dynamic validity period calculation of digital certificates based on aggregated security assessment...
TRANSCRIPT
DYNAMIC VALIDITY PERIOD DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CALCULATION OF DIGITAL CERTIFICATES BASED ON CERTIFICATES BASED ON AGGREGATED SECURITY AGGREGATED SECURITY
ASSESSMENTASSESSMENT
ByAlexander BeckJens GraupmannFrank Ortmeier
MotivationMotivationDigital certificates are being widely used.
Digital Certificates also has a validity period after which it expires.
So for creating a fault tolerant system where no problem arises due to the expiration of the digital certificates, we should be able to assess the optimal time for which a digital certificate should be active.
Here the authors discuss on how to identify the optimal validity period and factors to be considered to calculate it.
IntroductionIntroductionDigital certificates are an important
component for cryptographic protection of IT infrastructures in large companies
A common property of digital certificates is their predefined validity period.
The algorithms that are used at the time of creation of certificate may be broken before the expiry of the certificate.
Choosing the right crypto Choosing the right crypto periodperiodThe security level of IT systems should always
be in relation to their actual threat.
The current threat is not only the system vulnerabilities but also, on the interest in the system for unauthorized persons.
The lifetime of an issuing certificate should never end before the lifetime of an issued certificate.
Certificates will not be replaced before their expiry.
Vulnerability of IT-systemsVulnerability of IT-systemsManual Security AssessmentManual Security Assessment
General Security Audit: ◦A documented status of the detection of
defects and security vulnerabilities.
IT System Audit:Aspects of◦ Software versions (authorization (roles &
permissions) and passwords) ◦Safety related configuration
Vulnerability of IT-systemsVulnerability of IT-systemsManual Security AssessmentManual Security Assessment
Vulnerability Scanning: In the aspects of ◦ Installed operating system and Software◦Open ports◦Used services
Penetration test: ◦A penetration tester tries with
appropriate programs or methods to penetrate a system and exploit vulnerabilities that were identified
Vulnerability of IT-systemsVulnerability of IT-systemsAutomated Security AssessmentAutomated Security Assessment
These automated calculation of system vulnerabilities are based on Configuration Management Database (CMDB)
It includes the hardware and software including their exact versions and patch levels.
Vulnerability of IT-systemsVulnerability of IT-systemsAutomated Security AssessmentAutomated Security Assessment
ConditionsConditionsThe calculation formula has to fulfill the
following conditions:◦ The resulting value must lie in the
interval [0; 1] (1 means system is completely safe)
◦ The aggregated value must be less than or equal to the smallest single value.
Key length & algorithmKey length & algorithmThe longer the key length is, the longer the
life time of a certificate can be chosen.Different algorithms and key lengths are
compared and stored in the data base.This information needs to be verified and
updated on a regular basis.The combination of algorithm and key
length must be assessed with a value between 0 and 1 with respect to safety.
◦0 – implies the algorithm is known to be broken
◦1- considers to be safe for a long time.
Revocation StatusRevocation StatusThe revocation status can be checked using
an Online Certificate Status Protocol(OCSP) service or (CRL) certificate-revocation-list.
OCSP provides more timely information regarding the revocation status is has to be rated in comparison to CRLs in the context of calculation
This factor can be quantified trivially: ◦ usage of an OCSP service: 1◦ usage of CRL: 0.75◦ no revocation checking: 0.5
Key storage of CA Key storage of CA certificate and length of certificate and length of certificate chaincertificate chainUsually certificates are not issued by Root
CA, but by a Sub-CA.Depending on the size and structure of the
PKI – operating company the path length from the root CA to the sub- CA can differ.
The safety level of a Sub- CA is lower than that of each higher level.
For this reason, the path length will be considered and one possible calculation is 1/ path length.
Certificate DistributionCertificate DistributionDelivery : Automatic
◦Automated methods (SCEP, CMP) in which the certificate using resource generates the keys itself and issues a certificate request.
Delivery : Manual ◦The manual delivery of a particular
certificate including the private key with in a container via e-mail is critical.
AggregationAggregation
AggregationAggregationThe security Risk Assessment uses the
factors described above to perform the computation of an optimal certificate lifetime.
The following condition must be met for the calculated runtime:
CLM- Architecture with CLM- Architecture with Security Risk AssessmentSecurity Risk Assessment
ConclusionConclusion In this paper, an approach is presented to
dynamically compute a proper certificate lifetime based on generally accepted factors and current security ratings.
It was shown how this dynamic calculation can be embedded into a certificate life-cycle management system.
THANK YOUTHANK YOU