1 An innovative Policy-based Cross Certification methodology for Public Key Infrastructures V.Casola, A.Mazzeo, N.Mazzocca, M. Rak University of Naples.

1

An innovative Policy-based Cross Certification methodology

for Public Key Infrastructures

V.Casola, A.Mazzeo, N.Mazzocca, M. Rak

University of Naples “Federico II”, Italy

2

Outline

Motivation:– Cross-certification as a policy evaluation issue.

The proposed approach to automate policy evaluation:

– A quantitative approach to evaluate security through policies,

– A methodology to build a Reference Evaluation Model to compare and evaluate policies.

The REM components. Methodology applicability through case studies. Conclusions and Future Works.

3

Motivation

Certificate policies in PKI are widely used to expresses the set of practices a CA enforces for certificates management.

Different CAs need to reach an explicit agreement in order to extend

trust among each other (cross certification).

The cross-certification is based on manual evaluation of the involved policies and mutual agreement from experts of the two CAs.

This process is not automatic and often ambiguous and expensive (it requires technical and organizational people to reach an agreement); In the cooperation of different un-trusted domains services do not have

the possibility to cooperate until an off-line agreement has been reached.

4

Methodology – target and applicability context

We have defined a Methodology to: – Express security through a semi-formal and not

ambiguous policy ; – Evaluate the security level that a security

infrastructure is able to guarantee by comparing its policy against a Reference Evaluation Model.

5

Methodology core – the REM

The methodology core is the REM definition:

REM = <Formalization, Technique, Reference Levels>

These components address the following needs:1. policies should be described in a rigorous way in order to

(automatically) compare different security policies. The REM should propose a formalization to translate informal policies in a way suitable for the adopted technique.

2. How to quantify the system security? The REM should define evaluation techniques and a security metrics.

3. Usually a CA expresses security through a set of "security levels" which are related to different classes of certificates. The REM should help in defining this levels, and in assigning a given level to a policy.

6

The REM components

[Formalization] represents the formal (semi-formal) representation of the policy. The chosen formalization will affect final evaluation, and will be built by taking into account the adopted PKI architecture for the evaluation;

[Technique] represents the evaluation technique that can be applied to compare policies; the evaluation technique strictly depends on the policy formal representation.

[Reference Levels] are instances of policies, which represent different security levels. This REM component is optional, because not always the evaluation will be expressed in terms of security levels.

7

Policy Formalization (1)

Policy formalization needs to be:Not ambiguous, (this is a problem for high level languages –

semantically reach),Correct respect to the described system,Complete !!!

RFC3647 is widely used to write a policy. We have chosen its main provisions and its tree structure for the first steps of our formalization.

Textual provisions have been refined in a more fine-grain and a grammar of enumerative data-types has been proposed, so reducing semantical complexity

8

Policy Formalization (2)

The defined data-structures are new atomic or enumerative types and a total order relation among their values has been defined;

We have associated a Local Security Level to each provision instance.

Example:

Data-type: Key Protection mechanism

Ordered values :

No Protection < Protection on Floppy < Protection on Smart Card < Protection on Smart Card with Biometric Sensor

9

Policy Formalization (3)

The proposed structure is a hierarchical tree represented by an XML document;

Tree nodes identify complex security provisions, leaves identify simple security provisions.

O pe r ation alR e qu ir e m e n ts

C e r t if ic a t eSuspe nsio nR e v o c a t io n

<P ub licatio nR e p o s ito ry> <P ub licatio nC A Info rm atio n>… .....< /P ub licatio nC A Info rm atio n> <F re q ue ncyP ub licatio n>

< P o licyIssuance F re q ue ncy>… ...< / P o licyIssuance F re q ue ncy>< P ub lishe d C e rtif icate Issuance F re q ue ncy>… ...

< / P ub lishe d C e rtif icate Issuance F re q ue ncy>< C R L Issuance F re q ue ncy>… .....

< F re q ue ncyD ay>… .......< / F re q ue ncyD ay > < F re q ue ncyHo urs >… .....< / F re q ue ncyHo urs > < F re q ue ncyMinute s >… ...< / F re q ue ncyMinute s > < F re q ue ncyS e co nd s >… ...< / F re q ue ncyS e co nd s > < / C R L Issuance F re q ue ncy></F re q ue ncyP ub licatio n>… ........< /P ub licatio nR e p o s ito ry>

10

Evaluation Techniques

We have introduced two different evaluation techniques:

The first one is based on fuzzy theory to represent and evaluate policies.

