White Paper: PGP Key Management Server from Symantec

Transcription

1 An Introduction to PGP Key Management Server from Symantec

2

3 White Paper: PGP Key Management Server from Symantec An Introduction to PGP Key Management Server from Symantec Contents Overview Administrative responsibilities for encryption keys The Problem of complexity and cost A New Approach Enterprise Key Management Why is enterprise key management different? Managing multiple key types Managing different trust models Managing different applications Enterprise Key Management Services Discovery Lifecycle Management Provisioning Policy enforcement Auditing and reporting Storage Where to Get Started Certificate Management Data Encryption Project Identity Management Setting up the infrastructure to support strong credentials Single sign-on with strong authentication Conclusion Glossary

4 Overview The evolution of information systems brings about a similar growth in the deployment of data protection technologies. In the past, such protections were metaphorically similar to physical security practices namely setting up secure perimeters with the digital equivalent of a chain link fence. As computer threats continue to evolve, and the changing notion on whether data centers even exist within the perimeter, modern perspectives point to the need to protect data across the computing stack, no matter where it exists or where it may travel. It means thinking about how encryption applies from the network layer to the data layer and everything in between. Administrative responsibilities for encryption keys With all of the encryption technologies being deployed throughout the enterprise, it s easy to lose sight of the administrative responsibilities that are also part of a data protection project. It is critical to manage encryption keys in a manner that makes it possible to keep track of key policies, prevent key rotation disasters, and enable the recovery of the key Pervasive key management could should it be lost or damaged. These tasks are part of a broader set of responsibilities become a security and IT operations called key management, and can create unforeseen problems as the scope and scale nightmare. It is critical that CIOs, IT of encryption grows within the enterprise. professionals, and leading IT vendors recognize this coming storm and In fact, encryption key management can pose significant risks to an organization if prepare accordingly." implemented in a haphazard or piecemeal manner. Relative to the effort to encrypt Jon Oltsik data, key management can pose a significant administrative burden. The encryption Enterprise Strategy Group happens at a point in time and it s done, and there s software to perform the work. Pervasive Encryption and Key Key management, on the other hand, is an ongoing process that involves people, Management, March 2010 workflow, business processes, and even sometimes legal frameworks. The organization bears the responsibilities to ensure that keys are properly issued, used in appropriate places, retired when no longer needed, and sometimes recovered in cases where an unfortunate incident requires data recovery without the original key, and these responsibilities remain in place long after the encryption takes place. When a project is relatively small, key management tasks are typically addressable with existing staff. Over time, the number of new encryption projects that proliferate throughout the enterprise fragments the administrative model, which creates an emerging threat of not being able to handle administration in a consistent fashion across all systems that have key material. Without a long-term strategy on data protection paired together with a strong backbone for key management, many organizations find that their data protection plans start to suffer from common foes of long term projects: complexity and cost. The Problem of complexity and cost Complexity and cost can sink the best intentions of any project, but they are particularly formidable in the arena of data protection. The complexity side of the equation emerges from the inconsistencies of the administration model, the lack of common policy enforcement, and the inability to reconcile what is actually in production at any given time. The old saying 1

5 that you can t manage what you can t see is particularly true with key management, and multiple silos of encryption keys make visibility especially poor. The cost side is a far more subtle and dangerous opponent, because it emerges after it s too late. The cost portion of the equation starts from the growing operational expenses that come from managing keys in different places. Most organizations get blindsided by the problem because they focus primarily on the cost of acquisition for an encryption project, and fail to take into consideration how much effort and manpower it will take to keep the system in operation. Over time, the number of systems to manage grows and the fragmented administration model requires more maintenance using a fixed number of staff, then the company has already moved past the breaking point and has to either take unwise shortcuts in administration or potentially perform key management to a lower standard. Such measures provide only short term relief, because poor key management can lead to a catastrophic scenario, such as lost keys, unrecoverable data, and an uncontrolled cost problem. Figure 1 The challenge of managing many keys in a distributed environment A New Approach Enterprise Key Management Organizations preparing for a long term data protection plan require a framework and a set of tools to manage large volumes of encryption keys across the enterprise. The collective term for such a concept is known as enterprise key management, namely being able to perform the administrative activities behind key management across the company from a central location. Today, organizations take a passive stand on key management, namely using whichever system that came with the application they needed to run. If the organization needed file encryption, they purchased a file encryption product and 2

