Access Management in Critical Information Infrastructures - PowerPoint PPT Presentation


PPT – Access Management in Critical Information Infrastructures PowerPoint presentation | free to download - id: 50c68-NjM1N


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

Access Management in Critical Information Infrastructures


Elliptic-Curve cryptography is only partial solution ... Zeroknowledge Systems: e-cash on a RIM Blackberry. Protocols described in open literature: ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 35
Provided by: esaker
Learn more at:


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Access Management in Critical Information Infrastructures

Access Management in Critical Information
May 15, 2003
Dr. Stefan Brands
15th annual Canadian Information Technology
Security Symposium May 12 - 15, 2003Ottawa
Congress Centre
Presented to
Critical Information Infrastructures
  • Information-centric infrastructures essential to
    the defense and economic prosperity of a society,
    and to the well-being of its people
  • Strong reliance on effective management and
    sharing of sensitive information
  • Examples
  • Telecommunications
  • The supply of utilities
  • Banking and finance networks
  • Public transportation
  • National defense
  • Health care

Information management trends
  • Information recorded managed in electronic form
  • Increasing data volume sensitivity
  • Increasing numbers of trust domains desiring
    ability to interact (open systems)
  • Data sharing over open networks
  • Physical trust domains are disappearing
  • Proliferation in number and type of access
  • Personal Computers
  • Personal Digital Assistants
  • Mobile phones

Benefits of electronic records
  • Efficient data sharing across corporate
  • Reusability of recorded information
  • Reduce errors
  • Enhance productivity (notably of administrators)
  • Location-independence of records
  • In central database
  • Distributed across databases (possibly
  • User-controlled record
  • User-held record (smartcard, PDA, PC, )
  • Open up new opportunities

Security issues
  • Data must be made selectively accessible
  • Must be able to base authorization decisions on
    access requestor rather than (only) on data
  • No longer adequate Vulnerability assessment
    products and services, fire-walls, anti-virus
    software hardware, intrusion detection
  • Authorization is next major security requirement
  • Can grant authorization on the basis of
    identity, assumed role, privileges, entitlements,
    personal characteristics, profile data,
    qualifications, group membership, other
    credentials, payment,

Security of electronic records
  • Complexity of ownership when data sharing is
  • Many may be authorized to read, add or update
  • Many may need to rely on data in same record
  • Access provider perspective
  • OK others can view data (to be informed check
    for errors)
  • Not OK others can add, delete, modify, or
    prevent updating of data
  • Challenge Solve multi-party rights management
    problem (good solution meets any rights
  • Must address two basic authentication problems
  • Authenticate access requests to record entries
  • Authenticate record entries themselves


Not a solution single sign-on
  • Avoids duplication of passwords by giving users a
    single password for all resources
  • Only authenticates access requestor, does not
    deal with authentication of data entries in
  • Liberty Alliance, MS Passport,
  • A user convenience, not a security solution
  • Highly insecure for managing access to sensitive
    information over open networks
  • J. Lewis (CEO of Burton Group) Single sign-on
    is a security compromise waiting to happen

Secure access management
  • Security must be tied to the information itself
  • Most secure approach public key cryptography
  • Secret keys never leave confines of their storage
  • Avoids key distribution problem of symmetric-key
  • Offers non-repudiation (digital signatures)
  • Two fundamentally different public-key
  • X.509-style PKI
  • Identity certificates
  • Attribute certificates (Privilege Management
  • Digital Credentials
  • Seamless hybrid between identity and attribute
  • With security, privacy, scalability performance

X.509-style PKI
  • Revolves around the distribution and management
    of digital identity certificates
  • Invented in 1978 to facilitate message encryption
  • In line with original goal, X.509 certificates
  • Confidentiality of data in transit (through
  • User authentication (ensures messages are
    encrypted under right public key prevents
    man-in-the-middle attack)
  • Data integrity (prevent tampering with data in
  • Non-repudiation (proof of senders identity)
  • Access control was never a design requirement
    (irrelevant for message encryption

Applying PKI to access control
  • PKI vendors currently distorting their technology
    to do access control (encryption is not big
    market need )
  • Their approach
  • Individual to provide digital identity
    certificate to gain access
  • Certificate serves as strongly authenticated
    pointer to on-line databases entries
  • Access provider to retrieve all data for
    authorization decision
  • Credit card infrastructure on steroids
  • Authentication for message encryption very
    different from access control to sensitive data
    (unique needs for privacy, security, scalability

The irony a historical perspective
  • Diffie-Hellman invention of asymmetric crypto
  • Setting Encrypted communication over open
  • Sender to encrypt message with public key of
  • To prevent man-in-the-middle attack, on-line
    secure (read-only) database lists name public
    key bindings
  • Kohnfelders bachelors thesis (1978)
  • Database problems bottleneck vulnerable to
  • Identity certificates proposed to address both
  • Irony of digital identity certificates for access
  • Both problems are back with a vengeance
  • New problems that were irrelevant in original

