nexus PKI Solution Brief nexus PKI

Transcription

1 Public Key Infrastructure (PKI) protects business critical information, communication and IT processes against threats like unauthorized access, data leakage, espionage, identity theft and fraud, and denial of service. PKI technology leader nexus provides world-class solutions for the issuing, validation and delegated lifecycle management of PKI-based identities for internal, Internet and cloud users, and for technical components; for all industries, critical infrastructures and service providers; on any scale. Public Key Infrastructure Public Key Infrastructure (PKI) is the world s most generic, most scalable and most interoperable security technology that provides digital identities (certificates) for users people and devices of information and communication systems. Users can use their digital identities for various purposes, such as authentication, digital signature and encryption. In a PKI, each user is assigned a key pair and a certificate. A key is a piece of digital data used for cryptographic operations, like signing or encrypting. The user s unique key pair consists of a private key and a public key. The private key is secret and is stored only on the user s device (smart card, computer, phone or other). It is computationally infeasible to find out the private key corresponding to a public key, so that the it can be made publicly known. The public key is combined with the user s identity data and validity information in a certificate, which serves as the user s digital identity card. The Certificate Authority (CA) digitally What is a digital certificate? A digital certificate comprises: the certificate owner s identity data, the certificate owner s unique public key, the certificate validity period, and the digital signature of the Certificate Authority. 1

2 Security services supported by PKI: User authentication Data origin authentication Data integrity protection Non-repudiation Confidentiality signs and publishes the certificate. The CA signature approves the user s ownership of the public key and the corresponding private key. User authentication For user authentication, the validating or relying party (e.g. a device or service that the user wants to log in to) sends a piece of random challenge data to the user. In turn, the user s device digitally signs the challenge, i.e. combines it with the private key according to a signature algorithm. The signature is unique with respect to the private key, so that only the user can create the signature for the challenge. With the help of the public key in the user s certificate, the relying party can verify if the challenge was indeed signed with the corresponding private key. If so, the user is successfully authenticated. The challenge is changed for every authentication operation to prevent replay attacks. Digital signatures A digital signature provides evidence that the signed data originates from the certificate owner. The digital signature is created and verified in the same way as for authentication, except that useful data is signed in place of a random challenge. Since signing is a one-way function, it is not feasible to find other data that result in the same signature. Therefore, it is practically impossible to falsify the signed data and so, the integrity of the data is protected. The uniqueness of the signature with respect to the user and the integrity of the signed data are the basis for legally 2

3 valid non-repudiation electronic signatures. Encryption Encryption of data is performed with the help of the public key in a user s certificate according to an encryption algorithm. Encrypted data can be decrypted only with the help of the corresponding private key, which is in control of the certificate owner. Without knowing the private key, it is infeasible to recover the data. In this way, confidentiality of the data is protected. Meeting the needs of modern id Management Scalability Scalability is the biggest advantage of PKI compared to other authentication techniques. Scalability is based on the following characteristics: Only a piece of public information (the public key) is needed for validation, which makes it possible to decouple identity issuing from identity validation without secure processes for distributing secret system information and without the remaining security risk of sharing such in various systems. Due to this, validation can be delegated to any organization other than the CA, and even to the end users; while the security of the credentials (i.e. of the private keys) remains unaffected. The CA signs the user certificates so that their authenticity can be verified by the relying party. Therefore, the user certi- 3

4 ficates can be stored in or transferred over unsafe facilities, typically in X.500/LDAP compliant directory servers. To verify the authenticity of user certificates, the validating party only needs an authentic copy of the CA s certificate, also called the trust anchor. In this way, the CA certificate can provide trust in certificates of an arbitrary and constantly changing number of users. CA certificates themselves can be signed by another CA to build a trust hierarchy and further increase scalability. CAs can cross-certify CAs in other hierarchies, establishing trust in this way among different CA hierarchies, so called PKI islands. Security Security of PKI is based on public key cryptography, one of the greatest inventions of 20th century s mathematics research. Public key algorithms and protocols are analysed by a broad research community and this is the best possible security guarantee. PKI s key feature is that it needs no system secret to be shared among validation authorities and end user devices for the sake of mutual validation of the credentials. This makes it not only practically, but theoretically safe against key compromise attacks on production or validation systems, which have caused large 4

