PKI: A Wiley Tech Brief: Implementing and Planning Digital Certificate Systems (Technology Briefs) - Softcover

Über die Autorin bzw. den Autor

TOM AUSTIN is a consultant, speaker, and columnist in the field of information security and has recently written the PKI training course for Network Associates. He writes for ComputerWorld, Internetwork, and SC Infosecurity News.

Von der hinteren Coverseite

"An excellent overview of PKI technology. A must read for anyone considering deployment of a public key infrastructure."-John A. Ryan, President & CEO, Entrust Technologies

With Public Key Infrastructure (PKI) emerging as the most effective method for ensuring the security of online transactions, you'll want to know what this technology is all about and whether your systems are ready for its implementation. Here is a plain-language tutorial on the technical and business issues you'll need to understand in order to get a PKI system up and running.

This book will help you ask the right questions when shopping for PKI, assess its value for your company, and formulate your business justification. Once you've mastered the basics, you'll discover detailed case studies from banking, government, and the service industry, illustrating what it takes to deploy PKI in the real world, including cost, critical success factors, and the impact the process is likely to have on your organization.

You'll find clear, easily accessible discussions on:
* The components that make up PKI, from cryptography to time stamps
* How PKI's security services ensure positive user identification and authentication
* How to qualify vendors and write a Certification Practice Statement (CPS)
* How to build directories and implement mechanisms for issuing, accepting, or revoking digital certificates
* Current efforts to standardize a successful PKI system as well as relevant laws and regulations

Auszug. © Genehmigter Nachdruck. Alle Rechte vorbehalten.

Chapter 1 - PKI Explained

Today, there's little doubt that electronic information assets represent a significant share of an organization's value. Customer and employee databases, transaction records, trade secrets, and scientific research are just a few of the items that represent the lifeblood of many companies. What used to be paper-based information, stored in file cabinets and traditional physical locks, is now on a myriad of computer disks and networks.

With electronic capabilities, we're able to communicate easily with others, provide essential information and services, and even conduct business transactions. Before the Internet opened up our private networks to others, access to these information assets was restricted to the select few authorized within the company, and there was minimal risk and a high level of control. Unfortunately, with this increased access to electronic information, the same level of protection afforded to its physical counterpart has not yet been satisfied.

So then, why PKI? Because PKI is a technology that can provide the infrastructure, the controls, and the underlying security services necessary to support the requirements business executives now face. Let's look at PKI more closely.

What Is PKI?

Before asking what components make up a PKI, let's first ask, "what exactly is a PKI?" The acronym literally means "Public Key Infrastructure." The term "public key" is the more common name for asymmetric cryptography. So, what's asymmetric cryptography? Well, it's a different way of doing cryptography that is distinct from the more traditional way called symmetric cryptography. So, what's the difference between symmetric and asymmetric cryptography? Let's hold that discussion for Basic Crypto in Chapter 2, "What's in a PKI?" Suffice it to say that PKI is named for a particular type of cryptography.

So, how does the term infrastructure fit into this? Think of a bunch of computers communicating across a LAN, WAN, or the Internet. Numerous applications can be run on each computer, talk to each other, exchange data, and then perform transactions. For all of that to occur, there has to be a communications architecture in place; otherwise the computer and their application wouldn't be able to talk to each other. Similarly, in order to run all of those applications securely, there has to be a security architecture in place. Security today between computers is achieved mainly through cryptography. That cryptography architecture is also called an infrastructure.

However, the acronym PKI is a bit of a misnomer, in that the cryptography is not limited to just asymmetric cryptography. Both symmetric and asymmetric cryptography work together in a PKI to provide the overall security. This is much like a toolbox to build a house. You don't attach ceiling joints, walls, roofing tiles, and the like with the same nail. Different types of fasteners are used for the correct job. It's the same with cryptography: It takes the right cryptographic algorithm and security mechanism for the right job. So, what are the security mechanisms in a PKI?

A PKI contains security mechanisms that provide security services. What are those services? We introduce yet another acronym, CAIN, for confidentiality, authentication, integrity, and something called non-repudiation.

Confidentiality Confidentiality is the protection of data against unauthorized access or disclosure. This service is typically provide via access controls (possibly in conjunction with encryption) for data storage, and via encryption during data transmission. It's the encryption part that the PKI can provide. Access controls are really a combination of authentication and authorization.

Think of confidentiality as an opaque envelope. The message inside is not visible from the outside. Of course, almost everyone can open an envelope and read the contents. However, encryption like an incredibly strong envelope that cannot be opened except by the authorized person(s) to whom the envelope is addressed.

Authentication Authentication is the verification of an individual's identity and/or the verification of data origin. In other words, a person (or even a computer) needs to verify that the entity (computer or person) he or she is communicating with, or receiving data from, is indeed who he or she thinks it is, and who the other entity claims to be.

We humans verify other people all of the time. The telephone rings, and immediately we recognize the voice. A knock on the door reveals a face that we know. The airline ticket agent asks you for a photo identification. Computers and networks ask for a password, and the ATM machine requires that you enter your PIN after inserting your ATM card.

Authentication can be achieved by one or more of three ways:

* Something you know, such as a PIN or password
* Something you have, such as a door key or an ATM card
* Something you are, called biometrics, such as a fingerprint, voice pattern, or your iris

The section Authentication Basics, Alternatives later in this chapter provides a more detailed discussion of various authentication techniques, their strengths, and their weaknesses.

Integrity Integrity is the protection of data against unauthorized modification or substitution to information. This service is provided by cryptography mechanisms called a message authentication code (MAC) or a digital signature.

Think of integrity as a transparent envelope. The message inside can be read from the outside, so there's no confidentiality. However, the envelope is what's called tamper evident. The addressee can look at the envelope and verify that it has not been opened, ripped, or even substituted.

Non-Repudiation Non-repudiation is the combined services of authentication and integrity that is provable to a third party. This implies a legally unproven presumption that the originator cannot deny having originated the message. Asymmetric cryptography provides a mechanism called a digital signature such that only the originator could have produced the digital signature. Therefore, anyone else, including the receiver of the signed message, can verify the digital signature. This has strong implications, such as in a court of law, that the signer of the message cannot deny having originated the message. ........