Access Management in Critical Information Infrastructures - PowerPoint PPT Presentation

Loading...

PPT – Access Management in Critical Information Infrastructures PowerPoint presentation | free to download - id: 50c68-NjM1N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Access Management in Critical Information Infrastructures

Description:

Elliptic-Curve cryptography is only partial solution ... Zeroknowledge Systems: e-cash on a RIM Blackberry. Protocols described in open literature: ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 35
Provided by: esaker
Learn more at: http://www2.it.lut.fi
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Access Management in Critical Information Infrastructures


1
Access Management in Critical Information
Infrastructures
May 15, 2003
Dr. Stefan Brands brands_at_credentica.com
15th annual Canadian Information Technology
Security Symposium May 12 - 15, 2003Ottawa
Congress Centre
Presented to
2
Critical Information Infrastructures
  • Information-centric infrastructures essential to
    the defense and economic prosperity of a society,
    and to the well-being of its people
  • Strong reliance on effective management and
    sharing of sensitive information
  • Examples
  • Telecommunications
  • The supply of utilities
  • Banking and finance networks
  • Public transportation
  • National defense
  • Health care

3
Information management trends
  • Information recorded managed in electronic form
  • Increasing data volume sensitivity
  • Increasing numbers of trust domains desiring
    ability to interact (open systems)
  • Data sharing over open networks
  • Physical trust domains are disappearing
  • Proliferation in number and type of access
    devices
  • Personal Computers
  • Personal Digital Assistants
  • Mobile phones

4
Benefits of electronic records
  • Efficient data sharing across corporate
    boundaries
  • Reusability of recorded information
  • Reduce errors
  • Enhance productivity (notably of administrators)
  • Location-independence of records
  • In central database
  • Distributed across databases (possibly
    federated)
  • User-controlled record
  • User-held record (smartcard, PDA, PC, )
  • Open up new opportunities

5
Security issues
  • Data must be made selectively accessible
  • Must be able to base authorization decisions on
    access requestor rather than (only) on data
    itself
  • No longer adequate Vulnerability assessment
    products and services, fire-walls, anti-virus
    software hardware, intrusion detection
    applications
  • Authorization is next major security requirement
  • Can grant authorization on the basis of
    identity, assumed role, privileges, entitlements,
    personal characteristics, profile data,
    qualifications, group membership, other
    credentials, payment,

6
Security of electronic records
  • Complexity of ownership when data sharing is
    goal
  • Many may be authorized to read, add or update
    information
  • Many may need to rely on data in same record
  • Access provider perspective
  • OK others can view data (to be informed check
    for errors)
  • Not OK others can add, delete, modify, or
    prevent updating of data
  • Challenge Solve multi-party rights management
    problem (good solution meets any rights
    setting)
  • Must address two basic authentication problems
  • Authenticate access requests to record entries
  • Authenticate record entries themselves

7

Not a solution single sign-on
  • Avoids duplication of passwords by giving users a
    single password for all resources
  • Only authenticates access requestor, does not
    deal with authentication of data entries in
    records
  • Liberty Alliance, MS Passport,
  • A user convenience, not a security solution
  • Highly insecure for managing access to sensitive
    information over open networks
  • J. Lewis (CEO of Burton Group) Single sign-on
    is a security compromise waiting to happen

8
Secure access management
  • Security must be tied to the information itself
  • Most secure approach public key cryptography
  • Secret keys never leave confines of their storage
    device
  • Avoids key distribution problem of symmetric-key
    crypto
  • Offers non-repudiation (digital signatures)
  • Two fundamentally different public-key
    approaches
  • X.509-style PKI
  • Identity certificates
  • Attribute certificates (Privilege Management
    Infrastructure)
  • Digital Credentials
  • Seamless hybrid between identity and attribute
    certificates
  • With security, privacy, scalability performance
    benefits

9
X.509-style PKI
  • Revolves around the distribution and management
    of digital identity certificates
  • Invented in 1978 to facilitate message encryption
  • In line with original goal, X.509 certificates
    provide
  • Confidentiality of data in transit (through
    encryption)
  • User authentication (ensures messages are
    encrypted under right public key prevents
    man-in-the-middle attack)
  • Data integrity (prevent tampering with data in
    transit)
  • Non-repudiation (proof of senders identity)
  • Access control was never a design requirement
    (irrelevant for message encryption
    infrastructure!)

