be assigned to a specific user. For instance, if two
managers authenticate together, then they are able to recover a file. If however, one manager is
gone that day, the remaining manager and three assistant managers would all be able to
authenticate together in order to recover a protected file’s key. By having a system that is not
only dynamic but secure, key escrow now has integrity as well as piece of mind for those
implementing this solution in their company.
Auditing has also been created throughout the products’ functionality, top to bottom.
Every file encryption, request for decryption, privilege addition and subtraction, administrative
action, and more, is logged to an internal database. These logs can then be exported through
HTML, PDF, or CSV to be reviewed as needed. Heavy customization of reports is provided to
narrow information from a complexity nightmare, to a simplistic and clear cut idea of what an
auditor would want or need to know about any file or user that is within the system. In the event
of an information security breach, auditors would be able to concisely provide information as to
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 6/9
the trail which the data had taken to get to possible points of security lapse. By knowing not only
who accessed a file, but also from when, where, what client, what operating system, and through
what privilege they were granted, tracking down a leak is much easier than ever before in a
complex system.
Because Aegis Data Security has a centralized key management solution implemented
with their software, each of their products and future products will be able to leverage the same
information. Aegis also provided solutions to do redundant data solutions and load balancing to
ensure not only confidentiality and integrity, but also strong availability. Utilizing a hardened-
Linux network appliance, Aegis can help provide reassurance that the information contained
within the server is secure at rest. By stripping unneeded features, providing tamper evident
stickers, and digitally signed updates, Aegis adds security into the equation on every front of
their products.
While Aegis Data Security has provided a comprehensive solution to many problems, the
ever present need for proper implementation is beyond their control. While government spending
increases above even general IT spending, convincing any government of one product’s prowess
will be a hard road ahead. Centralization of resources and data often makes many a network
administrator nervous as far as single points of failure goes, especially when a loss of a key
database could potentially result in the loss of all of a company’s data. Even though backup and
distribution mechanisms are provided by Aegis, the failure of a network administrator to use
them properly could end up costing a company billions as a result of a bug or fluke case. Aegis
will need to investigate heavy testing by public facilities (such as universities, security research
centers, and others) in order to garner the respect they will need to have the confidence behind
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 7/9
their products that they need to make a real impact on the security landscape. In some ways,
decentralized and less friendly solutions, while lacking, are safer options as less data is up for
compromise or loss at one time.
Providing a large feature set solves the problems of implementation that many companies
and governments face, but adoption of such technology is still a leap due to concerns of
backdoors, bugs, and other integrity failures on the part of a company producing closed-source
products. The truly universal solution to so many of these problems will ultimately need to be
open-source most likely. Just as peer-review has created a trustworthy landscape in general
cryptography and policy over the past few decades, a product that can be implemented in such a
way that end-users, managers, and CxOs can feel comfortable will need to have greater access to
the knowledge that the code intimate to their security is indeed of the highest quality.
Going forward, information security specialists must start crafting a modular framework
of features, in the open, for all to commit ideas and opinions about. By creating a consortium of
industry specialists and companies, brilliant minds can solve these same problems in a public and
free way, adding functionality through a standard set of APIs. Through allowing third-parties to
submit for instance authentication plugins, larger bases of implementation will occur and the
scope of the product’s potential grows exponentially. By being peer-reviewed in a similar manner
that the Linux kernel has been over the years, integrity of code and the assurance of no
backdoors to the product will prevent another hurdle of implementation from existing and
stunting usage of such a product.
A Standard Operating Procedures (SOP) document as well as different policy and
auditing documents would allow for the product to not only be secure in code and trusted, but
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 8/9
also help provide a smooth and easy transition for different environments. Since strong policy is
just as important and critical to success as a product’s features, the non-programmer side of the
security community can still add to such a project and revolutionize the idea that information
security cannot be easy and won’t ever be something that is done properly. The need for constant,
unwavering security is well within the scope of our computing era, and to ignore its priority is to
mock the idea that confidentiality and integrity should even exist.
The landscape of information security is currently changing from an inconvenience to a
priority by the reality of its necessity. As network infrastructure broadens further, data in
transmission and data at rest needs to be able to associate cleanly with the credentials that people
are already so familiar with, and in a manner they understand and will use. For every laptop lost,
thumb drive stolen, and e-mail snooped upon, an excuse for security versus convenience was
likely made. The information security community needs to disallow any more excuses but rather
step up and commit to not only making security standards, but products around them that use
those standards in the most proper way fit. The need and complexity of a usable security solution
will not decrease and as such, the responsibility of those capable to do something about it is
apparent. Just as the great cryptographers and mathematicians across the years have seen a need
to protect secrets, the information security specialist needs to protect those secrets in a way that
will be not just done, but done well.
8/3/2019 Securely Sharing Private Data Through Centralized Key Management in Large Network Environments
http://slidepdf.com/reader/full/securely-sharing-private-data-through-centralized-key-management-in-large-network 9/9
References
Aegis Data Security. (2009). Aegis Data Security Products. Retrieved June 4th, 2009, from
http://aegisdatasecurity.com/products.html
Abelson et al. (1998). The Risks of Key Recovery, Key Escrow & Trusted-Third PartyEncryption. Retrieved June 2nd, 2009, from http://www.cdt.org/crypto/risks98/
Centers for Medicare & Medicaid Services. (2009, April 21).
Overview Information Security. Retrieved June, 3rd, 2009, from
http://www.cms.hhs.gov/InformationSecurity/
Housley, Russ. (2001). Planning for PKI:
Best Practices Guide for Deploying Public Key Infrastructure. Wiley.
INPUT. (2008, September 17). Information Security Spending By The U.S. Feder al GovernmentWill Reach $9.6 Billion By 2013. Retrieved June 2nd, 2009, from
http://www.input.com/corp/press/detail.cfm?news=1395
Kurosawa, K & Obana, S. (1997). Characterization of (k, n) Multi-Receiver Authentication.
Retrieved June 2nd, 2009, from http://kuro.cis.ibaraki.ac.jp/~kurosawa/1997/broad.ps
Levy, Steven. (2002). Crypto:
How the Code Rebels Beat the Government Saving Privacy in the Digital Age.
Diane Pub Co.
Office of the Press Secretary, The White House. (1993, April 16). Clipper Chip Announcement.
Retrieved June 2nd, 2009, from http://csrc.nist.gov/keyrecovery/clipper.txt