Upload
hakien
View
235
Download
2
Embed Size (px)
Citation preview
10-8
. . . . . . . . . .
..........VeriSign Strategy White Paper #98-01
Public-Key Infrastructure– The VeriSign Difference
2
..........
Public Key Infrastructure(PKI) – The VeriSignDifferenceOperating secure, business-criticalapplications over the Internet requires anadvanced enterprise PKI. Selecting theright approach to enterprise PKI candramatically affect the bottom-line.
Introducing Enterprise PKIEnterprises around the world are deploying a new generation of distributed,business-critical applications—enabling delivery of new products and serviceson an unprecedented scale—over intranets (employees), extranets (tradingpartners), and the Internet (worldwide customers and prospects). Theseapplications must be operated in a high-availability, high-securityenvironment, in order to gain customer confidence and allow enterprises toexploit the advantages of the electronic marketplace—faster time-to-market,lower distribution costs, and greater access to global customers.
One element has now emerged as the foundation for secure distributedapplications, including supply chain management, secure messaging, e-commerce, virtual private networks, and intranet applications—that element isPublic Key Infrastructure (PKI). An enterprise’s PKI constitutes the core ofits Internet security infrastructure—the key to ensuring authenticated, privateand non-repudiable communications and transactions. The success of anenterprise’s PKI will have a major impact on its core business operations.
3
Critical Success Factors in Running an Enterprise PKI
In the online-all-the-time world of the Internet, one of the biggest challengesyou will face in operating a PKI is satisfying your customer expectations for ahighly-available, highly-secure, PKI service. From the perspective of acustomer, business partner, or internal client, the end-result of a successfulPKI is measured by the ease of obtaining and using digital certificates—trusted electronic credentials that enable access control, secure messaging, andtransaction security for business-criticalapplications. From the enterprise perspective,running a PKI operation means running a trustedonline service for end users. Managers may bestaking their jobs—and enterprises theirbusiness reputations—on the success of theirPKI solution.
In selecting an enterprise PKI solution, there arefive critical success factors that will likelydetermine the success or failure of your trustedPKI operation—spanning PKI technology,infrastructure, and business practices:
• Proven PKI Technology: Full PKIfunctionality includes support for certificateissuance and life-cycle management,processing and protocols for diversecertificate types, comprehensive administration functions, recordsretention, directory integration, and key management. How do you runstate-of-the-art PKI technology, but ensure that it won’t fail under high-stress, real-world conditions? What operational proving-grounds has itbeen tested under?
• Open Architecture with Best-of-Breed Applications: Your enterprisePKI needs to be integrated with all the applications it supports. How doyou deploy PKI that can support your own choice of new and legacyapplications? How do you avoid forcing your end-users to be locked intoproprietary PKI desktop software that they must install, update, andtroubleshoot? How do you deal with the desktop policies mandated by ITdepartments outside your control (e.g., business partners) when movingbeyond the intranet?
• High Availability and Scaleability: Your PKI needs to be available to itsuser community around-the-clock. How can you guarantee 7x24 serviceavailability to business partners, internal clients, or external customers—including systems, networks, customer support, and disaster recovery—without massive up-front capital investment? How do you handleunexpected peak loads in demand? How can you start your PKI small butbe confident it can scale effectively to millions of users ultimately?
The foundation forsecure Internet
applications is a PublicKey Infrastucture (PKI).
An enterprise’s PKIconstitutes the core of
its Internet securityinfrastructure—the key
to ensuringauthenticated, privateand non-repudiable
communications. Thesuccess of an
enterprise’s PKI willhave a major impact on
its core businessoperations.
4
• Secure Operating Infrastructure: Operating your PKI presents a new,unique set of risk management challenges. How do you ensure that youdon’t “go it alone” in risking company reputation, financial, and legalliability when running an Internet-based PKI? How can you safeguardprecious corporate information assets with the most hacker-proof PKIsecurity protection?
• Extranet/E-commerce Readiness: Your PKImay have to support different usercommunities, both inside and beyond theenterprise. How do you architect your PKI tooperate and scale successfully across suchcommunities—intranets, extranets, industrytrading groups, and large-scale Internetcommerce? Will proprietary approachesderail these efforts?
If these questions apply to your enterprise’sdecision to provide business-critical PKI services,please read on. This white paper compares tworadically different approaches to deployingenterprise PKI, focusing on their respectiveabilities to meet these five critical challenges.
Two Models for PKI Deployment
Based on recent advances in the PKI industry, there are now two very differentapproaches to building an enterprise PKI:
• Purchase standalone PKI software, and create a standalone PKIservice—where the enterprise alone assumes 100% responsibility forprovisioning all the surrounding technology, including systems,telecommunications, and databases, in addition to providing physical sitesecurity, Internet-safe network configurations, high-availability redundantsystems, disaster recovery, PKI specialists, viable PKI legal practices, andfinancially safe PKI liability protection; or
• Deploy an integrated PKI platform—which combines enterprise-controlled and operated PKI software/hardware, compatibility withpopular applications, and the certificate processing services andinfrastructure of a high-availability, high-security PKI backbone—withshared liability and independently audited business processes.
The downside of the standalone PKI software approach is that it leads tostandalone enterprise PKI— where the enterprise assumes 100% of theinvestment and 100% of the risk. By contrast, an enterprise deploying anintegrated PKI service platform—with 7x24 PKI services, shared investment,and shared risk—is far more likely to succeed in providing reliable and
There are many crucialelements to running an
enterprise PKI thatstandalone PKI software
vendors don’t like totalk about. Why?