6 used whatever key management system provided. Trapped in a never ending cycle, new requirements for encryption started this process over and over again, leading to a proliferation of key management systems and the emergence of an operational nightmare. It also requires no benefits of scale, because each project requires starting the planning and deployment process for key management all over again for yet another set of keys. Why is enterprise key management different? Enterprise key management takes a new direction towards the problem of key administration by creating an infrastructure that moves past the limitations and restrictions of prior encryption key management platforms, and sets forth a new design based on supporting a wide range of keys, trust models, and applications. Managing multiple key types Organizations need to manage a number of different types of keys. These key types include asymmetric key formats (such as RSA key pairs, OpenPGP keys, and X.509 certificates) as well as various symmetric keys (such as AES keys used for encrypting hardware and devices). Another consideration is the use of non standard keys or proprietary keys, or even data objects that aren t keys (such as passphrases) but still should be protected and managed just like a key. The breadth and scope for key types is a major differentiator from the approach taken with one-off key management products. Organizations no longer need to think about the limited management abilities of application-specific key management systems, but rather how to deploy an enterprise key management system that addresses a range of key types. Managing different trust t models Not every application uses keys and certificates in the same way. For instance, an implementation of S/MIME may require certificates that are either cross certified at the root or issued from a publicly trusted CA. This is vastly different than a file transfer solution which trusts the key material of its peers, without actually having a common denominator in the trust chain. Although the PKI framework intended to support multiple applications from the same architecture, many organizations found it easier to simply deploy multiple instances of PKI rather than try to build a hierarchy that accounted for different trust models. It was too difficult to build one hierarchy that conformed to all needs, and it was easier to just deploy a new instance even though it led to a proliferation of yet another system to manage. Enterprise key management looks at how to classify various keys and certificates so that they are managed accordingly to the type of trust model required. An X.509 certificate used for internal VPN connections should probably link to an internal root, and thus an enterprise key management tracks the policy for this type of certificate and issues the certificate in an appropriate manner. An OpenPGP key used for file transfer may be needed for a particular deployment and doesn t require any kind of hierarchical trust model at all. A public facing web server needs a publicly trusted certificate in order to provide SSL connections to the end user s web browser. What s needed is a way to administer all of this material with a key management system that adapts to what s needed, and can be managed by policy and classification. Instead of prescribing architecture that sets limitations, the better approach is to adapt to the requirements of each application and deliver the key material needed, with a common administrative framework. 3

7 Managing different applications There are a broad range of applications that require cryptographic keys and certificates. Some of them are enterprise applications designed with the concept of a 3 rd party key management system (such as PKI) in mind. For custom applications, the primary integration requirement is the availability of an API or set of tools that can be accessed through the code in order to get key material from the key server. There are legacy applications that may not have native abilities to support a 3 rd party key management server, which require a different approach for integration. In the future, emerging standards on key management should provide more out-of-the-box support for a 3 rd party key management system, and there is considerable work being done in this area by groups such as IEEE, OASIS, and NIST. With enterprise key management, the concept is to provide flexibility through different integration approaches, and provide an extendable interface that can accommodate development in the standards arena. Enterprise Key Management Services PGP Key Management Server from Symantec provides a comprehensive system for managing multiple types of encryption keys for use throughout a distributed enterprise with a broad number of applications. It consists of a server that acts as the administrative point, along with a number of methods to connect, including an agent, API, and SDK. Enterprise key management starts with the premise that such an environment must be open, flexible and reusable. The design core starts with a working definition of what services an enterprise key management platform should provide uses the following model of services: Discovery Lifecycle Management Provisioning Policy Enforcement Auditing and Reporting Storage Discovery Keys and certificates are located throughout the enterprise, and only a portion of them are being tracked. Sometimes the key material is kept in well defined locations, and it s relatively simple to bring them under management. However there is often a lot of key material which is not under any sort of management, which is in production without any central oversight. The process of discovery provides an enterprise key management system with the ability to find keys that should be managed throughout the enterprise. There are two approaches that a discovery service could take. The first method of discovery services is to provide a method to oversee known existing keys throughout the environment. For instance, an existing PKI may be operating fine as it is, but it was set up some time ago and its keys may not fall in line with current security policy. By being able to synchronize with this repository to establish a common inventory and then apply common policy provides the initial step towards management. 4

