Use of Public-Key Infrastructure (PKI) Erik Andersen Association for the Directory Information and Related Search Industry (EIDQ - .

Use of Public-Key Infrastructure (PKI)

Erik Andersen

Association for the Directory Information and RelatedSearch Industry (EIDQ - http://www.eidq.org )

Andersen's L-Service consultancy

Rapporteur for Directory services, Directory systems, and public-key/attribute certificates

[email protected]

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 1

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 2

Where it all starts

What to cover

Introduction to basic PKI principles

Use of PKI within Identity Management

Use of PKI for IP Security (IPSec)

Use of PKI for RFID identification

Use of PKI within cloud computing

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 3

Public-key Certificates

A public-key certificate providesthe binding between a name and a public key for a user for a given period and is issued andconfirmed by a CertificationAuthority (CA).

Public-key certificate

Name of userPublic key

Signed by Certification Authority (CA)

The public-key certificate is thebasic concept for public-keyinfrastructure (PKI).

Can I trust a certificate?A certificate may have expiredThe corresponding private key may be compromisedThe CA policy for issuing certificates may not be satisfactoryA certificate my be a forgery as the CA's private key may be compromisedEtc.

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 5

Public-Key Infrastructure (PKI)

PKI is an infrastructure for checking the validity or quality of a presented public-key certificateA PKI consists of a number of interworking componentsSomewhere there must be a trust anchor

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 6

Security is about Trust!

Relationship with IdM (Identity proofing)

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 7

Name of userPublic key

Pointer to policy

Name to be verified by the Certification Authority or Registration Authority

UniquenessProof of identityLegal right to nameLevel of verification depending on use of certificatePart of Identity Management (IdM)Guidelines provided byITU-T SG 17 IdM groupCA Browser ForumETSI ESI activity

Rules may be expressed in a Certificate Policy document

Public-key certificate

IP Security (IPsec)

Specified in RFC 4301

Provides end-to-end protection for all applications using this end-to-end connection

Uses shared cryptographic keys for authentication, integrity, and confidentiality of data

Uses Internet Key Exchange (IKE) for establishing shared keys (security association) - RFC 5996

Diffie-Hellman key exchange is used by IKE for that purpose (RFC 3526)

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 8

Problem using Internet Key Exchange without PKI

Geneva, 6-7 December 2010 Addressing security challenges on a global scale

Diffie-Hellman key exchange

AliceBob

AliceBob ”Man-in-the-middle”

Diffie-Hellmankey exchange

Diffie-Hellmankey exchange

Using Internet Key Exchange with PKI

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 10

Diffie-Hellman key exchangeusing digital signature and optionally

certificate information

AliceBob

A man-in-the-middle will be detected!

Radio-Frequency Identification -

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 11

Directory infrastructure

RFIDtag

RFIDreader

Clientsystem

The RFID tag contains information, including a unique identityThe unique identity is used access information associated with the tag

Protecting RFID information

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 12

Pharmaceutical drugsfrom Counterfeit Drugs Inc.

RFID tag says:Pharmaceutical drugs from Roche Ltd.

RFID tagUnique identity

Information

Signature over essential information

Signature produced by private key of vendor (tag creator)Signature not produced using Roche’s private keySignature checked using Rotch’s public keySignature check fails

Radio-Frequency Identification (RFID)

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 13

Directory infrastructure

RFIDtag

RFIDreader

Clientsystem

IdentifierSigned Info

Search using identifier as search criterion

Certificate information

Other Information

Authentication and authority for Cloud Computing

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 14

Name of userPublic key

Privileges

Generally of importanceCheck of identityCheck of privileges

Even of greater importance for Cloud ComputingA Public-key certificate may contain privilege informationAlternatively, an attribute certificate may be used

Public-key certificate

Privileges

Attributecertificate

Identity and privilege issues for hybrid clouds

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 15

Private Private CloudCloud Public Public

CloudCloud

Hybrid CloudHybrid Cloud

CloudCloud

Clouds with multiple service providers/hybrid clouds: Different privilegesdifferent identitiesdanger of complex key management

Authentication and authority for Cloud Computing

ITU-T Study Group 17, Question 11 has the issue on its to-do listIt has relationship with Identity ManagementOne solution may be use of attribute certificatesAttribute certificate:Used for assigning privileges to user

Points to user , e.g., by pointer to user's public-key certificate

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 16

Geneva, 6-7 December 2010 Addressing security challenges on a global scale 17

END