Because they maketheir money by selling
software—not byensuring that a PKI isup and running day-inand day-out, throughsecurity emergencies,
overnight serviceinterruptions, customercrises, hacker attacks,
and rapid-firetechnology changes.
5
trustworthy PKI services, at lower cost and with faster deployment of thedependent applications.
Table 1 summarizes the fundamental differences between standalone PKIsoftware and a PKI service platform. The balance of this white paper furtherexplores the factors underlying these crucial issues.
Success Factor Integrated PKI Platform Standalone PKI Software
Proven PKI technology Fully-featured PKI, provenin world’s largest 7x24 PKIservice centers. Leveragedexperience from 100s of
enterprises.
Enterprise designs, builds,and deploys supporting
infrastructure, and assumes100% implementation risk.Software vendor has no PKI
operating experience.
Open architecture withbest-of-breed applications
Seamless integration withstandard best-of-breedapplications, includingstandard web browsers,
mail clients, and enterpriseapplications.
Requires proprietary clientsoftware for all users and
applications.
High availability andscaleability
Contractually guaranteedPKI backbone services &
disaster recovery. On-demand scaleability.
Leverages high capacity,fault-tolerant infrastructure.
Enterprise provides 100%services infrastructure &
disaster recovery. Assumes100% operational risk.
Secure operatinginfrastructure
Contractually guaranteedPKI backbone security.
Externally audited. Sharedliability.
Enterprise provides 100%of security infrastructure;
must design ownoperational policies and
practices; assumes 100% ofrisk.
Extranet/e-commercereadiness
Enterprise can select privateand/or public trust networks
(largest in world).
Private cross-certificationonly. Enterprise builds
100% custom solution eachtime. Partners assume
100% of risk.
6
The VeriSign Value Proposition
At VeriSign, we’ve learned from the successesand failures of earlier approaches to PKIdeployment. As a result, our approach is to buildindustrial-strength PKI service platforms forenterprises of all sizes, leveraging the largest andmost reliable PKI backbone in the world.
As the world’s largest PKI processor, we’vegained unequaled real-world experience whichserves as the foundation for the design andsupport-readiness of our enterprise PKI serviceplatform—VeriSign centers support a rapidlygrowing customer base of millions of consumers,80,000 websites, and hundreds enterprises. Youcan leverage our expertise and capitalize on ourinfrastructure—an investment of over $40 millionin building the world’s largest PKI backbone—sothat you don’t have to build that infrastructure foryour enterprise.
Protecting Information AssetsThe goal of an enterprise PKI is to protectinformation assets through:
• Authentication—validating the identity ofparties in communications andtransactions;
• Confidentiality—ensuring that informationis not intercepted during transmission;
• Non-Repudiation—ensuring that transactions, once committed, arelegally valid and irrevocable;
• Availability—ensuring that transactions or communications can beexecuted reliably upon demand.
Technically, PKI refers to the technology, infrastructure, and practices neededto enable use of public-key encryption and/or digital signatures in distributedapplications on a significant scale. The main function of PKI is to distributepublic keys accurately and reliably to those needing to encrypt messages orverify digital signatures (used to sign transactions or to authenticate peopleprior to granting access to resources). This process employs digital certificatesissued by an enterprise certification authority (CA) to users who register withthat CA. Issuance of a certificate requires authentication of the user, usuallyby a registration authority (RA). The scope of PKI also extends to functions
VeriSign enterprise PKIcustomers includesome of the largestenterprises in theworld—including:
Banks—NationsBank,Bank of America,
Federal Reserve of NY,Sumitomo Bank
Brokerage Firms—Merrill Lynch, MorganStanley Dean Witter
Electronics—HewlettPackard, Texas
Instruments
Telecommunications—AT&T, British Telecom,
US West, Ameritech,
Transportation—UnitedParcel Service (UPS)
Government Agencies—Internal Revenue
Service, civil & defenseagencies
Why go it alone inenterprise PKI when youcan be supported by theacknowledged leader in
mission-critical PKIservices?
7
such as certificate renewal, certificaterevocation/status checking, and user private keybackup/recovery.1
PKI is now the foundation for all application andnetwork security, including access control toinformation resources from web browsers, securee-mail, digital forms signing and workflow,firewalls, routers supporting virtual privatenetworks (VPNs), directories, and single-sign-onto corporate applications (including legacyapplications).
VeriSign OnSite—Industrial-Strength Enterprise PKI
VeriSign OnSite is a unique, state-of-the-art PKI service platform for theenterprise. It integrates:
• Enterprise PKI administration software—enterprise-operated andcontrolled ; with expert wizards for step-by-step installation,configuration, management, and report generation; installs on standardweb browsers and server platforms; with interfaces to enterprisebusiness systems for automated user administration and directoryintegration;
• Guaranteed back-end processing services—contractually guaranteed7x24 data processing, customer support, and disaster recovery services,leveraging investment in the industry’s only global PKI backbone;
• Scaleable and unquestionably secure infrastructure—modular,high-capacity processing and database systems, with audited, state-of-the-art network, physical, and cryptographic security;
• Shared financial and legal liability—managed risk, so you don’t “goit alone” in running your PKI service;
• Pay-as-you-go, volume-based pricing—with costs for additionalusers, including operational costs, incurred only as those users activate;avoids large up-front capital expenses and gives the lowest cost ofownership of any PKI deployment.
1 For a comprehensive description of PKI, see: Warwick Ford and Michael S. Baum, “Secure ElectronicCommerce: Building the Infrastructure for Digital Signatures and Encryption,” Prentice-Hall, 1997.