5 damages in recent times to customers and vendors of symmetric key based RFID and OTP authentication tokens. Compared to symmetric key based systems, updating system keys (system key roll-over) is simpler: only the authenticity, not the secrecy, of the system key (i.e. of the public key) has to be ensured in the distribution process, which can be achieved in many different ways, including with the help of out-of-the-band mechanisms, like official publication of fingerprints. Lifecycle information Lifecycle information is a built-in feature of PKI. Each certificate has a validity period encoded in the certificate which is checked by the validating party. In addition to that, certificates can be revoked, if the private key is compromised or not needed for other reasons. There are standardized ways for the relying party to ascertain the revocation status of a certificate: either over a revocation list (CRL) that is typically published in a directory, or over an OCSP (Online Certificate Status Protocol) service. Identity federation Identity federation is the capability of systems to exchange and combine user identity data across systems and organizations. Certificates hold user identity data in the standardized form of X.501 directory attributes (the user data representation in LDAP A Certificate Revocation List contains: The name of the issuing CA, CRL serial number, CRL validity period, time of next CRL publication, a list of revoked certificates, including: the digital signature of the CA. certificate serial number, revocation reason (compromise or other), revocation time, and 5

6 type of directories) and can in this way carry user information across systems in an inter-operable form. Typical PKI use cases Device infrastructures PKI is traditionally used for SSL/TLS and IPSec security in virtual private networks (VPN), firewalls, routers and other networking products. The new LTE standard for broadband mobile Internet services mandates PKI-secured communication along the landline connections of the mobile network. PKI secures communication in many other types of technical infrastructures, like between electronic travel documents and trusted document readers (epass, eid) or in smart metering systems. Enterprise PKI PKI is broadly used in standard applications that most organization use for smart card desktop login, enterprise single sign-on (SSO), client-server SSL/TLS communication, and document signing and encryption, machine authentication in the corporate network or VPN security. Secure (online) banking Smart cards provide strong two-factor authentication in applications that carry out high value transactions and/or are exposed to the Internet, and are therefore in the focus of cyber-crime. Many other public online services are protected with strong PKI-based authentication, when the high value or the legal relevance of the transactions requires. Electronic identity Several countries, large banks and telecom operators have introduced electronic identities (eid) for their end customers. These eids can be used for user authentication and legal nonrepudiation signatures, and are widely recognized in various application contexts (e.g. citizen services, online banking, Internet-retail) even across country borders. 6

7 Legal signatures and long-term validation Electronic signatures accelerate legal procedures, enable paperless processes without media breaks and improve user comfort and business economy. In European countries, electronic signatures are recognized by the legislation as legally valid provided that the corresponding eid is a qualified certificate, i.e. provides the highest level of assurance of the user identity. Signed legal documents must remain verifiable over a long period of time (10 30 years). In order for long-term validation, so-called advanced signatures have to be created, which contain in addition to the signee s electronic signature the corresponding certificate chain, revocation information and a timestamp referring to the signing time. These allow validation of the signature, even if the eid meanwhile expires or the eid issuer no longer provides revocation information. Legal signatures need to be archived in a secure long-term archive with regular timestamping of all signature content. Trust center Trust Service Providers (or Trust Centers) are high security computer centers that implement a Certificate Authority (or several of them for different business clients). Trust Centers offer high-assurance user registration, certification, revocation and revocation status information services to business clients or to private customers. To make it easy for applications to use PKI-based identities, advanced Trust Centers are gradually introducing services for validation, authentication, signatures and timestamping, which are consumed by business clients over APIs. New challenges Besides the traditional use cases, we can observe emerging new application areas and scenarios for PKI technology, as described below. 7

8 Open organisations require safe identities IT services are increasingly consumed from the cloud (e.g. SalesForce), and end users use devices (PCs, tablets, phones) and personal cloud applications (like Google) of their own choice during their daily work. At the same time, consumers expect fast, non-bureaucratic registration processes and easy access to all resources across various application contexts. These tendencies make organisations face the challenge that firewalls and VPNs no longer define the borders of the security domain, but the security domain grows over the organization s network domain and over the pool of in-house applications and computers. Such open organisations therefore need a new security strategy. Safe identification of users and devices with risk-appropriate assurance level is fundamental in such a strategy. The Internet of things More and more wide-area applications rely on mobile machineto-machine (M2M) Internet communication: facility and fleet management, transportation, traffic control, patient care. Using mobile communication, mobile units like vehicles, containers, goods can exchange information not only with a central server, 8