10
Applying PKI to access control
  • PKI vendors currently distorting their technology
    to do access control (encryption is not big
    market need )
  • Their approach
  • Individual to provide digital identity
    certificate to gain access
  • Certificate serves as strongly authenticated
    pointer to on-line databases entries
  • Access provider to retrieve all data for
    authorization decision
  • Credit card infrastructure on steroids
  • Authentication for message encryption very
    different from access control to sensitive data
    (unique needs for privacy, security, scalability
    performance)

11
The irony a historical perspective
  • Diffie-Hellman invention of asymmetric crypto
    (1976)
  • Setting Encrypted communication over open
    network
  • Sender to encrypt message with public key of
    recipient
  • To prevent man-in-the-middle attack, on-line
    secure (read-only) database lists name public
    key bindings
  • Kohnfelders bachelors thesis (1978)
  • Database problems bottleneck vulnerable to
    attacks
  • Identity certificates proposed to address both
    problems
  • Irony of digital identity certificates for access
    control
  • Both problems are back with a vengeance
  • New problems that were irrelevant in original
    setting

12
Verifiers must look up all authorization data
themselves
but all these databases may be in different
trust / administrative domains
13
PKI access control problems (1)
  • Non-scalable beyond pre-established trust
    domains
  • Access provider relies on the availability,
    correctness, and timeliness of authorization data
  • Poor security
  • Access right cloning and lending no
    cryptographic protection
  • Misuse of online databases by hackers and
    insiders
  • Vulnerable to denial-of-service attacks
  • Strong reliance on real-time availability of
    online databases
  • Online certificate status validation
  • Increases risk of identity theft
  • Inescapable system-wide identification
  • Strong reliance on central databases

14
PKI access control problems (2)
  • Not suitable for use with smartcards
  • Cannot use low-cost smartcards
  • Storage problem
  • Need crypto co-processor for exponentiations
  • Elliptic-Curve cryptography is only partial
    solution
  • Application provider must place very strong trust
    in parties involved in smartcard manufacturing,
    masking, initialization, application loading, and
    personalization. Attacks
  • Overt or covert leakage of secrets and other
    confidential data
  • Uniqueness, randomness, and secrecy of secret
    keys??
  • Fake-terminal attacks
  • Selective failure attacks based on dynamic
    inputs
  • Problems worsen for multi-application smartcards

15
PKI access control problems (3)
  • Managed services are intrusive
  • Online Certificate Status Providers able to learn
    competitive/sensitive data in real time
  • Identities of access requestors (and access
    providers)
  • Peak hours
  • Typically nature of the transaction
  • Possibly transaction details
  • Certificate Authorities must know the identity
    and any other attributes that go into the
    certificates they issue
  • Online Certificate Status Providers Certificate
    Authorities on-line database maintainers can
    disrupt operations on the basis of
    transaction-specific knowledge in real time

16
PKI access control problems (4)
  • Privacy-invasive (roots inescapable systemic
    identification deep into information
    infrastructure)
  • Public keys strongly authenticated
    super-SSNs
  • Globally unique identification numbers
  • Inescapably travel along with each and every
    action taken
  • Obtained by access provider third parties
    (providers of authorization databases online
    certificate status verifiers)
  • Always leave behind undeniable digital evidence
    of the requestors identity (due to digital
    signing of nonces)
  • Problems with data protection legislation,
    unbridled use of PKI may be unconstitutional
  • Access providers third parties cannot prevent
    receiving identifiable data