A PKI implementationneeds to be highlysecure – security
requirements generallyexceed those for typical
secure transactionprocessing system,
since issuance of justone bad certificate orpenetration of a CA’s
security can result in anunlimited number ofbad transactions or
issuance of anunlimited number of
bad certificates.
8
PKI Security and the Need for Distributed Functionality
Any PKI implementation should be designed with high-grade security built-infrom day one. Even if the initial PKI deployment does not protect criticalassets, remember that PKIs will likely be later leveraged to protect preciousinformation assets—extending to the crown jewels of Internet-basedcommerce.
A fundamental requirement of a CA supporting business-critical applicationsis that it must employ hardware cryptographic modules for certificate signing,since software-based cryptography implementations are prone to tampering ormisuse. Root keys that provide the basis for linking together multiple CAs andgenerally have longer lifetimes require special precautions, including storingthe private key in a secure, off-line hardware unit and requiring multiple keyshare holders to enable the key for signing in a tightly controlled, auditedprocess.
The full complement of strong security controls must also be employed,including physical security of the facility (room, building, and equipment)housing the CA, personnel security measures (including screening andspecialized training of all staff with access to the CA), and procedural controlsto enforce such policies as dual control over all sensitive functions. The securefacility typically needs to be operational on a 24x7 basis, and needs fulldisaster recovery backup.
While all CAs need strong security, the costs of building and operating asecure facility and the up-front financial commitment are daunting to manyenterprises. Outsourcing the CA function to someone else is not necessarilythe answer either, since enterprises frequently want full policy control overtheir PKIs, in terms of deciding who receives a certificate, what the certificatecontents are, how and when certificates arerevoked, and day-to-day operation of the CA.
VeriSign OnSite is the only PKI offering to addressthese seemingly irreconcilable needs. WithVeriSign OnSite, the enterprise controls the CAand can administer and audit the operationcontinuously. However, day-to-day back-end,secure data processing functions, such ascertificate-signing cryptographic hardware andrecords retention, are delegated to VeriSign andoperated out of a VeriSign secure data center. Thisis achieved through the VeriSign’s WorldTrustdistributed PKI architecture, components of whichare operated by both VeriSign and the enterprise.
All PKIs implementedthrough VeriSign OnSiteemploy hardware-basedcryptography, screenedand trained personnel, a
military-grade securefacility, and a rigidlyaudited system of
procedural controls.With a do-it-yourself PKIproduct, security is left
entirely to theenterprise.
9
Elements of Enterprise PKI
Provision of an enterprise PKI service has many facets, including secureinfrastructure establishment and maintenance, specialist staff training andscreening, 7x24 operations, application-interfacing, etc. The VeriSignapproach to enterprise PKI distinguishes itself from the build-it-yourselfapproach using standalone PKI software, by giving the customer control overpolicy and day-to-day decision making, but delegating back-end processortasks to VeriSign. To explain the VeriSign difference, let us consider thecomplete PKI solution in terms of the five critical success factors alreadyidentified: technology, open architecture, availability and scaleability,security and risk management, and extranet/e-commerce readiness.
TechnologyAt the core of PKI lies technology—software and hardware that implement thefunctions of a certification authority (CA), registration authority (RA),enrollment processes, certificate renewal and status-verification services,application interfaces, directory services and interfaces, private keymanagement, and so on. The demands on this technology are considerable – itmust support strong security, high availability, multiple certificate types fordifferent applications, and multiple application product interfaces. Mostimportantly, it must have a modular design, permitting PKI functions to bedistributed between enterprise premises and a supporting secure data center.
The VeriSign WorldTrust architecture stands out as today’s most robust andcomprehensive PKI architecture.2 It supports the PKI service center needs ofenterprises, commercial CAs, and websites worldwide, satisfying the moststringent security, commercial, and legal/practices requirements.
2 For a full description, see: “The VeriSign WorldTrust PKI Architecture,” VeriSign White Paper #98-05, 1998.
10
RA ControlCenter
CA ControlCenter
SubscriberManager
EndUser
Clients
EnterpriseServers
EnterpriseCA Admin.
EnterpriseRA Admin.
EnterpriseCertificateDirectory
EnterpriseRegistration
Database
KeyManager
Certificate Processing
CertificateManager
Crypto
Key RecoveryService
Key Management
Enterprise VeriSign Center
SSL
S/M
IME
SET
IPSE
CTr
ust G
’way
s
VeriSign’s WorldTrust Architecture
The WorldTrust architecture compromises the following module families:
• Subscriber Manager: Support for end-user registration and other end-user services such as certificate renewal, typically through web serverslocated on enterprise premises or at a VeriSign center. The look and feelare tailored to the enterprise.
• RA Control Center: Certificate management functions, such ascertificate issuance approval, revocation approval, and generaladministration functions, located at the enterprise. These functions can besoftware-interfaced to local management systems, such as an employee orcustomer database, to allow them to be fully automated.
• CA Control Center: Establishment of local CA policy, such as certificatecontent rules and administration authorizations. These functions aretypically located at the enterprise.
• Certificate Processing: Certificate issuance (based on RA approval),certificate life-cycle compliance and protocol support, cryptographic keymanagement, secure records retention, data base mirroring for disasterrecovery purposes, and other core functions. These functions are builtaround a high-performance transaction engine located at a secure facilityoperated by VeriSign or one of VeriSign’s worldwide affiliates.Cryptographic functions are embedded in government-certified hardware
11
cryptographic modules, with enabling keying materials split betweenmultiple independent responsible persons.
• Certificate Manager: The component of OnSite where the customerchooses the different types of certificates to be issued, for example, SSLS/MIME, IPSEC, or Trust Gateway certificates.