8 A second method of discovery services is to find key material that is available on public facing network ports, such as X.509 certificates for SSL. For example, many organizations may not have complete views of all of the key material that exists today, but would like a better understanding of where it exists, and then bring it under management, with continuous monitoring to ensure that it stays within compliance guidelines. Lifecycle Management Keys exist in various states throughout their lifecycle. There s many ways to describe the lifecycle states, but for the purposes of discussion, a common model of the key lifecycle states is as follows: 1 Pre-Operational Prior to a key being generated, there must be an established set of policies that define how keys should be created, what workflow must be followed, and the circumstances that govern its usage. Operational The operational lifecycle defines the actual usage of a key while in production. Post-Operational A retired key should be removed from production, but it may exist in a state that it might be required under certain circumstances even though it s not longer in use. One example is document encryption, which is encrypted at one point in time but decrypted at an indeterminable time in the future. Because the information has been encrypted to a key which may have since been retired, it s critical to retain the ability to recover the key even past its retirement date. Obsolete/Destroyed Keys that are no longer in use and no longer needed may need to be destroyed properly. For example, if an archive tape is stolen, an organization may choose to destroy the key to effectively destroy the ability to recover any data on that tape. All of these steps require administrative control, workflow and policy in order to manage the keys effectively. The problem that exists today is that many organizations have multiple key management systems, each with their own definition of key lifecycle. Without being able to apply consistency to the lifecycle model, it is impossible to determine adherence to corporate standards and whether if policy is being enforced properly. Lifecycle management is also becoming an area of interest for auditors for various compliance requirements. For example, PCI lists requirements for key management and key rotation policies. PGP Key Management Server provides a common model for establishing lifecycle management to manage all types of keys in the enterprise, including symmetric, asymmetric and proprietary. Provisioning A key, by itself, is not usable until it is delivered to a consumer (in this context, a consumer is an application or user that needs key material) that requires it, yet most key management systems do not provide the functions to automate the process. Installing a certificate, checking its expiration and rotating it at some point in the future all require manual effort. Such dependencies on end users can lead to unfortunate mistakes. Despite having a well defined security policy, human error can lead to improper certificate handling and introduce risks. For example, an X.509 certificate that expires while in production leads to unforeseen downtime, even though there are people assigned to rotate the certificate and a policy in place to check the expiration on an ongoing basis. 1-Key Management Lifecycle, National Institute of Standards and Technologies, 5

9 The lack of provisioning tools also plays a factor in the adoption of various certificate based technologies such as using a certificate for 802.1x authentication to a network. The process of performing the authentication is relatively simple, but the distribution of the certificates to network client software can be a formidable challenge due to the large volume of end user desktops and difficulty training users to perform esoteric tasks related to certificate installation. A third consideration is that provisioning is necessary in order to perform real time operations on the key material. For instance, a key rotation might be set to occur on a fixed schedule, and thus in order to ensure that the key rotates at the correct time without breaking other systems requires precise synchronization. Another example is that an employee that leaves the company may need to have their rights to certain sensitive resources curtailed at a precise time, and thus the removal of the person s key or generation of a revocation may be needed to be put into effect at the proper moment. Provisioning is critical to make sure that fresh keys are always in place as prescribed by policy, and to eliminate the rigors of manual administration. This includes the ability for the client to make the server an authoritative resource that pushes keys to the clients, as well as support distributed models where the client generates the key locally and pushes the key up to the server for oversight and management purposes. Policy enforcement With thousands or even millions of cryptographic keys to manage, it s essential to have a strong system that governs policy. Policy gives organizations the ability to establish a set of operating rules that determine the proper operating state. Policy affects key management in two primary ways: Policy governing the key material Keys and certificates have a number of attributes which can affect whether or not the system is operating under a correct state. Some of the possible things that need to be checked and enforced include: key ownership, purpose of the key, algorithm, and key length. Key attributes often need to be checked in order to stay within the operating guidelines of the corporate security policy, and sometimes driven by external factors such as federal recommendations for proper key strength or new developments in cryptanalysis that drive migration to new algorithms. Policy governing lifecycle states Throughout the entire key lifecycle, there are policy decisions that must be made in order to ensure that keys and their associated cryptographic operations fall within expected behavior. For instance, one example of a policy that governs lifecycle states the requirement for key rotation. Organizations concerned or required to rotate keys on a periodic basis may need to set a policy to rotate the key within a given time frame, such as on an annual basis. Many people tend to incorrectly think of policy as being the mechanism that restricts activities. In another light, policy provides automation by taking care of administrative tasks that normally would have required waiting for human intervention. Using policy to make decisions where applicable, IT organizations can manage more keys with less effort. Auditing and reporting Auditing and reporting may seem like fairly straightforward requirements for any enterprise application, but are some of the key drivers behind the adoption of enterprise key management. Inconsistent methods of logging alone can make it nearly impossible to correlate events occurring in different systems. For example, let s take a common example the networking operations group stands up a PKI to provide certificates for VPN authentication, and the IT operations group has a PKI set up for providing certificates for secure . Both systems should operate within the corporate security 6