17
Bad solutions (quick fixes)
  • Identity certificates that specify a pseudonym
    or a role instead of a real name
  • Does not address privacy problems (remember
    tracing can be done on the basis of the public
    keys in certificates)
  • May weaken security (accountability, fraud
    containment, )
  • Issue different identity certificates for
    different uses
  • False sense of privacy like using SSNs, credit
    card numbers, and health insurance numbers for
    all actions!
  • Damages functionality creates separate islands
    that cannot communicate (bridge-CAs undo purpose
    create new scalability and trust problems)
  • Scalability smartcard inefficiency even worse

18
Another bad solution
  • Privilege Management infrastructure (PMI)
  • X.509 attribute certificates specify relevant
    attribute data
  • Addresses availability problem, but exacerbates
    all other problems
  • Attribute certificates must be linked to (and
    sent along with) base identity certificate to
    prevent pooling of privileges
  • Even more devastating for privacy (all the
    attributes within a certificate must be known to
    the CA must be disclosed when showing the
    certificate)
  • No mechanisms to prevent discarding,
    updating-prevention, lending, and cloning
  • Smartcard inefficiency even worse
  • Must manage and revoke an abundance of
    certificates

19
Privacy a brief digress
  • The right of individuals to determine for
    themselves when, how, and to what extent
    information about them is communicated to others
  • In electronic world virtually no grey areas
    between privacy inescapable systemic
    identification
  • Different manifestations for
  • Individuals (ROI hard to quantify)
  • Companies (competitive intelligence, liability
    issues)
  • Critical information infrastructures (monitoring
    threats)
  • Security safeguards deal with unauthorized
    outsiders, but most threats come from authorized
    insiders

20
Security is NOT privacy
Technology can address security without
addressing privacy, but may introduce new
security concerns!
OECD FIPs
  • Collection Limitation
  • Data Quality
  • Purpose Specification
  • Use Limitation
  • Openness
  • Individual Participation
  • Accountability

5. Security safeguards (incl. confidentiality)
  • Wolves in sheeps clothing
  • Ubiquitous surveillance
  • cameras
  • National ID chipcards
  • PKI for access control

21
Privacy-respecting security
  • Not so much about anonymity, as about controlling
    who can learn what as data flows through system
  • Covers spectrum between mandatory identifiability
    and the maximum level of privacy afforded
    (slider)
  • Example client identifies to access provider,
    access provider de-identifies non-repudiable
    transaction evidence for third party (PKI cannot
    do this!)
  • Privacy is good for security
  • Non-identifiable (unlinkable) records record
    access reduce vulnerability to hackers
    (authorized!) insiders
  • Decentralized approach reduces denial of service
    attacks

22
Digital Credentials
  • Achieve security, privacy efficiency
    simultaneously
  • Like digital signatures but much more powerful
  • Three basic uses in access control
  • To authenticate data entries in records
  • To authenticate pointers to records
  • For digitally signed audit trails receipts
  • CA binds attributes to Digital Credential
    public key
  • User can allow CA to learn only an attribute
    property
  • User can blind Digital Credential public key
    CAs digital signature (but not the attributes)
  • User can selectively disclose attribute property
    to verifier
  • User must know all attributes to show certificate

23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
Digital Credentials properties (1)
  • Fully adaptable levels of privacy
  • Allow anonymous, pseudonymous, and role-based
    access
  • Principle of least authority selective/minimal
    disclosure
  • Reverse authentication data does not meet
    conditions
  • Recertification and updating present Digital
    Credential without revealing current attribute
    values
  • Dossier-resistance leave no or partial
    non-repudiable transaction evidence to verifier
  • Credential verifier can selectively discard data
    before passing on digital evidence to third party
  • Reveal no or partial attribute data to Credential
    Authorities
  • Smartcard cannot leak sensitive data to outside
    world

27
Digital Credentials properties (2)
  • Security protections
  • No pooling of privileges (multiple Digital
    Credentials can be shown to contain same built-in
    identifier without disclosing it)
  • Lending protection Embed client-confidential
    data into Digital Credential (legitimate owner
    need never disclose it)
  • Discarding protection Lump negative data in base
    Digital Credential (e.g., drunk driving mark into
    drivers license)
  • Limited-show credentials Embedded identifier (or
    value) will be exposed if and only if Credential
    shown too many times
  • Audit capability
  • Digital audit trails receipts facilitate
    dispute resolution
  • Non-identified audit trail cannot be disavowed by
    originator
  • Self-signed fraud confessions for lending and
    reuse