• Key Management: Software components and a supporting service toprovide maximum-security generation, backup, and recovery of user keypairs.
• Enterprise Integration Software Modules: Software modules thatprovide interfaces to enterprise databases to support automated certificateissuance and other administration functions, automated posting ofcertificates to enterprise directory or database, and access to certificaterevocation information by enterprise web servers.
• Application Integration Toolkits: For use by commercial applicationvendors or enterprise customers for enabling PKI-ready applications.
Administration Options
Flexibility is needed in how enterprises administer PKIs, for example, howcertificate issuance or revocation is initiated and approved. Organizationswith modest-sized certificate communities orwhile in technology piloting stages are bestserved with a manual administration systemwhich does not require any special softwareintegration. With OnSite, this is availableinstantly, via administrator access toadministrative web pages hosted by VeriSign;the administrator uses a standard web browserwith smart-card add-on for added security.Organizations with large client communities,however, need the option of driving certificateadministration from other administrativesystems or corporate database updates occurringin real time. For example, as new employees areentered in the corporate human resourcesdatabase, certificate issuance is automaticallyapproved and, as employees terminate,certificates are automatically revoked.
All options are made available with VeriSignOnSite. OnSite’s Automated Administrationoption exposes a simple API for interfacing toany of the popular DBMS or other
It should be possible tointegrate PKI
administration withenterprise systems
administration – not adda new administrative
burden. VeriSignOnSite’s automated
administration allowsissuance andrevocation of
certificates to betransparently driven by
pre-existingadministrative systems
or databases of anytype. Standalone PKIsoftware, on the other
hand, requires theenterprise to create anddepend day-to-day upon
a new, specialist “PKIadministrator” job
function.
12
administrative systems, with support for firewall separation of functionalcomponents as necessary for security purposes. Our experienced ProfessionalServices Organization will do the software integration if desired.
Key Backup and Recovery
When a public-private key pair is used to protectstored encrypted data, it may be necessary torecover the private key if the primary copy ofthat key is lost or otherwise becomesinaccessible. Without such a capability, loss ofa private key may mean loss of valuable data.
VeriSign addresses this requirement with OnSiteKey Manager—an option which allows anenterprise administrator to centrally generateuser key pairs and control the backup andrecovery of the private keys. Centralizedgeneration of key pairs facilitates batch pre-authentication and key distribution in largecommunities. Support for the management offull user key histories is included.
OnSite Key Manager operates in conjunctionwith a VeriSign Key Recovery Service. Privatekeys are stored on the enterprise premises in anon-vulnerable, enveloped form, allowing forstrong protection of the private keys without theneed for a bulletproof secure facility. Recovery of a private key requiresretrieval from VeriSign of a unique key which can unlock the envelope. Thissystem has major security advantages over the vulnerable key-backupdatabases offered by standalone PKI software product vendors.3
Dual-Key Support
When a public-private key pair is the basis for protecting stored encrypteddata, there may be a requirement, by enterprise administration, to keep abackup copy of the encryption private key, to be sure that encrypted data canbe recovered in the event the original copy of the private key was lost or
3 “VeriSign Public-Key Infrastructure – Enterprise Key Management,” VeriSign White Paper #98-02,1998.
When an enterpriseneeds to back upprivate keys, the
paramountrequirements are
enterprise control andhigh security. With
VeriSign’s state-of-the-art key managementsolution, private keys
are held by theenterprise but can only
be exposed after aconfirming transaction
with a highly secure PKIprocessing center. PKIbuilt on standalone PKIsoftware is vulnerableto disclosure of all the
enterprise’s privatekeys in one attack, andleaves all the costs of
security, and all the risk,with the enterprise.
13
became inaccessible. However, if a public-private key pair is to be used for creatinglegally binding digital signatures, that is, fortransactions with non-repudiation, then it maybe beneficial if no copy of the signature privatekey is ever made. (In theory, if signatureprivate key copies exist, an alleged signermight claim that the copy—not the originalkey—made the signature, and therebyrepudiate a transaction.) If both theencryption-key-backup and non-repudiationrequirements need to be satisfied in oneapplication, a user may need to have twoseparate key pairs—one with the private key backed-up (for encryptionpurposes) and one not (for non-repudiable digital signatures).
With RSA-based technology, dual key pairs are very rarely a real requirementin today’s applications, and many application products neither implement, norneed to implement, support for dual key pairs. However, as deployment ofPKI technology advances, real needs for this feature will likely emerge.
The VeriSign infrastructure inherently supports dual key pairs and multipleactive certificates per user. VeriSign’s application partners are adding dual keycapabilities as customer needs arise. For instance, Microsoft’s Outlook 98supports dual key pairs as an option and Netscape has announced that it willbe implementing dual key pairs in its clients this year. VeriSign’s application-integration toolkit supports both single and dual key-pair options today and theVeriSign OnSite platform can manage both today.
Open Architecture
Open vs Closed PKI
One PKI can serve multiple applications, thereby reducing administrativeburdens and improving the end-user experience, for example, by reducing thenumber of passwords a user must remember. One of the biggest challenges ishow to PKI-enable the applications—especially the best-of-breed applicationsdemanded by enterprise customers generally. Two approaches are used byPKI vendors:
• Closed PKI: Proprietary PKI software is installed on every desktop.Applications which use the PKI require a proprietary software interfacefrom the PKI vendor.
Few applicationscurrently require dualkey pairs. VeriSign
supports dual key pairsfor those applicationsthat do. StandalonePKI software vendorswho have built theirarchitectures around“universal dual key-pairs” unnecessarilylock the enterprise
100% into proprietaryclient software.
