Securely Managing Cryptographic Keys used within a Cloud Environment

Transcription

1 Securely Managing Cryptgraphic Keys used within a Clud Envirnment Dr. Sarbari Gupta [email protected] ext NIST Cryptgraphic Key Management Wrkshp September 10-11, 2012

2 Intrductin Federal gvernment mving cmputing/strage t Clud Vivek Kundra s Clud First Strategy OMB M FY 2012 Budget Guidance Clud Cmputing has unique security challenges Remte peratins, C-tenancy, Distributed Management Cryptgraphy essential t secure clud peratins Use f sund Key Management Practices is critical Yet, limited visibility int Clud Key Management FedRAMP streamlines Clud Authrizatins Des it prvide enugh visibility r assurance fr Clud Key Management? Page 2

3 Clud Service Prvider (CSP) - Mdels Clud Service Mdels Sftware as a Service (SaaS) - Access t applicatins and services hsted in clud Platfrm as a Service (PaaS) - Building blcks t rapidly develp/hst clud applicatins Infrastructure as a Service (Iaas) - Netwrked access t prcessing pwer, strage Clud Deplyment Mdels Public Clud Private Clud Cmmunity Clud Hybrid Clud Nt all Cluds are created equal! Page 3

4 Clud Based Systems Uncertainties Prcessr Where is my prcess running? Am I sharing the prcessr with ther users/rganizatins? Data Strage Where des my data reside? Is my data c-resident with ther users data? Cmmunicatin Hw des my CSP knw wh I am? Hw is my cnnectin t clud cmpnents prtected? Administratin Wh administers the Clud Infrastructure? Wh has access t my data? My activity histry? Key Management Where and hw are keys: Generated? Stred? Hw are keys: Distributed? Prtected? Hw are keys and data recvered if lst? When and hw are keys destryed? Page 4

5 Clud Systems Dependence n Brwser Brwser is integral t Clud Systems User Interface Presentatin Data input and utput frm Clud Cmmunicatin with Clud Cmpnents Brwsers have significant vulnerabilities Weak implementatin f security prtcls Man-in-the-middle (MITM) and ther attacks Brwser cntaminatin frm ther websites Brwser represents inherent weakness! Page 5

6 Cryptgraphy Integral t Clud Operatins Supprts strng authenticatin f remte Users, Administratrs Implements strng cmmunicatin prtcls between User (brwser) and clud Partitins User data in c-tenancy envirnments Prvides data cnfidentiality (even frm Administratrs) Supprts data integrity (tamperdetectin) Page 6

7 Cryptgraphic Key Management Basics (I) Cryptgraphic Keys - Cre Functins Cnfidentiality Integrity Surce Authenticatin Key Management - Scpe Key Generatin Key Strage Key Distributin Key Recvery Key Destructin Page 7

8 Cryptgraphic Key Management Basics (II) Key Management - Critical Dimensins Key Type, Algrithms, Strength, Crypt-perid, Metadata Key Generatin, Acquisitin Key Use, Users, Applicatins Key Establishment, Agreement, Distributin Key Material Prtectin (strage, transit) Key Access Cntrl Key Backup, Recvery Key Renewal, Revcatin, Destructin Page 8

9 Clud Cryptgraphy Visibility and Cntrl Remte Authenticatin; Secure Cmmunicatin with Clud Sme Visibility Use f Third Party Credential Prviders; Standard Cmmunicatin Prtcls (TLS/SSL) Sme Cntrl User may select wn Credential Prvider, Cnfigure Brwser settings Clud Data Prtectin (Cnfidentiality, Integrity) SaaS - n visibility; n cntrl CSP implements all crypt paque t Clud User PaaS limited visibility; limited cntrl CSP implements crypt in lwer layers paque t Clud User May prvide tlset (building blcks) fr applicatin develpment Iaas limited visibility; mre cntrl CSP implements infrastructure level crypt paque t Clud User Clud User cntrls key management fr virtualized IT cmpnents Page 9

10 FedRAMP Cntrl fr Key Management (based n SP R3) SC-12 CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT Cntrl: The rganizatin establishes and manages cryptgraphic keys fr required cryptgraphy emplyed within the infrmatin system. Cntrl Enhancements fr MODERATE baseline: (2) The rganizatin prduces, cntrls, and distributes symmetric cryptgraphic keys using [NIST-apprved] key management technlgy and prcesses. (5) The rganizatin prduces, cntrls, and distributes asymmetric cryptgraphic keys using apprved PKI Class 3 r Class 4 certificates and hardware security tkens that prtect the user s private key. SC-13 USE OF CRYPTOGRAPHY Cntrl: The infrmatin system implements required cryptgraphic prtectins using cryptgraphic mdules that cmply with applicable federal laws, Executive Orders, directives, plicies, regulatins, standards, and guidance. Cntrl Enhancements fr MODERATE baseline: (1)The rganizatin emplys, at a minimum, FIPS-validated cryptgraphy t prtect unclassified infrmatin. Page 10

11 FedRAMP Weaknesses fr Key Management N minimum requirements fr key parameters N explicit requirement fr Key Management Plicy (KMP) N explicit requirement fr Key Management Practices Statement (KMPS) N requirement fr key recvery Result Clud User has: Little visibility int clud key management Limited assurance f sundness f key management plicies, practices and peratins Page 11

12 Way Frward Establish Federal Prfile fr Clud Key Management Based n SP (being develped) Mre stringent requirements due t Clud Envirnment FedRAMP require that CSPs Fllw Federal Prfile fr Clud Key Management Develp Key Management Plan (KMP) and Key Management Practices Statements (KMPS) NIST SP Part 2: Best Practices fr Key Management Organizatin Have Mandatry 3 rd Party Auditing against KMP/KMPS Page 12

13 Wrap-Up and Cntact Infrmatin Dr. Sarbari Gupta Electrsft Phne: ext 12 LinkedIn: Page 13