8
The Public Key Infrastructure Approach to Security

Public Key Infrastructure (PKI) is a set of policies and procedures to establish a secure information exchange. This chapter describes the elements which make up PKI, and explains why it has become an industry standard approach to security implementation.

• Introduction
• Public Key Cryptography and the Public Key/Private Key Pair
• Secure Credentials: Certificate-Based Authentication in PKI
• Storing Secure Credentials with PKI
• Single Sign-On Using PKI
• Network Security Using PKI

Introduction

This section presents basic concepts of a Public Key Infrastructure (PKI):

• Security Features of PKI
• Components of PKI
• Advantages of the PKI Approach

Security Features of PKI

PKI is emerging as the foundation for secure electronic commerce and Internet security by providing the cornerstones of security:

Authentication	The importance of authentication, verifying the identity of users and machines, becomes crucial when an organization opens its doors to the Internet. Strong authentication mechanisms ensure that persons and machines are the entities they claim to be.
Encryption	Encryption algorithms are used to secure communications and ensure the privacy of data sent from one computer to another.
Non-repudiation	PKI can be used to provide non-repudiation through digital signatures. This proves that a specific user performed certain operations at a given time.

Together, these elements combine to provide a secure, non-breakable environment for deploying e-commerce and a reliable environment for building virtually any type of electronic transactions, from corporate intranets to Internet-based eBusiness applications.

Components of PKI

The main components of a public key infrastructure are:

Digital certificates	Digital "identities" issued by trusted third parties, that identify users and machines. They may be securely stored in wallets or in directories.
Public and private keys	Form the basis of a PKI for secure communications, based on a secret private key and a mathematically related public key
Secure sockets layer (SSL)	An Internet-standard secure protocol
Certificate Authority (CA)	Acts as a trusted, independent provider of digital certificates

Other important factors which enable the deployment of PKI include: secure storage of certificates and keys; management tools to request certificates, access wallets and administer users; and a directory service acting as a centralized repository for certificates.

Advantages of the PKI Approach

The PKI approach to security does not take the place of all other security technologies; rather, it is an alternative means of achieving security. The following advantages of PKI have led to its emergence as an industry standard for securing Internet and e-commerce applications.

• PKI is a standards-based technology.
• It allows the choice of trust provider.
• It is highly scaleable. Users maintain their own certificates, and certificate authentication involves exchange of data between client and server only. This means that no third party authentication server needs to be online. There is thus no limit to the number of users who can be supported using PKI.
• PKI allows delegated trust. That is, a user who has obtained a certificate from a recognized and trusted certificate authority can authenticate himself to a server the very first time he connects to that server, without having previously been registered with the system.
• Although PKI is not notably a single sign-on service, it can be implemented in such a way as to enable single sign-on.

Public Key Cryptography and the Public Key/Private Key Pair

Public-key cryptography requires that entities which want to communicate in a secure manner, possess certain security credentials. This collection of security credentials is stored in a wallet. Security credentials consist of a public/private key pair, a "user" certificate, a certificate chain, and "trusted" certificates.

The secrecy of encrypted data generally depends on the existence of a secret key shared between the communicating parties. Providing and distributing such secret keys is one aspect of key management. In a multiuser environment, secure key distribution may be difficult; public key cryptography was invented to solve this problem.

Public key cryptography is based on a secure secret key pair. Each key (one half of the pair) can only decrypt information encrypted by its corresponding key (the other half of the pair). A key pair includes:

The private key	Known only to its owner
The public key	Distributed widely, but still associated with its owner

Use of the cryptographic key pair to set up a secure, encrypted channel ensures the privacy of a message and validates the authenticity of the sender of the message. It also provides an important benefit: the ability to widely distribute the public key on a server, or in a central directory, without jeopardizing the integrity of the private key component of the key pair. This eliminates the need to transmit the public key to every correspondent in the system.

Each entity that participates in a public key system must have a public/private key pair. The public key for an entity is published by a certificate authority (CA) in a user certificate. Then, other entities that want to send it secure information can encrypt the information with the recipient entity's public key. Another use for a public key is for an entity that receives a communication to validate the sender's organizational affiliation.

Secure Credentials: Certificate-Based Authentication in PKI

Establishing user identity is of primary concern in distributed environments; otherwise, there can be little confidence in limiting privileges by user. Passwords are the most common authentication method in use, but for particularly sensitive data, you need to employ stronger authentication services. This section describes:

• Certificates and Certificate Authorities
• Authentication Methods Used with PKI

Certificates and Certificate Authorities

Having a central facility authenticate all members of the network (clients to servers, servers to servers, users to both clients and servers) is one effective way to address the threat of nodes on a network falsifying their identities. This method involves certificates and certificate authorities.

