1 / 24

HSM Overview for Grid Computing

The Foundation of Information Security. Encryption experts with 25 year history of HARDWARE security protection for:CommunicationsIntellectual Property RightsData and IdentitiesGlobal Company with Local ServiceHeadquartered in Maryland, USARegional headquarters in Camberley, UK Hong Kong30 offices located in more than 20 countiesEncryption technology heritage43 patents issued, 31 patents pendingMajority of the leading security vendors embed SafeNet's technology in their offerings Fastest Growing Networking Company 2005.

avani
Télécharger la présentation

HSM Overview for Grid Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. HSM Overview for Grid Computing

    2. The Foundation of Information Security Encryption experts with 25 year history of HARDWARE security protection for: Communications Intellectual Property Rights Data and Identities Global Company with Local Service Headquartered in Maryland, USA Regional headquarters in Camberley, UK Hong Kong 30 + offices located in more than 20 counties Encryption technology heritage 43 patents issued, 31 patents pending Majority of the leading security vendors embed SafeNets technology in their offerings Fastest Growing Networking Company 2005

    3. PKI Overview What is a Digital ID? What is a PKI? What is an HSM? How are these used?

    4. What is Digital Identity? A Digital Identity is the representation of a human identity that is used in a distributed network interaction with other machines or people. The purpose of the Digital Identity is to restore the ease and security human transactions once had, when we all knew each other and did business face-to-face, to a machine environment where we are often meeting each other for the first time as we enter into transactions over vast distances. Attributes of a Digital Identity A Digital Identity only needs to be as complete as a particular transaction requires. That is to say, some transactions require a far more robust Digital Identity than others, since the degree of trust and information required can vary significantly based on the type of transaction. A Digital Identity consists of two parts: Who one is (identity) The credentials that one holds (attributes of that identity). These credentials define a Digital Identity, and they can be quite varied, of widely differing value, and have many different uses. The full Digital Identity is quite intricate and has legal as well as technical implications (here is a MIT white paper on the subject that will give you the idea.) However, the simplest possible Digital Identity consists of an ID (such as a user name) and an authentication secret (such as a password). In this simplest Digital Identity the user name is the identity while the password is said to be the authentication credential. As computerized systems become more networked and distributed, Digital Identity must become more robust to make complex distributed user interactions easy while achieving the required control and security. Ultimately Digital Identity will become as complex and flexible in use as a real-world human identity. A Digital Identity can facilitate the following operations: Authentication - Proving the Digital Identity is what it is representing itself to be in the transaction Authorization - Gaining permission to access certain data or program applications Confidentiality - Assuring that an unauthorized party cannot usefully intercept the data being transmitted Data Integrity - Assuring that the data has not been tampered with during transmission Proof of Source - Using public/private key encryption to assure the origination source of a document Non-Repudiation - Using public/private key encryption to verify the source and destination entity of a transaction Reputation - Aggregating signed information from various sources as credentials based on past transaction history A Digital Identity allows transactions in which the parties are separated in time and space while retaining the ability of these transactions to contain all of the human identity based attributes that transactions between people have always had. The ability to have third party transactions such as power of attorney, agency, and others handled through Digital Identity are just some of the types of attributes that the Digital Identity will grow to have. (For a complete white paper discussion of these attributes of a Digital Identity, click here.) The human context must be restored to the impersonal, distributed, networked communications world where transactions arise ad hoc. Often one or more of the parties to such transactions is an automated computerized system that has to operate on a set of rules that require certain identity information, the release of which must be negotiated with its owner. Accomplishing this very personal task in an inherently impersonal setting is the purpose of the Digital Identity. What is Digital Identity? A Digital Identity is the representation of a human identity that is used in a distributed network interaction with other machines or people. The purpose of the Digital Identity is to restore the ease and security human transactions once had, when we all knew each other and did business face-to-face, to a machine environment where we are often meeting each other for the first time as we enter into transactions over vast distances. Attributes of a Digital Identity A Digital Identity only needs to be as complete as a particular transaction requires. That is to say, some transactions require a far more robust Digital Identity than others, since the degree of trust and information required can vary significantly based on the type of transaction. A Digital Identity consists of two parts: Who one is (identity) The credentials that one holds (attributes of that identity). These credentials define a Digital Identity, and they can be quite varied, of widely differing value, and have many different uses. The full Digital Identity is quite intricate and has legal as well as technical implications (here is a MIT white paper on the subject that will give you the idea.) However, the simplest possible Digital Identity consists of an ID (such as a user name) and an authentication secret (such as a password). In this simplest Digital Identity the user name is the identity while the password is said to be the authentication credential. As computerized systems become more networked and distributed, Digital Identity must become more robust to make complex distributed user interactions easy while achieving the required control and security. Ultimately Digital Identity will become as complex and flexible in use as a real-world human identity. A Digital Identity can facilitate the following operations: Authentication - Proving the Digital Identity is what it is representing itself to be in the transaction Authorization - Gaining permission to access certain data or program applications Confidentiality - Assuring that an unauthorized party cannot usefully intercept the data being transmitted Data Integrity - Assuring that the data has not been tampered with during transmission Proof of Source - Using public/private key encryption to assure the origination source of a document Non-Repudiation - Using public/private key encryption to verify the source and destination entity of a transaction Reputation - Aggregating signed information from various sources as credentials based on past transaction history A Digital Identity allows transactions in which the parties are separated in time and space while retaining the ability of these transactions to contain all of the human identity based attributes that transactions between people have always had. The ability to have third party transactions such as power of attorney, agency, and others handled through Digital Identity are just some of the types of attributes that the Digital Identity will grow to have. (For a complete white paper discussion of these attributes of a Digital Identity, click here.) The human context must be restored to the impersonal, distributed, networked communications world where transactions arise ad hoc. Often one or more of the parties to such transactions is an automated computerized system that has to operate on a set of rules that require certain identity information, the release of which must be negotiated with its owner. Accomplishing this very personal task in an inherently impersonal setting is the purpose of the Digital Identity.