28
Digital Credentials properties (3)
  • Smartcard Implementations
  • Manage billions of Credentials using 8-bit
    smart-card chip (off-load storage and
    computational burden to user device)
  • Application provider can arbitrarily minimize
    level of trust placed in smartcard (through
    application software)
  • Secure multi-application smartcards
  • Different application providers can share same
    secret key to derive card security
  • Digital Credentials have uncorrelated secret keys
    (unknown even to card supplier) and can be
    revoked separately
  • Different applications using same smartcard are
    fire-walled through user software (not card
    software!)
  • Leakage of a cards key does not allow fraud
    beyond the security functionality the card was
    supposed to add

29
Digital Credentials properties (4)
  • Managed services
  • Credential Authorities certify sensitive
    information without being able to learn the data
  • Revocation Authorities can validate certificates
    without being able to identify the clients of
    organizations
  • Role of tamper-resistant smartcard can be
    outsourced
  • Peer-to-peer support
  • Individuals can store and manage their own
    credentials
  • Unauthorized users cannot modify, discard, lend,
    pool, or prevent the updating of information they
    hold
  • In the extreme do away with central databases by
    securely distributing all database entries to
    data subjects
  • Multi-purpose and multi-application certificates

30
Digital Credentials not a whim
  • Limited implementation experience (but for
    another application, which never caught on
    commercially)
  • CAFE OPERA (2 EU SRED projects, involving KPN,
    Gemplus, Siemens 15 others) e-cash on a
    smartcard, with field trials from 1996 to 1999
  • Zeroknowledge Systems e-cash on a RIM Blackberry
  • Protocols described in open literature
  • 32 publications since 1993 at major crypto
    privacy forums
  • 315-page MIT Press book with foreword by prof.
    Ron Rivest
  • Scrutinized by worlds top cryptographers
    (Shamir, Rivest, Schnorr, etc.)
  • Acclaim from security, legal privacy experts

31
Sample acclaim
an important landmark Dr. Ronald L. Rivest
(Webster Professor of Electrical
Engineering and Computer Science at MIT), August
2000 minimizing the risks of all the interested
actors Electronic Privacy Information Center
Privacy International, 2001 a superior
alternative to conventional approaches to
PKI Dr. Roger Clarke (consultant in the
management of information
and information technology), 2001 security
without sacrificing privacy Dr. Hal Abelson
(Professor at the Artificial
Intelligence Laboratory, MIT),
August 2000 the state of the art Dr. A. Michael
Froomkin (Professor of Law,
University of Miami),
August 2000 shows ways to do digital
certificates without giving so much power to the
system owner Former Chief Privacy Counselor to
the Clinton
Administration, Dr. Peter Swire, April 2001
32
Credential Management Platform
  • Leverages Digital Credentials technology
  • A continuum between local and remote records
  • Automated sharing and synchronization of
    certified data in accordance with
    application-specific rules
  • Roaming access to records access tokens
  • Multiple protocols for gaining access to
    electronic records with varying levels of active
    participation
  • Delegation certificates (limited-time or
    limited-use)
  • Fine-grained multi-party rights management
  • Optional encrypt record entries access requests

33
(No Transcript)
34
Additional Information
  • Digital Credentials overviews
  • Non-technical 2-pager www.ercim.org/publication/E
    rcim_News/enw49/brands.html
  • Semi-technical 40-page overview
    www.credentica.com/technology/overview.pdf
  • Technical 350-page book with formal security
    analysis www.credentica.com/technology/book.html
  • CMP architecture overview
  • ls6-www.informatik.uni-dortmund.de/issi/cred
    _ws/papers/brands.pdf
  • brands_at_credentica.com
About PowerShow.com