14
• Open PKI: Native applications interface tothe PKI using industry standard interfaceprotocols or tailored interfaces agreedthrough PKI-application vendor partnerships.No proprietary PKI software is needed on thedesktop.
Closed PKI means that the PKI vendor dictateswhat desktop software must be used throughout acomplete PKI community, including customers,partners, etc. All users must assume the burdenand cost of installing, updating, andtroubleshooting this special software. A majorpitfall of Closed PKI is illustrated by thefollowing real-life example: A prominent PKIsoftware vendor recently released a variant of apopular web browser, customized to interface tothat PKI vendor’s products through a proprietarysoftware interface. However, subsequent upgrades of the browser would notwork with the same PKI—unwitting customers were stranded with an obsoletebrowser release.
Closed PKI also does not extend easily beyond thecorporate intranet to extranet applications servingcustomers or partners. If all certificate-usingdesktops are not under enterprise control, it isimpractical to require special-purpose software,such as a proprietary PKI client, on thosedesktops. In an extranet, desktop systems in theirnative mode must interoperate with the centralPKI.
VeriSign is committed to the concept of OpenPKI which averts the above problems. VeriSignhas partner relationships with over 100independent software vendors, includingMicrosoft, Netscape, Lotus, Oracle, Hewlett-Packard, SECUDE (PKI for SAP R/3), Intuit,Jetform, Cisco, and Lucent. VeriSign’s enterprisePKI solutions work effectively with standardproducts from these vendors. Since VeriSign’sPKI offerings totally complement the offerings ofthese software vendors, we can readily work withthem all as partners to make Open PKI a reality.
VeriSign also contributes heavily to the
Closed PKI does notextend easily beyond
the corporate intranet toextranet applicationsserving customers or
partners. If allcertificate-using
desktops are not underenterprise control, it isimpractical to require
special-purposesoftware, such as a
proprietary PKI client,on those desktops. Inan extranet, desktop
systems in their nativemode must interoperate
with the central PKI.
An enterprise PKI mustsupport all of the
enterprise’s preferredapplications, without
requiring the burden ofproprietary PKIproducts on all
desktops. VeriSignworks with over 100
independent softwarevendors, including allthe big names, to give
you Open PKI—applications that are
VeriSign-PKI-enabled asshipped from their
vendors. Closed PKIlimits PKI-enabled
applications to thosefrom vendors preparedto build to a proprietaryPKI software interface.Worse, it does not workin extranets where the
enterprise does notcontrol all desktops.
15
formulation of industry standards for PKI; for example, we provide the Co-Chair for the IETF PKIX committee that develops such standards plus Editorsfor five of the PKIX standard drafts.
VeriSign’s Open PKI strategy also includes a software toolkit for PKI-enabling customer-written applications, or customers can choose from a rangeof VeriSign-enabled toolkits from other vendors, including Entegrity,Baltimore, RSA, and Xeti. The Open PKI program extends also to partnershiprelationships with systems integrators, such as KPMG and Ernst and Young.Such partnerships facilitate the building of highly integrated enterprise PKIsolutions.
Directory/Database Technology
Enterprises operate a variety of corporatedirectory/database systems, which potentiallyneed to be integrated with their PKIs. Thesedirectory/database systems include: X.500-technology directories, Web-based LDAPdirectory servers, DBMS systems from thetraditional suppliers, and various legacy systems.Certificates (and, if applicable, CRLs) needed byenterprise applications can be distributed by anyof the above systems.
VeriSign recognizes the need to accommodate allof the above technologies, as opposed to bindingan enterprise PKI offering to one specifictechnology (e.g., X.500) only. Enterprises aremoving to common directory architectures andwant directory integration – not directoryseparation. Accordingly, VeriSign OnSiteincludes a customizable Directory IntegrationModule which supports the delivery of certificates to local enterprisedirectories and databases. It directly supports LDAP-based directory systemsbut is also designed for rapid adaptation to interface to any desired directory ordatabase technology. This OnSite option comes packaged with VeriSignProfessional Services resources to adapt it to satisfy any particular customer’sneeds.
Deploying a PKI shouldnot force an enterprise
to adopt a particulardirectory strategy.
VeriSign OnSite adaptsto a customer’s
installeddirectory/database
technology, includingLDAP, X.500, SQL, orlegacy technology.
Standalone PKIsoftware that requires a
particular directoryinterface protocoland/or dictates a
particular directoryschema will not
integrate easily withpre-existing directory
systems due to featureand schema conflicts.
16
Revocation
A certificate may need to be revoked by a CA if a user private key iscompromised or the CA is no longer willing to support the certification.Different application environments demand different revocation mechanisms,dependent on their risk scenarios, timeliness requirements, and the sizes anddistributions of the subscriber and relying party communities. Establishedrevocation mechanisms include certificate revocation lists (CRLs), interactive(WWW) real-time certificate status interrogation, and on-line certificate statuschecking (OCSP). VeriSign is committed to supporting all of these revocationmechanisms in accordance with customer demand.
Daily CRLs and interactive real-time certificatestatus determination are supported by standardVeriSign OnSite policy choices. Hourly CRL-issuance is available as an option. VeriSign alsosupplies a revocation plug-in for Microsoft’s IISand Netscape’s Enterprise Server that checks therevocation status of a presented client certificate,automatically fetching CRLs as needed. Thisgives a fully-automated revocation environmentfor web servers which, unlike Closed PKIofferings, will operate with standard webbrowsers.