9 but also among each other, creating a new paradigm for mobile applications. It is anticipated that by 2020 more than 200 billion devices will be connected to the Internet, generating the majority of data traffic. Safe identification and secure communication is fundamental for the security, reliability and eventual success of M2M applications. Critical infrastructures Critical infrastructures comprise organisations and facilities in defence, finance, healthcare as well as communication, industry, transportation and supply that are inevitable for national security, i.e. the fulfilment of basic human demands and the continuity of the national economy. Critical infrastructures must be protected from manipulation, internal sabotage and denial-of-service attacks from the Internet in the age of commercial and state-organized cyber-crime and feasible cyber war scenarios. High-assurance identities and strong access control measures are relevant parts of an effective defence strategy. Economy of PKI services The value of a security technology is related either to the risk and the damage that related securities breaches may cause or to the business value that it directly produces (e.g. by replacing paper-based processes or shortening the sales process). The cost of any applied security technology must be in balance with those business risks and values. Cost efficient PKI authentication methods such as using software tokens on PCs or mobile devices can increase security of low risk online transactions significantly with tolerable costs. At the same time, legally relevant signatures or defence applications require high security smart cards, smart microsd cards or SIM cards as authentication and signing device. A trust service provider has to serve different risk levels at appropriate costs. 9

10 One-time private key (OTPK) OTPK technology offers an economical option for PKI-based digital signatures without an expensive signing device, thus making digital signatures affordable for causal usage, such as an annual tax declaration or closing an insurance contract. In this approach, a private key (an OTPK) is generated at a central signing service, which is applied for one single digital signature. Prior to signing, the user is identified with appropriate assurance level, which may be established by presenting an eid or referring to a valid contract with a telecom provider. After proper authentication the user can use the signing service. Privacy in Internet Internet communities and communities attract billions of people. A typical Internet user is a member of a few communities and consumer of commercial or free-of-charge services (like Google, Amazon or ebay). Besides the direct attack on users and credential data (Trojans, phishing, social engineering etc.) and related fraud, identity information can be misused on the Internet in various other ways too: unwanted profiling of users, commercial use of identity or profile information without the explicit agreement of the consumer, or uncontrolled access to identity data and private information over Internet services by unauthorized or unintended users. Due to frequent misuse, Internet users and national authorities are becoming more and more conscious about these security aspects. Accordingly, the demand is emerging for appropriate technologies, which helps Internet users to protect their identity and private data, possibly without limiting the quality of the services and user comfort. Anonymity One possible countermeasure against revealing identity data to untrusted services is anonymity. An electronic identity can carry a unique and random pseudonym in place of real identity 10

11 data and thus decouple the user s real identity in an application context from the context-specific digital identity. At the same time, the anonymous identity assures the business party (e.g. an online shop) about the existence of the user as legal entity. The real identity of the user can be recovered by a trusted payment service or by a court in a legal debate. Different pseudonyms can be used in different sessions and in different application contexts, so that the user cannot be recognized in different contexts to be the same user, preventing profiling or identity data collection in this way. User-centric identity management With user-centric identity management the user has a means to control what pieces of identity data that is forwarded to an application. Here, PKI may help with issuing an attribute certificate with (partial) user identity information or a statement of majority, profession or procuration on the user s demand, which can be used in a specific business context. Furthermore, the user can decide against publishing his certificates. The platform PKI expert nexus provides best-of-breed products for the issuing, Internal and external users Security Client IT and telecommunication systems and devices Industrial facilities and critical infrastructure Internet of things, M2M Smart card production Self-Service Portal Management Portal Certificate Mgmt APls Certificate Authority Key and PIN Management OCSP Responder Validation Server Timestamp Server Identity issuing and lifecycle management Core PKI functions Validation of identity claims Nexus PKI Platform 11

12 validation and delegated lifecycle management of PKI identities and credentials, which safely identify the user and support a broad range of security services, like user authentication, data origin authentication and integrity protection, data encryption and electronic signatures. The comprehensive and flexible platform provides: central, high security certificate authority and key management, web based, delegated credential issuing and lifecycle management processes, validation and timestamping services, various APIs for certificate management and validation, and a PKI security client that enables using smart card and software-based tokens on all computer and browser platforms. can retrieve end user identity data from the corporate directory or other user data sources. PKI credentials can be issued for registered users and devices in assisted or automated mode of operation. Various PKI credentials are supported: smart cards, smart USB tokens, credential files and software tokens in the host system s trust store. is designed for multi-tenancy: The same service platform can be used for multiple business clients with separation of user and management domains. Our systems are often used with CAs and respective management domains. The nexus PKI platform is scalable to any practical size and is platformagnostic. It has been proven to be high-performing and reliable in high-scale deployments with millions of credential holders. Its certified security is trusted by national trust centres and financial institutions in security critical infrastructures worldwide. Your benefits with Availability platform makes security services and relying applications available to users in a user-friendly and timeefficient way, so that high security can be implemented with no loss of working efficiency. 12

