The Trusted PKIThe Trusted PKI
Marc LarocheManager, Product Evaluation
[email protected](613) 247-3446
2
AgendaAgenda
• The Entrust PKI, an overview
• Evaluation approach
• Common Criteria Certification: Functionality and assurance covered
• What is next? Entrust/PKI v5.0 evaluation
• Summary
Entrust/PKIThe main components
X.500 Directory
CRL
Entrust/Authority
CMDatabase
LDAP
OS
OS
Entrust/PKIThe main components
X.500 Directory
CRL
Entrust/RAEntrust/Authority
CM CM
Database
LDAP
PKIX-CMP
Admin API
OS
OS
OS
Entrust/PKIThe main components
X.500 Directory
CRL
Other Applications
Entrust-Ready Applications
CM
Entrust/RAEntrust/Authority
CM CM
Database
LDAP
PKIX-CMP
Admin API
OS
OS
OS
OS
OS
Other CAs
TM
TM
Evaluation Scope
X.500 Directory
Entrust/Authority
Entrust/RA
Other Applications
CM
CM
CRL
Entrust-Ready Applications
CM TM
Database
PKIX-CMP
ADM API
TM
Evaluation Scope
X.500 Directory
Entrust/Authority
Non Entrust-Ready Applications
CM
CRL
Entrust-Ready Applications
CM TM
Database
PKIX-CMP
ADM APITM
Entrust/RA
CM
TM
TM
Evaluation Scope
X.500 Directory
Entrust/Authority
Entrust/RA
Non Entrust-Ready Applications
CM
CM
CRL
Entrust-Ready Applications
CM TM
Database
PKIX-CMP
ADM API
TM
TM
Evaluation Scope
X.500 Directory
Entrust/Authority
Entrust/RA
Non Entrust-Ready Applications
CM
CM
CRL
Entrust-Ready Applications
CM TM
Database
PKIX-CMP
ADM API
• User identification and authentication
Entrust/PKI 4.0a Certification:Evaluated Functionality
Entrust/Authority
Entrust/RACM
CM
End-Entities
ADM API
Other CAs
PKIX-CMP
• User identification and authentication– User I&A before any action (FIA_UID.2 and FIA_UIA.2)
– Password rules (FIA_SOS.1)
– Single use authentication for user initialization, key recovery and enabling of CA cross-certification (FIA_UAU.4)
– Enforced re-authentication to complete sensitive operations and after session time-out has occurred (FIA_UAU.6)
– Protected authentication feedback (FIA_UAU.7)
– Authentication failure handling (FIA_AFL.1)
• Access Control
Entrust/Authority
Entrust/RACM
CM
End-Entities
ADM API
Other CAs
PKIX-CMPData
Functions
Access ControlMediation
•User Id•Role•Privileges
• Access Control– Complete access control on CA data objects (e.g. CA
signing key, user privilege vector, policy, etc) and functions (FDP_ACC.2)
– Security attribute based access control (i.e. user id, role and permissions) (FDP_ACF.1)
– Secure management of security attributes, including access control and enforcement of secure values (FMT_MSA.1, FMT_MSA.2, FMT_MSA.3, FIA_ATD.1)
– Secure management of security enforcing data objects (e.g. integrity check rate, database encryption algorithm, CA signing algorithm, etc.), including access control and enforcement of secure values (FMT_MTD.1 and FMT_MTD.3)
• Separation of duties
Entrust/Authority
Entrust/RACM
CMADM API
PKIX-CMPMaster User
End User
Auditor
Security Officer
Administrator
Directory AdministratorOthers
(Custom-defined)
• Separation of duties– Maintenance of roles and associations between users and
roles (FMT_SMR.2)
– Management of security functions behavior restricted to distinct roles (FMT_MOF.1 and FMT_SAE.1)
• Key Management
TM
X.500 Directory
Entrust/Authority
Entrust/RACM
CM
CRL
End User
CM
Database
ADM APIX.509v3PKCS#1,3FIPS 140-1FIPS 186-1PKIX-CMP
• Key Management– Certificate-based key management that meets the following
standards: X.509v3, PKCS#1 and 3, FIPS 140-1 and 186-1, LDAP, PKIX-CMP (FCS_CKM.2)
– User initialization, key update, key recovery and encryption key back-up IAW PKIX-CMP and FIPS 140-1 (FCS_CKM.3)
– Use of secrets generated by a FIPS 140-1 cryptographic module is enforced (FIA_SOS.2)
• Audit– Audit records are generated for a defined list of events; each
record includes: log number, event description, severity level, user id, user type and state (FAU_GEN.1 and FAU_GEN.2)
– Any modification to audit records is detected (FAU_STG.2)
– Privileged users are provided with the capability to read audit records and look for specific information based on user-defined search criteria (FAU_SAR.1 and FAU_SAR.3)
X.500 Directory
Entrust/Authority
Entrust/RACM
CM
Database
PKIX-CMP
ADM API
CRL
• Trusted Path and Data Protection
X.500 Directory
Entrust/Authority
Entrust/RACM
CM
Other CAs
CM
Database
PKIX-CMP
ADM API
CRL
End Users
• Trusted Path and Data Protection– Communications with remote administrative users, end users
and external CAs are authenticated and protected from modification and disclosure (FTP_TRP.1)