Verifiers must look up all authorization data
but all these databases may be in different
trust / administrative domains
PKI access control problems (1)
  • Non-scalable beyond pre-established trust
  • Access provider relies on the availability,
    correctness, and timeliness of authorization data
  • Poor security
  • Access right cloning and lending no
    cryptographic protection
  • Misuse of online databases by hackers and
  • Vulnerable to denial-of-service attacks
  • Strong reliance on real-time availability of
    online databases
  • Online certificate status validation
  • Increases risk of identity theft
  • Inescapable system-wide identification
  • Strong reliance on central databases

PKI access control problems (2)
  • Not suitable for use with smartcards
  • Cannot use low-cost smartcards
  • Storage problem
  • Need crypto co-processor for exponentiations
  • Elliptic-Curve cryptography is only partial
  • Application provider must place very strong trust
    in parties involved in smartcard manufacturing,
    masking, initialization, application loading, and
    personalization. Attacks
  • Overt or covert leakage of secrets and other
    confidential data
  • Uniqueness, randomness, and secrecy of secret
  • Fake-terminal attacks
  • Selective failure attacks based on dynamic
  • Problems worsen for multi-application smartcards

PKI access control problems (3)
  • Managed services are intrusive
  • Online Certificate Status Providers able to learn
    competitive/sensitive data in real time
  • Identities of access requestors (and access
  • Peak hours
  • Typically nature of the transaction
  • Possibly transaction details
  • Certificate Authorities must know the identity
    and any other attributes that go into the
    certificates they issue
  • Online Certificate Status Providers Certificate
    Authorities on-line database maintainers can
    disrupt operations on the basis of
    transaction-specific knowledge in real time

PKI access control problems (4)
  • Privacy-invasive (roots inescapable systemic
    identification deep into information
  • Public keys strongly authenticated
  • Globally unique identification numbers
  • Inescapably travel along with each and every
    action taken
  • Obtained by access provider third parties
    (providers of authorization databases online
    certificate status verifiers)
  • Always leave behind undeniable digital evidence
    of the requestors identity (due to digital
    signing of nonces)
  • Problems with data protection legislation,
    unbridled use of PKI may be unconstitutional
  • Access providers third parties cannot prevent
    receiving identifiable data

Bad solutions (quick fixes)
  • Identity certificates that specify a pseudonym
    or a role instead of a real name
  • Does not address privacy problems (remember
    tracing can be done on the basis of the public
    keys in certificates)
  • May weaken security (accountability, fraud
    containment, )
  • Issue different identity certificates for
    different uses
  • False sense of privacy like using SSNs, credit
    card numbers, and health insurance numbers for
    all actions!
  • Damages functionality creates separate islands
    that cannot communicate (bridge-CAs undo purpose
    create new scalability and trust problems)
  • Scalability smartcard inefficiency even worse

Another bad solution
  • Privilege Management infrastructure (PMI)
  • X.509 attribute certificates specify relevant
    attribute data
  • Addresses availability problem, but exacerbates
    all other problems
  • Attribute certificates must be linked to (and
    sent along with) base identity certificate to
    prevent pooling of privileges
  • Even more devastating for privacy (all the
    attributes within a certificate must be known to
    the CA must be disclosed when showing the
  • No mechanisms to prevent discarding,
    updating-prevention, lending, and cloning
  • Smartcard inefficiency even worse
  • Must manage and revoke an abundance of

Privacy a brief digress
  • The right of individuals to determine for
    themselves when, how, and to what extent
    information about them is communicated to others
  • In electronic world virtually no grey areas
    between privacy inescapable systemic
  • Different manifestations for
  • Individuals (ROI hard to quantify)
  • Companies (competitive intelligence, liability
  • Critical information infrastructures (monitoring
  • Security safeguards deal with unauthorized
    outsiders, but most threats come from authorized

Security is NOT privacy
Technology can address security without
addressing privacy, but may introduce new
security concerns!
  • Collection Limitation
  • Data Quality
  • Purpose Specification
  • Use Limitation
  • Openness
  • Individual Participation
  • Accountability

5. Security safeguards (incl. confidentiality)
  • Wolves in sheeps clothing
  • Ubiquitous surveillance
  • cameras
  • National ID chipcards
  • PKI for access control

Privacy-respecting security
  • Not so much about anonymity, as about controlling
    who can learn what as data flows through system
  • Covers spectrum between mandatory identifiability
    and the maximum level of privacy afforded
  • Example client identifies to access provider,
    access provider de-identifies non-repudiable
    transaction evidence for third party (PKI cannot
    do this!)
  • Privacy is good for security
  • Non-identifiable (unlinkable) records record
    access reduce vulnerability to hackers
    (authorized!) insiders
  • Decentralized approach reduces denial of service

