Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intel Labs Improvements on Conventional PKI Wisdom Carl M. Ellison Sr. Security Architect Corporate Technology Group Intel Corporation 1 st PKI Workshop:

Published byTheodore Lamm Modified over 9 years ago

Similar presentations

Presentation on theme: "Intel Labs Improvements on Conventional PKI Wisdom Carl M. Ellison Sr. Security Architect Corporate Technology Group Intel Corporation 1 st PKI Workshop:"— Presentation transcript:

1 Intel Labs Improvements on Conventional PKI Wisdom Carl M. Ellison Sr. Security Architect Corporate Technology Group Intel Corporation 1 st PKI Workshop: April 24, 2002

2 Intel Labs Slide 2 Conventional PKI Wisdom 1.Get and use an acceptable ID certificate for digital signatures. 2.Each certificate should come from a CA with strong key security (a vault). 3.This allows you to know who your transaction partner is. 4.This process gives non-repudiation.

3 Intel Labs Slide 3 1. ID Certificates  Which ID should I use and who should certify me? –5 at work: carl.m.ellison; cme; amr/cellison; Ellison, Carl M; –5 at work: carl.m.ellison; cme; amr/cellison; Ellison, Carl M; –>12 at home: driver’s License number; 4 credit card numbers; 1 ATM card; bank and stock brokerage account numbers; e- mail account names; login names  So … should we change all existing business practices to use a single ID?

4 Intel Labs Slide 4 ClientClientVaultVault AA CACA BB CACA Goes to the vault Goes to the vault Too expensive for real use Grossly insecure OK, but security can be better RegistrarRegistrarCACA RARA CC Goes to the registrar Goes to the registrar DD CACA Goes to the registrar Goes to the registrar Fewer parts; no network; same key vulnerability 2. CA Security

5 Intel Labs Slide 5 3. Know the other person  The John Wilson Problem –E-mail –Bay area trip, August 2001 –Ann Harrison  Moral of the story: human beings do not use names the way we computer scientists would like them to.  So … should we change all humans?

6 Intel Labs Slide 6 4. Non-repudiation (NR)  Delayed enforcement: prosecute fraud  Expensive to track & prosecute  Valid only if victim can be made whole – not for secrets or high value content or lives  Not possible to implement – inadequate protection of keys and S/W – inadequate physical security – no H/W to witness the signing  That’s OK. If you need legal enforceability, you can use contractual commitment.

7 Intel Labs Slide 7 New PKI Wisdom 1.There is no single ID, so a single ID certificate makes no sense. 2.Discard RAs and put CAs on RA desks. 3.Knowing a keyholder’s certified name does not tell you who that keyholder is. 4.Non-repudiation is neither adequate for serious problems nor achievable. 5.Do authorization (e.g., access control) up front, instead.

8 Intel Labs Slide 8 Credential Classes IdentifierIdentifier Public Key AuthorizationAuthorization ACL (name) AttributeCertificateAttributeCertificate Public File IDCertificateIDCertificate ACL (key) AuthorizationCertificateAuthorizationCertificate Protected DB CertificateCertificate

9 Intel Labs Slide 9 Security Perimeter Authorization (1) NN KK 3 points of attack AA ACLACLIDID 12

10 Intel Labs Slide 10 Security Perimeter 3 points of attack NN KK IDID AA ACLACL NN =? Authorization (1) 1 2 3

11 Intel Labs Slide 11 Authorization DB Example  Large centralized ACL (authorization DB) –6 million users –If each user changes status every 2 years, that is one change in the ACL every 2.5 seconds of a standard work day. Each must be investigated. –How many people must staff the ACL office? –What makes them authorities? …trusted? –Is there only one office? N N K K A A ACL ID

12 Intel Labs Slide 12 Security Perimeter Authorization (2) N N K K A A ID or locator information for forensics only, not used during authorization. 1 point of attack AuthorizationAuthorization IDID

13 Intel Labs Slide 13 Authorization Example (1) A A U U A: Central auth DB admin U: User who wants auth web form e-maile-mail

14 Intel Labs Slide 14 Authorization Example (2) U U A A A: Central auth DB admin U: User who wants auth

15 Intel Labs Slide 15 Authorization Example (2) U U A: Policy manager U: User who wants auth Side-effect: No central DB to maintain so staff not needed for DB administration, saving money while improving security. A A

16 Intel Labs Slide 16 Cross-company (1)  Bridge two PKIs  The John Wilson problem gets MUCH worse. –There are suddenly more John Wilsons than there were before. –There is no central naming authority with control over all PKIs.  Access by A to B’s confidential information? (org chart; names)  If A keeps a copy of a subset of B’s info, that’s dynamic & requires its own auth DB at A for updaters  design recursion.  If A accesses B data in place, that requires an auth DB at B. (ditto) Company A Company B request approval? Auth DB Staff Users who need auth

17 Intel Labs Slide 17 Cross-company (2)  No bridging of ID PKIs  No names used, so no John Wilson problem  No access to the other company’s employee data  Improved security Policy manager Users who need auth Bridged by executives who sign the B2B relationship contract Company A Company B

18 Intel Labs Slide 18 References  Dohrmann and Ellison, “Public Key Support for Collaborative Groups”, Internet2 PKI Workshop, April 2002.  Ellison, “Establishing Identity Without Certification Authorities”, 6 th USENIX Security Symposium, 1996.  http://developer.intel.com/ial/security/  http://world.std.com/~cme/html/spki.html

Download ppt "Intel Labs Improvements on Conventional PKI Wisdom Carl M. Ellison Sr. Security Architect Corporate Technology Group Intel Corporation 1 st PKI Workshop:"

Similar presentations

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Security and Control Soetam Rizky. Why Systems Are Vulnerable ?

Security and Control Soetam Rizky. Why Systems Are Vulnerable ?
Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.

Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
PKI Implementation in the Real World

PKI Implementation in the Real World
©1999 Addison Wesley Longman Slide 13.1 Information System Security and Control 13.

©1999 Addison Wesley Longman Slide 13.1 Information System Security and Control 13.
PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.

PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.

A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
CMSC 414 Computer (and Network) Security Lecture 9 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 9 Jonathan Katz.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

Similar presentations

Ads by Google