13 Self-services, multilingual support and notifications enable end users to manage their own credentials anytime, anywhere. Credential management tasks can be delegated to any roles and locations in the organisation and to business clients. Quick PIN reset, card unblocking and replacements scenarios help users in all real-life emergency situations: when smart card is lost, left at home, defect or blocked, or when PIN forgotten. Versatile authentication methods can be used to enter management and self-service portals. Usability Decades of PKI experience have boiled down to safe, simple and user-friendly credential delivery and management processes by hiding the technical depth of PKI from the users. Simplicity is the primary principle in designing credential management portals, use cases and processes. The intuitive UI is designed so that users without technical expertise can quickly learn the system and can perform the tasks in a convenient and safe way. Reminders and notifications with URL contents and onetime credentials help users to quickly perform the required actions in the systems. Manageability, economy Delegated and self-service credential management relieves IT resources. Multi-tenancy saves costs: One system can serve multiple business clients with safe separation of user and management domains. Web technology eliminates the need for client installations and upgrades. nexus offers own-developed standard software with shared maintenance costs and long-term product lifecycle. 13

14 The products are available as on-premises software with license or rental agreement, or as Software as a Service. Application support The products come with out-of-box interoperability with broadly used security applications, like desktop login, web authentication, secure , VPN security, document signing and encryption. Interoperability is compliant with international technology standards, wherever applicable. Various APIs and large degree of configuration flexibility enable integration in any identity solution and relying application. Our PKI products are platform-agnostic and come with out-of-the-box support for operating systems, database, directory, HSM and smart card products of major vendors. Compliance CommonCriteria EAL3+ certified security. Security architecture, strong two-factor authentication, rolebased access control and audibility contribute to policy compliance. Flexible role definitions and configurable authentication levels help adapting the security policy to the organisational structures and risks. User experience with nexus puts the users in focus. Usability and simplicity are our leading design principles. All credential forms are delivered in a convenient way to various user devices. Notifications remind users about due lifecycle management tasks. They can use versatile authentication methods to enter the self-service portal. The intuitive and appealing UI hides the complexity of the background processes and makes PKI manageable without expertise. 14

15 In an emergency, quick help is available at the nearest location or in the self-service portal. Why nexus nexus, PKI pioneer and technology leader with prominent customers in government, defence, banking, industry, and among certified trust service providers (trust centres) and with several million end users, has decades of PKI experience and mature, reliable technology. The nexus PKI Suite covers all components for issuing, validation and lifecycle management of PKI based credentials. High security, cost-efficient processes, user-friendliness and simplicity are our key design principles. Through a high degree of flexibility in integration and in configuration, our systems can adapt to customer requirements in various environments and scenarios. 15

16 The Suite: nexus Certificate Manager It implements the high security PKI core functions of the Certificate Authority, PIN and key management and central smart card production. Various certificate formats are supported, e.g. X.509 public key and attribute certificates and card verifiable CV certificate. nexus Credential Manager The central tool for implementing efficient and user-friendly credential issuing and lifecycle management processes in an organisation with delegation and self-service capabilities. Certificates and keys can be delivered on smart cards or in software tokens. nexus OCSP Responder An online service to validating parties for checking the revocation status of certificates with quick response times, zero latency and high service capacity. nexus Personal Security Client A brandable, multi-card, multi-platform smart card middleware to enable PKI security in client applications, such as for desktop smart card logon, and document encryption and signing and SSL/TLS authentication. Browser plug-ins make it easy to implement online security applications with safe authentication and document signing. nexus Timestamp Server A standard compliant time stamping service for applications relying on a trusted evidence of the existence of a document such as a legal signature or a tender application at a certain time. Portwise Validation Server A service for validating identity claims and digital signatures, so that relying applications need not implement these functions, but can rely on a central trusted service. PortWise Validation Server supports various national and bank eids, PKCS#7, XML and PDF signature formats, and the creation of advanced signatures for long-term archiving and validation. 16