a strategic approach to enterprise key management
Post on 12-Nov-2014
734 Views
Preview:
DESCRIPTION
TRANSCRIPT
A Strategic Approach to Enterprise Key ManagementEnterprise Key Management
D k T l kDerek TumulakVP Product Management, EDP
SafeNet
Overview• What is Key Management?• Data Breaches and the Regulatory Landscapeg y p• Key Management Standards• The Need for Key Management• Key Management Alternatives• Components of Enterprise Key Management
E t i K M t A hit t• Enterprise Key Management Architecture• Conclusion
What is Key Management?• From Wikipedia, the free encyclopedia
– In cryptography, key management includes all of the provisions made in a cryptosystem design in cryptographic protocols in that design in usercryptosystem design, in cryptographic protocols in that design, in user procedures, and so on, which are related to generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. There is a distinction between key management, which concerns keys at the users' level (i.e., passed between systems or users or both), and key scheduling which is usually taken to apply to the handling of key material within the operation of ausually taken to apply to the handling of key material within the operation of a cipher.
– Appropriate and successful key management is critical to the secure use of every crypto system without exception. It is, in actual practice, the most difficult aspect of cryptography generally, for it involves system policy, user t i i i ti l d d t t l i t ti itraining, organizational and departmental interactions in many cases, coordination between end users, etc.
– Many of these concerns are not limited to cryptographic engineering and so are outside a strictly cryptographic brief, though of critical importance. As a result, some aspects of key management fall between two stools as the p y gcryptographers may assume this or that aspect is the responsibility of the using department or upper management or some such, while said department or upper management regard it all as being outside their concerns because 'technical', and so within the purview of the cryptographers.
Data Breaches in the USJan 10, 2000: Hacker steals 300,000 credit cards from CD Universe
Feb. 15, 2005: Choicepoint announces theft of 163,000 records, p ,
June 16, 2005: Cardsystems is hacked, exposing 40,000,000 recordsSept. 10, 2006: To date, over 165,000,000 records have been breached
Disclosed Data Loss Incidents
Sources: privacyrights.org, attrition.org
138
325
150
200
250
300
350
5 10 2 12 22
0
50
100
150
2000 2001 2002 2003 2004 2005 2006
Rising Cost of Data Breaches► In 2006, companies spent nearly $5 million when data was lost or
stolen
► Average cost per compromised record was $181:
2006 Cost
Detection & escalation
$11escalationNotification $25Response $47Lost Business $98Total $181
Source: Ponemon Institute’s 2006 Cost of Data Breach Study
Evolving Regulatory Environment
► PCI, CISP ► S b O l HIPAA GLBA► Sarbanes-Oxley, HIPAA, GLBA► SB 1386
• Visibility and power of regulators has increased dramatically• Ever-increasing levels of oversightEver-increasing levels of oversight
– More detailed regulations, stricter enforcement
• Companies are looking to future-proof their security investments
– Systems and processes need to meet a broad set of regulations– Architectures must be leveraged to meet future, unforeseen developments
Key Management Standards• Standards relating to enterprise key management
– IEEE 1619.3– TCG– NIST– PCIPCI
• Many standards have been more historically focused on PKI
• More recently standards are focusing on enterprise data protection symmetric versus asymmetric
The Need for Key Management
With the emergence of many data privacy encryption technologies customers are
Enterprise Environment
yp gexpressing strong interest for an enterprise key management solution for:
ApplicationsApplicationsDatabasesFile SystemsStorage DevicesTapesTapesLaptopsSmart phonesDigital CertificatesPrintersPrintersSwitchesMainframesRetail Systems
Key Management Alternatives
• Native• Software• Enterprisep
Key Management Alternatives – Native
• Solution typically tied to specific application or environmentenvironment
• Limited or no interoperability with other key management systemsmanagement systems
• Creates many islands of disconnected solutions; difficult to scalesolutions; difficult to scale
Key Management Alternatives – Software
• Solution does not offer the same level of security has hardware based optionssecurity has hardware-based options
• Enterprise keys need to be protected with the highest level of securityhighest level of security
Key Management Alternatives – Enterprise