10 policy, but it s impossible to verify that the security policy matches reality without conducting an audit of each system and correlating their reports. A better approach to auditing and reporting starts with establishing a central location to track key management events. This location gathers the events occurring for key material used throughout the enterprise, and provides an audit point for an organization to get a complete view on what s occurring throughout the company. The problem with point products is that too much of the key material existed in different places with different levels of reporting. The use of enterprise key management brings the administrative and reporting focus back to a central location. One of the reasons that such a service is critical stems from the requirement to demonstrate ongoing compliance to an auditor. While deploying encryption is part of the initial thrust of meeting a compliance requirement, there are typically ongoing audits in place to ensure correct operation, with key handling being one of those audit points. Enterprise key management can alleviate the pain from having too much encryption and not enough central administration and reporting. Storage The final cornerstone of a key management environment is storage, which is often a misunderstood because in the past, many vendors tended to associate key management solely as a storage location for keys. Modern approaches to key management see storage as being an important but not the sole component for proper administration. Storage is important because any database of keys must be managed in a secure fashion. The standard method of architecting a solution is to build out the key management environment and set up the server environment in a fashion that minimizes exposure to potential threats. This can be done by first establishing appropriate perimeters and clustering configurations, but extends out further to address how to partition a database to protect keys. A second aspect of database configuration is to take advantage of other protections available as needed. In particularly secure areas such as financial services and government organizations, hardware security modules (HSMs) are a popular choice to protect key material. These boxes secure the keys from external threats by using hardware to provide additional layers of protection. PGP Key Management Server provides support for popular models of HSMs. Another service for storage is the ability to protect keys through a consistent model for access controls. With multiple key management silos, it is difficult to actually check whether each key has proper controls preventing unauthorized access. Using PGP Key Management Server, organizations can monitor access controls from a central location to make sure that all keys stay safe. A final aspect of storage is the ability to recover keys in a controlled manner. This process is known as key recovery, and it s especially important when considering the possible nightmare scenario of needing to recover data and the original key is no longer available. Such a scenario can occur when the original owner loses the key inadvertently, or even if the owner may not be cooperating, such as when the person is under investigation. Knowing how keys can be recovered and having a well defined process for doing so in a controlled manner is thus an essential service for enterprises. 7

11 Where to Get Started Because encryption may be used in a number of places, it may be difficult to pick a place to start the process for getting keys under control. The decision process varies from one organization to another, but the following information provides some common scenarios and projects that provide a good starting point. Certificate Management X.509 certificate management requires a lot of manual effort, and as a result it can be difficult ensuring that all certificates get processed through their lifecycle and none get left behind. One especially troublesome area is the handling of a certificate expiration, which can lead to downtime if the expiration occurs while the certificate is in production. Organizations looking to improve the quality of their certificate management, either in conjunction with an existing PKI or in lieu of deploying one, should take a look at using PGP Key Management Server to handle the responsibilities of lifecycle management. Certificate issuance is particularly challenging for organizations using any of the following services: Examples of technologies which require user certificates: Strong authentication to network services VPN 802.1x SSL/TLS mutual authentication Certificates for smart card identification Employee identification cards USB Authentication Tokens Certificates for digital signatures PDF Signing Code Signing Let s take the example of X.509 certificate management for SSL. X.509 certificates may be used throughout an enterprise, starting with secure web portals and extending out anywhere a secure network communication is necessary. For instance, in financial processing environments, many organizations use X.509 certificates to establish point to point connections to keep the network traffic encrypted. X.509 certificates deployed in such a fashion need to have their expiration tracked carefully, because an expired cert can no longer be trusted and thus systems go offline. Unfortunately, many organizations simply make lists of the certificates in a large spreadsheet and hope that the system administrator changes the expired certificate in time. As the size of the rollout grows, such spreadsheets become unwieldy due to the number of certificates to track, and the growing fragmentation over whether one person has access to all the system that need to be updated. In large organizations, it s more likely that each business unit retains some level of autonomy and there s no clear line of visibility 8