For applications requiring real-time statuschecking, VeriSign pioneered the development ofthe OCSP protocol and was the first vendor todemonstrate OCSP in operation in the 1998National Automated Clearinghouse Association(NACHA) PKI trials. VeriSign will provideOCSP for enterprise customers as applicationvendors release support for this protocol.4
4 Netscape Communications Corporation’s foreshadowed its implementation of this protocolin an announcement in August, 1998.
Enterprise PKI mustsupport various
revocationrequirements of
different applications.VeriSign generates
CRLs daily or hourly forall enterprise
customers. It providesturnkey revocationstatus-checking for
enterprise web serversthat can operate with
standard web browsers.OCSP will also be
supported for OCSP-enabled clients. PKI
software vendorssupport only CRLs,
usually only inconjunction with their
proprietary clientsoftware.
17
Availability and Scaleability
Redundancy and Disaster Recovery
A PKI used for mission-critical purposes requires7x24 availability, redundant systems, and fulldisaster recovery backup. With VeriSign OnSite, afully redundant infrastructure is already in place,with 7x24 service levels guaranteed for all criticalcomponents. There are redundant systems forservers, database, Internet service providers,telecommunications, and power. Disaster recoveryoperates 7x24 using a geographically separated siteoperated in conjunction with ComDisco.
An enterprise building its own PKI from standalonePKI software vendor products must establish andfinance its own redundant configurations, and itsown disaster recovery strategy and sites. This oftenproves difficult since these PKI products are notdesigned for redundancy.
Scaleability
Enterprises want to be able to start small—set up aPKI initially with hundreds or a thousand users, then progressively scale thatPKI to tens of thousands, hundreds of thousands,and ultimately millions of users.
A VeriSign-supplied enterprise PKI can scalesmoothly across this full range, with the customerpaying only for the scale of PKI needed at any time.Furthermore, it is the only PKI technology in theworld proven under real-world conditions to becapable of issuing certificates to the scale ofmillions. The scaleability comes from the use ofmulti-processor server architectures, high-performance transaction engines, multi-unitcryptographic hardware banks, and scaleable Oracledatabase technology. Standalone PKI software isknown to encounter scaling limits at the tens ofthousands due to lack of a transaction-optimizedarchitecture and scaling and resiliency limits withtheir database and directory systems.
A PKI supportingmission critical
applications must havefully redundant systems
and backup sites fordisaster recovery
purposes, otherwisebusiness is at risk.
VeriSign OnSiteincludes built-in
redundancy in all of thecritical components that
are located at theVeriSign center. An
enterprise that takes thePKI software product
approach mustestablish and finance itsown redundant systems
and disaster recoverysite.
An enterprise must beable to smoothly grow
its PKI from modestbeginnings to a
platform supportinglarge numbers of
customers, employees,and e-commerce
business partners. TheVeriSign solution hasbeen proven to scale
smoothly fromhundreds to millions ofusers, and the customerpays for the scale of PKIneeded at any time. PKI
software vendorproducts suffer
degradation at or beforetens of thousands of
users.
18
Security and Risk Management
Facility and Personnel Security
In a PKI service deployment, the full complement of strong security controlsneed to be employed, including hardware cryptographic modules, physicalsecurity of the facility housing the CA, personnel security measures (includingscreening and specialized training of all CA staff), and procedural controls toenforce such policies as dual control.
The costs of establishing and operating a high-security, high-availability facility can beprohibitive. The VeriSign PKI solution removesthis burden from the enterprise customer bylocating critical functions in a secure data centeroperated by VeriSign or an affiliate on a 7x24basis. Each data center has multi-tiered physicalsecurity, security-screened personnel, and issubjected to stringent security audits. 7x24 servicelevels are guaranteed. Customer service operateson a three-shift basis. VeriSign’s infrastructure isbacked up by the operators of the world’s largestnetwork of PKI centers, supporting over 3 millionconsumers and 65,000 websites.
This state-of-the-art security infrastructure has beenleveraged by hundreds of enterprises, whosemanagement cannot afford to take the security riskscreated by standalone PKI installations. This isespecially true as enterprises expand their PKIbeyond initial pilot installations to full-scaleproduction systems.
Customer Practices Support
PKI operators need to establish and enunciate practices that allow the entirePKI community to trust the infrastructure and be confident that risks arecontrolled. This applies particularly to a PKI community that spans multipleorganizations, and most particularly when the PKI supports digital signaturesused in support of electronic commerce, that is, in replacing business-to-business or consumer-to-business paper transactions with electronictransactions. With such a PKI, sound practices are essential to ensure thattransactions will be legally binding and have non-repudiation, that is, signerscannot falsely deny originating messages. Practices statements also need to
A mission-critical PKIneeds a high-security,high-availability (7x24)facility with speciallytrained and screenedpersonnel, redundantsystems, full disasterrecovery, and round-the-clock customer
support. The enterprisethat builds its own PKIfrom software products
is responsible for allthis. With VeriSign
OnSite, the security-critical functions link to
VeriSign secure datacenters, allowing the
enterprise to focus oncore businessoperations. By
contrast, standalonePKI requires the
enterprise to create100% of its own secure
environment.
19
establish fair and non-onerous means forapportioning liability in the event of a failedtransaction that causes material damage.
VeriSign is a world leader in the development ofPKI practices. In particular, VeriSign’sCertification Practices Statement (CPS),5 whichenunciates the practices underlying the VeriSignTrust Network (VTN) public CA services, isrecognized as the most comprehensive documentof its type in the world. It is used as a foundationfor enterprise PKI practices internationally.VeriSign OnSite customers may choose toestablish their own, private PKI hierarchies anddefine their own practices. In this case, VeriSignpractices consultants are available to assist.Alternatively, the enterprise CA may be certifiedinto one of the VeriSign Trust Network publichierarchies, in which case the provisions of theVeriSign CPS will apply.