Certificate Authorities

A certificate authority (CA) is a trusted third party which certifies that other entities--users, databases, administrators, clients, servers--are who they say they are. When it certifies a user, the certificate authority verifies the user's identity and grants a certificate, signing it with the certificate authority's private key. The certificate authority has its own certificate and public key, which it publishes, as well as a private key, which is securely maintained. Servers and clients use the CA's root certificate to verify signatures which the certificate authority has made. A certificate authority might be an external company that offers certificate services, or an internal organization such as a corporate MIS department

Certificates

A certificate is like an electronic passport which proves the identity of a user or device that seeks to access the network. The certificate ensures that the entity's information is correct and that the public key actually belongs to that entity. A certificate is created when an entity's public key is signed by a trusted identity (a certificate authority). It contains information such as the following:

• the certificate user's name
• an expiration date
• a unique serial number assigned to the certificate by the CA
• the user's public key
• information about the rights and uses associated with the certificate
• the name of the certificate authority that issued the certificate
• the CA's signature
• an algorithm identifier that identifies which algorithm was used to sign the certificate

A trusted certificate, sometimes known as a root key certificate, typically belongs to a third party entity that is trusted to issue certificates. It is obtained in a secure manner and, operationally, does not need to be validated for its authenticity each time it is accessed because it is self-signed. A client or a server can validate that an entity is who it claims to be by verifying that the entity's certificate was issued by a known and trusted certificate authority.

Typically, certificate authorities whom you trust issue the user certificates. Oracle provides several default trusted certificates, so users do not have to install their own. These trusted certificates also enable servers to perform SSL authentication to clients who have wallets containing only trusted certificates.

Clients and servers use these credentials to access secure services, such as SSL, using public key cryptography. A wallet also represents a storage facility that is location- and type-transparent once it is opened.

Authentication Methods Used with PKI

Popular authentication methods used with PKI include:

• Secure Sockets Layer Authentication and X.509v3 Digital Certificates
• Entrust/PKI Authentication

Secure Sockets Layer Authentication and X.509v3 Digital Certificates

The Secure Sockets Layer (SSL) is an industry standard protocol that provides authentication, data encryption, and data integrity, in a public-key infrastructure. SSL is widely employed over the Internet to give users established digital identities and to prevent eavesdropping, tampering with, or forging messages.

SSL provides authentication through the exchange of certificates that are verified by trusted certificate authorities. SSL uses digital certificates (X.509 v3), and a public/private key pair to authenticate users and systems.

The most widely used public key certificates comply with the X.509 format, and the X.509 Version 3 certificate is the current industry standard format. A public key infrastructure relies on X.509 certificates, also called digital certificates, or public-key certificates, for public-key authentication.

X.509v3 digital certificates contain the following:

• The certificate owner's Distinguished Name (DN), which uniquely identifies the owner
• The Distinguished Name of the certificate issuer, which uniquely identifies the certificate authority
• The certificate owner's public key
• The issuer's signature
• The dates for which the certificate is valid
• The serial number of the certificate

The SSL protocol has gained the confidence of users, and it is perhaps the most widely-deployed and well-understood encryption protocol in use today.

See Also: "Secure Sockets Layer (SSL) Authentication in Oracle Advanced Security"

Entrust/PKI Authentication

Entrust Technologies, Inc. is a market-leading provider of Public Key Infrastructure solutions, through their Entrust/PKI software. Entrust/PKI includes many products, such as Entrust Profile, which secures users' PKI credentials, and Entrust Authority, Entrust's certificate authority product. Oracle Corporation has modified its SSL implementation to integrate with Entrust/PKI.

Note that Entrust/PKI is not fully compliant with all relevant PKI standards.

See Also: "Entrust/PKI Support in Oracle Advanced Security"

Storing Secure Credentials with PKI

Many organizations manage users and authorizations separately in an LDAP-compliant directory. Now they can also store credentials securely in the directory, enhancing their ability to manage users.

With PKI, secure credentials such as digital certificates can be stored in containers called "wallets". A wallet is a transparent database used to manage authentication data such as keys, certificates, and trusted certificates needed by SSL. Wallets can be stored in an LDAP-compliant directory. This implementation enables you to centrally manage users.

Security administrators use a tool such as Oracle Wallet Manager to manage security credentials on the server. Wallet owners use it to manage security credentials on clients.

Public Key Certificate Standard #12 (PKCS#12) is the standard for secure credential storage.

See Also: "Centralizing Shared Information with LDAP" "Components of Oracle Public Key Infrastructure-Based Authentication"

Single Sign-On Using PKI

Single sign-on enables users to access multiple accounts and applications with a single password. This feature eliminates the need for multiple passwords for users and simplifies management of user accounts and passwords for system administrators. Single sign-on enhances ease-of-use for users, and provides centralized management to security administrators.

Because all clients, application servers, and data servers can authenticate themselves to one another, PKI provides an important security infrastructure to a network.

See Also: "Single Sign-On Implementations in Oracle Advanced Security"

Network Security Using PKI

In addition to centralized network authentication, a PKI implementation can provide encryption of network traffic as well as integrity checking. The Secure Sockets Layer provides strong, standards-based encryption and data integrity algorithms.

See Also: "Encrypting Data for Network Transmission" "PKI Implementation in Oracle Advanced Security"