• Native and software approaches tend to be point solutionspoint solutions
• Enterprise solutions enable hardware-based protection for key across a wide range ofprotection for key across a wide range of heterogeneous environments
• Multiple enterprise key managementMultiple enterprise key management solutions can co-exist; key management hubs
• Fundamental goal is to minimize the numberFundamental goal is to minimize the number of key management systems within an enterprise
Enterprise Key Management Components Security
• Hardware-based solution; FIPS and Common Criteria• Centralized key management• Authentication, authorization, and auditing
Performance• High performance key import and export• Batch processing for massive amounts of data• Efficient backup and restore capabilities
Flexibility • Support for heterogeneous environments• Support for open standards and APIs• Range of enterprise deployment models
Manageability• Simplified appliance-based approach• Web management console • CLI (command line interface)
Availability
CLI (command line interface)
• Enterprise clustering and replication• Load balancing, health checking, and failover
G hi ll di t ib t d d d• Geographically distributed redundancy
Security √
• Centralization– Keys and policy created and stored in a single location
• Centralized policy management• Centralized logging and auditing• Even when keys are wrapped and exchanged with other systems they
are still managed and archived centrallyare still managed and archived centrally– Keys stored in a different location than encrypted data
• Keys are not scattered across a range of enterprise devices• Clear separation and definition of boundaries• Hardened FIPS and CC compliant solutions
S i f D i
Security √
• Separation of Duties– Configurable such that one administrator does not have access to both
keys and policies
• Strong encryption algorithmsAES 256 RSA 2048– AES 256, RSA 2048
– Support for SSL communication to other devices
S f• Support for extended cryptographic services– Encryption– Data Integrity using HMACg y g– Non-repudiation using Digital Signatures
Security √
• Authentication, Authorization, and Auditing– Secure, multi-factor authentication and access control between enterprise
devices and key manager– Granular authorization capabilities enable the enforcement of least
privilege. LDAP i t ti– LDAP integration
– Every key management event is logged
• Automatic alerts – Administration is automatically alerted via SNMP traps if policy thresholds
are exceeded
Performance √
• High Performance Import and Export– Capable of importing and exporting keys securely over the network at an p p g p g y y
extremely fast rate
• Batch Processing– An extended capability enabling enterprises to migrate large amounts of
data utilizing specialized hardware
• Efficient Backup and Restore• Efficient Backup and Restore– Ability to backup and restore millions of keys without affecting applicatin
performance
Flexibility √
• Heterogeneous Environments– Single comprehensive solution for the entire environment– Web Application Database File Switches Printers etcWeb, Application, Database, File, Switches, Printers, etc.– Data Center or Distributed Environments– Standard APIs and cryptographic protocols; Java, C, XML,
SOA
• Scalability y– Solutions with key storage capacity into the millions– Clustered in load balanced configurations to increase
capacity and offer redundancy
Manageability √
• Administrative Interfaces– Web management GUI and CLI
Key and Policy Management tasks– Key and Policy Management tasks• Key creation• Policy creation• Key rotations• User and user group creation, access control lists
– Network and System Management Tasks• Managing administrators• Detailed Auditing and Logging• Detailed Auditing and Logging • Performing upgrades• Backup and recovery • Key rotation
High Availability å Load balancing: In the event that a primary tier fails, load should transparently shift
to the secondary tier• Clustering/Replication: Any configuration or policy change made on a single device
should be automatically replicated to all devices within the cluster
San Francisco(Primary Tier)
New York(Secondary Tier)
Enterprise Key Management Architecture
ApplicationServersW b
Databases
Storage/ Tape
ServersWeb Servers File Servers
Laptop/Device
Enterprise Key Manager
Data Center
Conclusion• Develop a key management strategy that includes all
of the core components of enterprise key management
• Work with vendors that are approaching key management and data protection for the long-termmanagement and data protection for the long-term versus those pitching solely tactical point solutions
• Continue involvement in and awareness of industry standards
top related