Digital Credentials
  • Achieve security, privacy efficiency
  • Like digital signatures but much more powerful
  • Three basic uses in access control
  • To authenticate data entries in records
  • To authenticate pointers to records
  • For digitally signed audit trails receipts
  • CA binds attributes to Digital Credential
    public key
  • User can allow CA to learn only an attribute
  • User can blind Digital Credential public key
    CAs digital signature (but not the attributes)
  • User can selectively disclose attribute property
    to verifier
  • User must know all attributes to show certificate

(No Transcript)
(No Transcript)
(No Transcript)
Digital Credentials properties (1)
  • Fully adaptable levels of privacy
  • Allow anonymous, pseudonymous, and role-based
  • Principle of least authority selective/minimal
  • Reverse authentication data does not meet
  • Recertification and updating present Digital
    Credential without revealing current attribute
  • Dossier-resistance leave no or partial
    non-repudiable transaction evidence to verifier
  • Credential verifier can selectively discard data
    before passing on digital evidence to third party
  • Reveal no or partial attribute data to Credential
  • Smartcard cannot leak sensitive data to outside

Digital Credentials properties (2)
  • Security protections
  • No pooling of privileges (multiple Digital
    Credentials can be shown to contain same built-in
    identifier without disclosing it)
  • Lending protection Embed client-confidential
    data into Digital Credential (legitimate owner
    need never disclose it)
  • Discarding protection Lump negative data in base
    Digital Credential (e.g., drunk driving mark into
    drivers license)
  • Limited-show credentials Embedded identifier (or
    value) will be exposed if and only if Credential
    shown too many times
  • Audit capability
  • Digital audit trails receipts facilitate
    dispute resolution
  • Non-identified audit trail cannot be disavowed by
  • Self-signed fraud confessions for lending and

Digital Credentials properties (3)
  • Smartcard Implementations
  • Manage billions of Credentials using 8-bit
    smart-card chip (off-load storage and
    computational burden to user device)
  • Application provider can arbitrarily minimize
    level of trust placed in smartcard (through
    application software)
  • Secure multi-application smartcards
  • Different application providers can share same
    secret key to derive card security
  • Digital Credentials have uncorrelated secret keys
    (unknown even to card supplier) and can be
    revoked separately
  • Different applications using same smartcard are
    fire-walled through user software (not card
  • Leakage of a cards key does not allow fraud
    beyond the security functionality the card was
    supposed to add

Digital Credentials properties (4)
  • Managed services
  • Credential Authorities certify sensitive
    information without being able to learn the data
  • Revocation Authorities can validate certificates
    without being able to identify the clients of
  • Role of tamper-resistant smartcard can be
  • Peer-to-peer support
  • Individuals can store and manage their own
  • Unauthorized users cannot modify, discard, lend,
    pool, or prevent the updating of information they
  • In the extreme do away with central databases by
    securely distributing all database entries to
    data subjects
  • Multi-purpose and multi-application certificates

Digital Credentials not a whim
  • Limited implementation experience (but for
    another application, which never caught on
  • CAFE OPERA (2 EU SRED projects, involving KPN,
    Gemplus, Siemens 15 others) e-cash on a
    smartcard, with field trials from 1996 to 1999
  • Zeroknowledge Systems e-cash on a RIM Blackberry
  • Protocols described in open literature
  • 32 publications since 1993 at major crypto
    privacy forums
  • 315-page MIT Press book with foreword by prof.
    Ron Rivest
  • Scrutinized by worlds top cryptographers
    (Shamir, Rivest, Schnorr, etc.)
  • Acclaim from security, legal privacy experts

Sample acclaim
an important landmark Dr. Ronald L. Rivest
(Webster Professor of Electrical
Engineering and Computer Science at MIT), August
2000 minimizing the risks of all the interested
actors Electronic Privacy Information Center
Privacy International, 2001 a superior
alternative to conventional approaches to
PKI Dr. Roger Clarke (consultant in the
management of information
and information technology), 2001 security
without sacrificing privacy Dr. Hal Abelson
(Professor at the Artificial
Intelligence Laboratory, MIT),
August 2000 the state of the art Dr. A. Michael
Froomkin (Professor of Law,
University of Miami),
August 2000 shows ways to do digital
certificates without giving so much power to the
system owner Former Chief Privacy Counselor to
the Clinton
Administration, Dr. Peter Swire, April 2001
Credential Management Platform
  • Leverages Digital Credentials technology
  • A continuum between local and remote records
  • Automated sharing and synchronization of
    certified data in accordance with
    application-specific rules
  • Roaming access to records access tokens
  • Multiple protocols for gaining access to
    electronic records with varying levels of active
  • Delegation certificates (limited-time or
  • Fine-grained multi-party rights management
  • Optional encrypt record entries access requests

(No Transcript)
Additional Information
  • Digital Credentials overviews
  • Non-technical 2-pager
  • Semi-technical 40-page overview
  • Technical 350-page book with formal security
  • CMP architecture overview