    5. A Public Key Infrastructure consists of software and procedures put in place by an organization to support the use of Public Keys for authentication--in identifying users, services, and confirming digital signatures. Public keys usually conform to the X.509 standard for certificates, and usually are based on the RSA public/private key encryption algorithm--if you encrypt with the public key, you can only decrypt with the private key, or you can encrypt with the private and decrypt only with the public key. You keep your private key a closely guarded secret, but the public key can be given out to anyone whom you want to be able to verify that a message or file really did originate from you.A Public Key Infrastructure consists of software and procedures put in place by an organization to support the use of Public Keys for authentication--in identifying users, services, and confirming digital signatures. Public keys usually conform to the X.509 standard for certificates, and usually are based on the RSA public/private key encryption algorithm--if you encrypt with the public key, you can only decrypt with the private key, or you can encrypt with the private and decrypt only with the public key. You keep your private key a closely guarded secret, but the public key can be given out to anyone whom you want to be able to verify that a message or file really did originate from you.

    6. What is a Hardware Security Module (HSM)? Security: A device to keep private keys close to your chest Performance: Accelerate encryption operations to eliminate bottlenecks Audit: Provides a clear audit trail for all key materials: SAS70 / SOX / PCI / HIPPA / HSPD12 etc. They are devices for keeping keys in hardware- making the keys secure Since the Keys underpin all the security mechanisms discussed- it is important that they are kept secure Keeping a Key in Hardware means that you can control when, where, and how it is used We have models that NEVER allow the key to be exported (sometimes even for backup) They Perform Cryptographic Operations on those Keys- sometime very fast (acceleration) Since most of the asymmetric crypto operations are very computationally expensive- the HSM needs to perform them quickly They come in a variety of form factors Attached to a network Embedded in a Server Portable Password Authenticated or 2 factor Authenticated They offer different programming interfaces PKCS11, JCE, CAPI They are devices for keeping keys in hardware- making the keys secure Since the Keys underpin all the security mechanisms discussed- it is important that they are kept secure Keeping a Key in Hardware means that you can control when, where, and how it is used We have models that NEVER allow the key to be exported (sometimes even for backup) They Perform Cryptographic Operations on those Keys- sometime very fast (acceleration) Since most of the asymmetric crypto operations are very computationally expensive- the HSM needs to perform them quickly They come in a variety of form factors Attached to a network Embedded in a Server Portable Password Authenticated or 2 factor Authenticated They offer different programming interfaces PKCS11, JCE, CAPI

    7. How are Digital IDs, PKI and HSMs Used?

    8. Types of HSMs Embedded HSMs Network HSMs Application Security Modules

    9. Embedded HSMs

    10. Network HSMs

    11. Application Security Modules

    12. What is a High Assurance HSM? Keys Always in Hardware True Trusted Path Authentication Premium Certifications

    13. SafeNet Advantage: 3 Layers of HW Security Safenet built its products as the basis for protecting customers vital keys. No other vendor has the ability to protect keys in FIPS validated hardware SafeNet uses a 3 layer security model as the basis for designing hardware systems The First layer is software security which is primarily concerned with maintaining the integrity of the software execution environment. Specifically, the goal of this layer ,via 3DES encryption technology, is to create an isolation barrier around the software environment such that it is difficult or impossible to introduce any rogue code The Second layer is the operational security layer which is concerned with the procedures and mechanisms that are used to authenticate and control the access to the system. In particular this layer addresses the problem of legitimate users engaging in illegitimate activity by limiting access control via a Pin Entry Device which is similar to the procedure to operate a nuclear submarine The Third layer hardware security includes a tamper proof hardware device to create a physical isolation barrier required to defend against all forms of physical attack. In addition, unlike other HSM vendors, SafeNet always stores the private keys in hardware! Safenet built its products as the basis for protecting customers vital keys. No other vendor has the ability to protect keys in FIPS validated hardware SafeNet uses a 3 layer security model as the basis for designing hardware systems The First layer is software security which is primarily concerned with maintaining the integrity of the software execution environment. Specifically, the goal of this layer ,via 3DES encryption technology, is to create an isolation barrier around the software environment such that it is difficult or impossible to introduce any rogue code The Second layer is the operational security layer which is concerned with the procedures and mechanisms that are used to authenticate and control the access to the system. In particular this layer addresses the problem of legitimate users engaging in illegitimate activity by limiting access control via a Pin Entry Device which is similar to the procedure to operate a nuclear submarine The Third layer hardware security includes a tamper proof hardware device to create a physical isolation barrier required to defend against all forms of physical attack. In addition, unlike other HSM vendors, SafeNet always stores the private keys in hardware!