The second technique is based on the definition of a metric policy space and a distance criterium by which we could represent policies and compare different policies.

11

The Fuzzy Technique - 1

All provisions of the policy are translated into a fuzzy judgment which expresses the Local Security Level of each provision;

A fuzzy judgment can be represented by a pair (p,s), where p is the ordinal position of the label in the chosen scale of judgment and s is the number of labels considered by the scale i.e. the number of LSL for that provision.

The pairs are translated into fuzzy numbers with triangular shapes characterized by these points:

1,

1

1,

1

2

s

px

s

px

s

px RML

12

The Fuzzy Technique - 2

A policy is characterized by the aggregation of fuzzy judgments on structured provisions through the OFNWA (Ordered Fuzzy Number Weighted Averaging) aggregation technique.

The result of aggregation is the global judgment of the policy and it is a fuzzy number, too.

It is represented by a triangular membership function, where xM expresses the Global Security Level of the policy under evaluation while the distance between xL and xR gives a measure of the evaluation uncertainty. Fig. 2655 Target Ppolicy level evaluation

orness variable graphics

uncertainty

GSL

13

The metrical space Technique - 1

• After the policy formalization, each provision is represented by an enumerative data-type; the type-values are ordered.

• The policy space is made homogeneous thanks to threshold functions (F-functions) which allow to associate a Local Security Level to each provision;

• The policy space is represented by a n x 4 matrix;

• The distance criterium for the definition of the metric space is the Euclidean distance among matrices, defined as:

d(A,B) = √( σ (A-B,A-B)) where σ (A,B) = Tr (ABT)

14

The metrical space Technique: the policy matrix

The policy space is represented by a n x 4 matrix (total number of provisions for the number of Local Security Levels)

Revocation request grace period

1 1 1 0

CRL issuance frequency 1 1 1 0

CRL checking requirements 1 1 1 0

Site location, construction and physical access

1 1 0 0

CA trusted roles 1 1 1 0

LRA trusted roles 1 1 0 0

15

Reference Levels

The last component of the REM is the set of reference security levels that could be used as a reference scale for the numerical evaluation of security.

Note that when references are not available, the REM is used for direct comparison among two or more policies.

Example: evaluation of the 4 security levels for the Government of Canada PKI

16

The reference levels and the metric function

Evaluation of the 4 security levels for the Government of Canada PKI with the metrical technique

if dX0 ≤ d10 ==> LPX = L0,

if d10 < dX0 < d20 ==> LPX = L1,

if d20 < dX0 < d30 ==> LPX = L2,

if d30 < dX0 < d40 ==> LPX = L3,

if d40 ≤ dX0 ==> LPX = L4,

d10 = d(GofC1, ) = 7,07

d20 = d(GofC2, ) = 11,18

d30 = d(GofC3, ) = 12

d40 = d(GofC4, ) = 12,65

The metric function for the evaluation of the GSL of Px

17

Fuzzy technique is very flexible and easy to use; it gives as a result a judgment and some parameters on which the evaluator could play to locate critical points thanks to a graphical representation of orness-variable results.

Metrical space technique gives as a result a number; it is helpful when a root-CA needs to associate a leaf-CA to a certain security level number.

Techniques comparison

18

CASE 1:Example of Fuzzy Formalization

An evaluation graph: each provision is structured and expressed by a fuzzy judgement.

Aggregation takes in count: the structure, the judgements and different weights.

19

Application of the Fuzzy technique

The target policyPolicy evaluation

20

CASE 2:Example of matrix representation

21

Application of the metrical technique

References

d10 = d(GofC1, ) = 7,07

d20 = d(GofC2, ) = 11,18

d30 = d(GofC3, ) = 12

d40 = d(GofC4, ) = 12,65

Target policy evaluation:

d(CT, ) = 149 e

d30 < d(CT, ) < d40

so:

LCT = L3.

22

Conclusions and…

The Cross Certification process is based on the evaluation of Certificate policies;

We have proposed a methodology to automatically evaluate and compare security policies;

The core of the methodology is the evaluation technique with which we could represent formalized policies and evaluate them against some reference security levels;

23

… Future Works

We are actually working on the assessment of the methodology, in particular:– implementation of an automatic evaluator system

to apply the methodology in un-trusted domains;– Application of the methodology in different stages

of a system development;– Application of the methodology for Service Level

Agreement (SLA) in cooperative services.