12 to check where the certificates are located and if they are operating within the expected lifetime of the certificate expiration date. A better approach is to use key management to handle the administrative details and to automatically perform updates of the certificates. After determining where the certificates exist, PGP Key Management Server tracks the certificate expiration and monitors the state of the certificate to ensure that it is within policy and updated prior to expiration. In order to maintain the environment, the provisioning tools can be configured to deliver new certificates as the expiration date draws near. Data Encryption Project For many companies, the deployment of data encryption projects usually starts with some type of encryption tool such as PGP Command Line from Symantec. Such services provide rapid deployment, because they don t require any infrastructure to start encrypting information. As these products get integrated into business processes, they start to become critical towards the exchange of information both internally (such as delivering a batch of order transactions from the mainframe to shipping s CRM software), as well as to business partners (such as delivering credit card transactions to a transaction processing agency). Over time, the use of local key rings and locally hosted keys can make the growth of such projects difficult to manage, because as the number of keys grows, so does the number of systems that need to be managed on an ongoing basis. Compounding the problem is the introduction of compliance guidelines that specify key rotation intervals, which can be difficult to coordinate with locally hosted keys. PGP Key Management Server provides management of the keys from a central location even though the instances of the encryption tool may exist throughout the enterprise. For instance, with PGP Command Line, a business unit retains the autonomy to encrypt all the information it normally does but it uses keys retrieved from the PGP Key Management Server, thus meeting the requirements for central administration, enforcement of policy and central methods for key recovery. The same principles apply to other areas of encryption, such as organizations that may be building custom applications, or even using tools for data layer encryption. The application itself can continue to perform the encryption operations that it normally does, but takes advantage of the key services provides by PGP Key Management Server. Identity Management Identity management is an area of great interest to many IT organizations today, both large and small. The concept of establishing a central location to identify users amongst multiple applications and control access to resources is compelling because it creates a central administration point to manage resources. Most organizations start an identity management project by first taking a look at how identity representations (identifiers) appear in multiple applications, and start to bring together how such identifiers need to be administered and provisioned. A second strong usage scenario is the addition of single sign on technology to provide a single authentication in order to access resources in different applications and security domains. This is typically done through the use of server-side authentication technologies, such as web-single sign-on, and federated identity, as well as providing access to desktop applications by auto-populating credentials through enterprise single sign-on. 9

13 Identity management provisioning systems provide the means to deliver consistency, both through how administrative tasks get done (adding a user, modifying attributes, resetting passwords, deleting a user) as well as providing a clean view of what applications to which the user may access. During the process of establishing an identity management provisioning project, organizations should consider the roll out of an enterprise key management project. Here are two examples: Setting up the infrastructure to support strong credentials One of the primary barriers towards the adoption of many strong security practices lies not with the technology but rather the processes and administration around the deployment of the certificates. In fact, many organizations choose not to use strong security due to the difficulty of getting certificates out to their user population. By deploying enterprise key management to handle the distribution of certificates in conjunction with a provisioning system can help make various security projects easier to manage in the future. These certificates are especially important should an organization be thinking about how to take advantage of strong authentication, digital signature or encryption services enabled through X.509 certificates. One example of such a project is the deployment of an identity management project to manage employee identification smart cards or electronic passports embedded with an X.509 certificate. Single sign-on with strong authentication Single sign-on projects provide a number of benefits to simplifying the security model and improving end user satisfaction. Yet the problem of unauthorized access from a stolen password remains and poses a significant risk because of the greater number of resources available to the intruder. The better approach to authentication is to use strong authentication with an X.509 certificate. It makes sense to make the first authentication to a single sign-on project as secure as possible, and the X.509 based authentication provides a number of benefits over a password-based authentication, including the ability to defend against impersonation, prevent a phishing or man in the middle attack, and improve ease of use by using shorter passphrases. Conclusion In summary, this paper provides an introduction to the concept of enterprise key management and how PGP Key Management Server can start the process for solving some of the common problems that enterprises face. PGP Key Management Server uses architcture with six core design elements: Discovery to integrate and locate key material in existing repositories Lifecycle Management to ensure that keys that exist in various states are managed appropriately Provisioning to deliver keys to the applications and devices Policy Enforcement to establish a central location for policies associated with keys Auditing and Reporting for better visibility on the state of keys in various locations Storage to protect the keys, establish proper access controls, and provide consistent key recovery processes 10

14 Because of the implications of a key management problem, many organizations recognize the need but do not know where to start. By starting with smaller projects and expanding the scope of the deployment over time, an IT organization can define measurable parameters for success and build on top of that foundation to address future concerns. These are just a subset of the ways that companies can start their strategy, but the most important element is to start developing a long term plan for protecting data, and then use the PGP Key Management Server to provide the tools to support the encryption needed for the future. To get started with a key management project, consult with a PGP sales professional for practical advice on how to successfully plan and build the infrastructure needed for large scale encryption. 11

15 Glossary

16

17 About Symantec Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Headquartered in Mountain View, Calif., Symantec has operations in 40 countries. More information is available at For specific country offices and contact numbers, please visit our website. Symantec World Headquarters 350 Ellis St. Mountain View, CA USA +1 (650) (800) Copyright 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 12/