    14. Luna Advantage: Multi-Person Authenticated Access This is an example of dual access control in grant operation for the keys on a Luna Product. In the real world, we will typically see customers use a minimum of 3 people who have to come together to log into our device to allow access to the keys for using the keys on the HSM. The Operational Security model Depends on 2-factor authentication as a minimum For enhanced security to protect against a single-person attack by someone with legitimate 2-factor credentials, need to use multi-person authentication In this case, the server will not grant admin access until the the minimum number of security operators have been authenticated Once the server has granted admin access, every action is logged and signed showing which authenticated operator performed which operation. These 3 mechanisms: provide a strong combination of access control and deterrent as barriers to would-be attackers.This is an example of dual access control in grant operation for the keys on a Luna Product. In the real world, we will typically see customers use a minimum of 3 people who have to come together to log into our device to allow access to the keys for using the keys on the HSM. The Operational Security model Depends on 2-factor authentication as a minimum For enhanced security to protect against a single-person attack by someone with legitimate 2-factor credentials, need to use multi-person authentication In this case, the server will not grant admin access until the the minimum number of security operators have been authenticated Once the server has granted admin access, every action is logged and signed showing which authenticated operator performed which operation. These 3 mechanisms: provide a strong combination of access control and deterrent as barriers to would-be attackers.

    15. PC Keyboard is not a Trusted Path

    16. HSM Certifications NIST FIPS Certificates, see: http://csrc.nist.gov/cryptval/140-1/1401vend.htm Certificates include: 8, 29, 38, 39, 56, 57, 58, 168, 173, 214, 215, 216, 217, 218, 220, 270, 375, 436 Domus is our certification laboratory for FIPS certifications Common Criteria EAL 4+ Certificate, see: http://niap.nist.gov/cc-scheme/vpl/vpl_type.html or http://www.commoncriteriaportal.org/public/expert/index.php?menu=9&orderindex=1&showcatagories=-33 Electronic Warfare Associates (EWA) Canada was the certification body for Common Criteria Digital Signature Law Validation

    17. How are HSMs Used for PKI? Protect Root keys Issue Keys to Sub CAs, Servers and Users Sign transactions Offload crypto operations A few real world examples Keys in HW- Keys in HW Embedded Java apps Keys in HW- Keys in HW Embedded Java apps

    18. HSMs: High-Availability and Disaster Recovery In this example, Luna CA3 is used as the HSM for PKI root key protection in a High Availability configuration with Disaster Recovery and additional keys stored securely in a safe. The customer would require several systems for hardware security throughout the infrastructure. We do have many joint customer today using this exact configuration. In this example, Luna CA3 is used as the HSM for PKI root key protection in a High Availability configuration with Disaster Recovery and additional keys stored securely in a safe. The customer would require several systems for hardware security throughout the infrastructure. We do have many joint customer today using this exact configuration.

    19. Securing Banking Transactions No matter the organizations size, there is a security solution that will workNo matter the organizations size, there is a security solution that will work

    20. Example - Manufacturing with PKI- IP Phones

    21. Toolkits

    22. What to look for in an HSM? Certified by Standards Bodies Performance Level of security Auditability Ease of integration Ease of management Flexibility in use Scalability (multiple partitions) High Availability & Disaster Recovery Keys in always in hardware Keys in HW- Keys in HW Embedded Java apps Keys in HW- Keys in HW Embedded Java apps

    23. Best Practices for Hardware Security Modules

    24. SafeNet Strongest HSM Offering Global and Stable organization: 25 years in security Broadest HSM product Suite from USB to Network Attached Best Toolkit offering featuring: Well documented APIs: OpenSSL, XML, PKCS#11, Java, CAPI A Software Emulation HSM for development PPO and Java environments to host and secure code as well as Keys Global F1000 trust SafeNet HSM to: Secure their 3rd Party Applications Develop on for their own security applications Deploy in house and in untrusted environments

    25. Contact Details Dave Madden, Business Development Safenet Inc. 613-221-5016 dmadden@safenet-inc.com www.safenet-inc.com

More Related