VeriSign’s practices include witnessed andaudited processes for CA key establishment andmanagement and rigid multi-party controls overall key materials. VeriSign’s processes have been certified by KPMG inaccordance with AICPA SAS-70. VeriSign’s practices are backed up by $50million E&O insurance, the industry’s only NetSure extended warrantyprogram for enterprises joining VeriSign Trust Network, and liability-sharingagreements.
Non-repudiation
Non-repudiation refers to the generation and secure storage of evidence tosupport the resolution of disagreements as to the outcome of electronictransactions. Ultimately, the evidence must be able to prove convincing to athird party arbitrator, who can resolve a dispute without needing to relyentirely on the words of the disputing parties. Non-repudiation depends on theuse of digital signatures, created by parties who keep their private keys secure.In addition, non-repudiation depends upon the issuance of digital certificatesby a trusted and independently audited CA system, and the maintenance of
5 Available at: http://www.verisign.com/repository/CPS.
To achieve non-repudiation and multi-party trust in PKI, you
need specialized,audited processes
covering cryptographicPKI management, day-to-day operations, and
record-keeping.VeriSign leads the
development of PKIpractices
internationally, withaudited business
processes that meet themost rigid industry
standards, includingliability-sharing and
insurance protection.Build-it-yourself PKImeans build 100% ofyour own practices,liability coverage,
insurance policies, andaudit.
20
secure records of certificate issuance and life-cyclemanagement, including all steps occurring in therevocation of such certificates in the event of privatekey compromise or other circumstances leading tocertificate revocation.
With VeriSign OnSite, while the enterprise has fullcontrol over the issuance and revocation of digitalcertificates, complete records of the issuance and lifecycle management of certificates are maintained byVeriSign in a high security, independently auditeddata center. Disaster recovery services operatearound-the-clock at a geographically separatedbackup site.
Extranet/E-commerce ReadinessPKI can potentially span a community of any size, for example, a corporateintranet, an extranet that links an organization with its business partners orcustomers, a community-of-interest that spans multiple organizations (such ascorporations in the same industry), or a global community that includes all-comers, for example, for the greater Internet mail community. VeriSignfacilitates the development of communities beyond the intranet in severalunique ways.
Broad Community Enablement
While some enterprises require closed, private PKIs, others want theircertificates to be recognized and trusted by out-of-the-box commercial webbrowsers or other desktop application products. This greatly facilitates theestablishment of extranet PKIs or community-of-interest PKIs, by obviatingthe need for special software installation or configuration in the desktopsystems of organizations that are not under the administrative control of thePKI-operating organization.
With VeriSign OnSite, these requirements are satisfied by giving theenterprise customer the option of establishing an isolated private PKI, acommunity or industry-wide PKI, or a PKI linked into the VeriSign TrustNetwork. The VTN is a global, integrated PKI operated by VeriSign and itsworldwide affiliates such as British Telecom, AT&T, CertPlus in France6,
6 CertPlus is a joint venture of France Telecom, GemPlus, Matra, and VeriSign.
Non-repudiation meansindependently verifiable
evidence. Unlessoperated under
independentsupervision, enterprise-operated PKI products
do not give non-repudiation, since nothird party can offer
corroboration ofprocess and recordsintegrity. VeriSign’s
independentlyevaluated and audited
cryptographic PKImanagement processes
and secured recordsprovide a solid basis forswift and final dispute
resolution.
21
HiTRUST in Taiwan, SACA in South Africa,and VeriSign Japan. Root keys of the VeriSignTrust Network are pre-installed in all majorcommercial desktop products, includingMicrosoft and Netscape clients, allowing thecertificates issued in the PKI to be immediatelyrecognized by the users of such products.
Cross-Certification
Cross-certification is the process whereby oneCA issues a certificate for another CA, allowingcertificate chains to link together PKIcommunities that may span multipleorganizations. VeriSign has led thedevelopment of cross-certified structures,including the VeriSign Trust Network globalpublic PKI community, private PKI certificationstructures for enterprises or communities-of-interest, the global SET infrastructure whichinvolves cross-certification of multiple vendors’CA products, and cross-certification of the mostpopular CA software products—Netscape’sCertificate Server and Microsoft’s CertificateServer—into VeriSign’s infrastructures.
Cross-certification structures may be made as simple (i.e., hierarchical) or ascomplex (i.e., unbounded web-of-trust) as the user community requires.VeriSign cross-certification supports all of these structures.7
Cross-certification comprises two essential steps:
1. Practices establishment: The establishment of appropriate agreements asto risk-management practices and business terms and conditions betweenthe cross-certifying organizations.
2. Certificate request/issuance: Transfer of a certificate signing requestfrom one CA to the other, and issuance of a cross-certificate by the latterCA.
Certificate request/issuance is straightforward, reflecting the same process asissuance of a user certificate. This process uses industry standard certificate-request protocols such as the widely-deployed PKCS#7 and PKCS#10standards or the emerging IETF PKIX standards.
7 Not all certificate-using application products support all structural configurations.
While enterprise PKImay start with just
intranet applications,proper planning will
allow it to later scale toextranets or larger
community structures.Communities can be
built instantly when themembers already
recognize common rootkeys. VeriSign OnSitecustomers are offeredthe options of private
PKI, extranet PKI,industry PKI, or a PKI
cross-certified into theglobal VeriSign TrustNetwork, whose rootsare pre-installed in all
popular client products.With a PKI built fromstandalone software,
community building ismuch more unwieldy,
involving manual,pairwise exchange and
installation of cross-certificates or root keys.
22
The practices establishment step presents agreater challenge, but VeriSign’s customers canbenefit from the unique expertise in VeriSign’sPractices Department, led by Michael Baum,renowned electronic commerce attorney.VeriSign customers have the option of cross-certification into a structure with establishedpractices in place or, alternatively, establishing anew structure with new practices. In the lattercase, customers are offered access to VeriSign’sunique practices expertise on a consulting basisor by sublicensing proven practices statements.
The critical issue with building cross-certifiedstructures is that the approach of establishingmany networked, bilateral cross-certificationarrangements does not scale into workablecommunities—the overall trust level would endup reflecting the lowest common denominator ofall of the bilateral relationships. VeriSign workswith communities-of-interest to establish acommunal approach to PKI practices from dayone, using extensive real-life experience as thebasis.
Feature Comparison – VeriSign & EntrustVeriSign is the only vendor in the PKI space offering a complete enterprisePKI solution—based on the PKI service platform concept. As an example, thefollowing table summarizes some major differentiators between VeriSign andEntrust PKI offerings.
Cross-certificationmeans much more than
just issuing anothercertificate – it is aspecial business
arrangement, involvingagreements on such
points as securitypractices and liability
apportionment.VeriSign has builtnumerous multi-enterprise cross-
certified CA structures,linking groups of
financial institutions,commercial CAs, andother organizationsworldwide. VeriSignhelps its customers
establish cross-certification practices
and agreements. With aPKI software product,
where cross-certification is
concerned, you are onyour own.
23
PKI Component VeriSign OnSite 4.0Integrated PKI Platform
EntrustStandalone PKI Software
TechnologyCryptographic hardwarefor certificate signing
All CAs use hardware cryptography,FIPS 140-1 level 3 endorsed (avertsrisks of tampering and disclosure ofprivate CA key inherent in softwarecryptography)
Base product uses softwarecryptography (hardware option atadditional expense)
Root key protection Root keys always network isolatedand in secure facility; activation byregimented, audited secret sharing(averts risks of penetration anddisclosure of private byintruders/administrators if privateroot key held in on-line, operationalenvironment)
Root keys held in on-line,operational environment
User key management User encryption keys backed up atenterprise; full key histories; strongprotection using distributed keyrecovery technology
User encryption keys backed up atenterprise; full key histories; held insingle-point-of-failure onlinedatabase
User dual-key support Supports single or dual key pairs forany application (dependent onapplication requirements andcapabilities)
Supports single or dual key pairs(dual key pairs supported only withproprietary client and applicationsinterfaced via proprietary toolkits)
Open ArchitectureOpen vs closed PKI Open PKI; no proprietary software
on desktops; 100+ ISV partners;120+ applications enabled
Closed PKI; many features requireproprietary desktop client or toolkit;limited to 29 ISV partners; 45applications enabled1
Directory/databasetechnology
Enterprise choice of LDAP, X.500,SQL, or legacy DBMS; no directoryschema restrictions
LDAP/X.500 directory requiredwith special schema restrictions thatmay conflict with other enterprisedirectory schema
Revocation CRLs issued regularly; revocationenabled for web servers andstandard browsers; OCSP supportfor key clients, e.g., Netscape
CRLs issued regularly; revocationlimited to Entrust proprietary client& server plugins; no OCSP; norevocation for other clientapplications without proprietarydesktop or toolkit
Availability andScaleability
Redundancy Guaranteed 7x24 service levels,redundant servers, database, ISPs,telecommunications
None provided by vendor; enterpriseprovides its own
Disaster recovery Guaranteed 7x24 disaster recoverybackup at remote secure site
None provided by vendor; enterpriseprovides its own
Scaleability Proven, seamless scaleability from100s to millions; guaranteed peakloading service levels
Scaleability problems start at 10s ofthousands; product unproven at 100sof thousands+
24
Security and RiskManagement
Facility security Fortified construction, 5-tiersecurity; dual biometric accesscontrol, 24-hour monitoring, motiondetect, network security audit
None provided by vendor; enterpriseprovides its own
Personnel security Investigative screening, specialisttraining, retraining
None provided by vendor; enterpriseprovides its own
Independent audit Independent SAS-70 audit byKPMG; VISA audited and approved
None provided by vendor; enterprisearranges its own
Customer practicessupport
Enterprise CA may join VTN withproven established practices, or mayestablish own practices; VeriSignoffers practices consulting and/orCPS
None provided by vendor; enterprisemust develop its own practices andlegal expertise
Non-repudiation Evaluated/audited cryptographicmaterials management and securedrecords retention provideindependently verifiable evidencefor dispute resolution
No non-repudiation, unless PKI isoperated under full supervision of anindependent authority
Extranet/E-CommerceReadiness
Global CommunityEnablement
Enterprise has option of joining PKIstructure with roots pre-installed inall commercial web/mail clients
Enterprise must configure web/mailclients to recognize CA
Cross-certification Can cross-certify enterprise OnSiteCA into established VTN or privatenetwork; can cross-certify privateNetscape or Microsoft certificateserver; cross-certification includesall phases, including support forpractices establishment
Mechanical certificate issuanceonly; no assistance with practices;vendor has no operating experience;no cross-certification withNetscape/Microsoft
NOTES:1. Based on current Entrust Website information.
For Further Information......see the VeriSign website at www.verisign.com, contact your local VeriSignAccount Representative, or call VeriSign at (650) 961-7500.