– Communications involved with automatic key management operations (e.g. key update) are protected from modification and disclosure (FTP_ITC.1)
– The access control policy is enforced when data is transmitted and received, and modification, deletion, insertion or replay is detected (FPT_ITI.1)
– Exchanged data is consistently interpreted (FPT_TDC.1)– Generation of evidence of origin for CA certificates, user
certificates, CRLs and ARLs is enforced, and the capability to verify the evidence of origin is provided (FCO_NRO.2)
• Trusted Path and Data Protection (continued)– Generation of evidence that can be used as a guarantee of
the validity of CA certificates, user certificates, CRLs and ARLs is enforced, and the capability to verify evidence of the validity is provided (FDP_DAU.1)
– Data stored in the local database is monitored for integrity errors (FDP_SDI.1)
• Non-bypassability– Security enforcing functions are invoked and succeed before
each function within the CA allowed to proceed (FPT_RVM.1)
• Cryptographic services (Environmental)
TM
TM
X.500 Directory
Entrust/Authority
Entrust/RACM
CM
CRL
End-Users
CM TM
Database
PKIX-CMP
ADM API
• Cryptographic services– Key and secret generation is performed by a FIPS 140-1
validated module (FCS_CKM.1 and FIA_SOS.2.1)
– All plaintext keys are zeroized by a FIPS 140-1 validated cryptographic module (FCS_CKM.4)
– All cryptographic operations, including pseudo-random number generation, short term key storage, encryption/decryption, signature generation and verification, hashing and MAC generation and verification are performed by a FIPS 140-1 validated cryptographic module (FCS_COP.1)
• Abstract Machine Services (Environmental)– Reliable time stamps are provided for own use (FPT_STM.1)
– Audit records are protected against unauthorized deletion (FAU_STG.2.1)
– A security domain for own execution is maintained, which provides protection against interference and tampering by untrusted applications (FPT_SEP.1)
Entrust/Authority
Entrust/RA
CMADM API
PKIX-CMP
AuditCM
Time
Time
OS OS
And what EAL3+ means …• Internal development processes and systems were documented and
reviewed.
• Configuration management (source code, documentation, test plans); evidence that CM is actually used; measures that allow only authorized changes to configuration items.
• Security measures (physical, procedural, personnel and other used to protect the development environment).
• Flaw reporting procedures +
• Problem tracking +
• Product delivery
• Design was documented and reviewed for conformance with claimed functionality.
• Informal functional specification
• High-level design (description of security functions in terms of subsystems and relates subsystems to the functions that they provide; description of the interfaces between these subsystems).
• User documentation was reviewed:
• Installation guidance
• Administrative guidance
• Informal correspondence demonstration was reviewed:
• More abstract representation (claimed functionality) is correctly and completely refined in the less abstract representation (FS and HLS).
• Test plans, test procedures, expected test results and actual test results were submitted and reviewed:
• Demonstrate that each security function was tested against the functional specification in a systematic manner.
• Demonstrate that the tests are sufficient to confirm that the security functions operate IAW the High-Level Design; demonstrate that the internal interfaces are exercised.
• Vulnerability analysis was submitted and reviewed.
• Categorization report was submitted and reviewed.+
• subcomponents are described as security enforcing or not.
Continued ...
• Functionality• Enforced proof of receipt - keys and certificate (FCO_NRR.2)
• Residual information protection (FDP_RIP.1)
• Automated recovery of services (FPT_RCV.2)
• Replay detection - certificate request (FPT_RPL.1)
• Session locking (FTA_SSL.1 and FTA_SSL.2)
• Assurance - EAL-CS2• ADV_SPM.1 Informal TOE security policy model
• AVA_MSU.2 Validation of analysis
Entrust/PKI 5.0 evaluation:Augmented from 4.0a
In summary
• The Entrust/PKI evaluations cover:• cryptographic services• essential public key management functionality• supportive security critical functionality
• The Common Criteria certification serves as a fundamental extension to the FIPS 140-1 process.
• The selected CC assurance components (EAL3+) provide a maximum amount of confidence consistent with existing best practices for COTS development.
TM
Questions?
For more information:http://www.entrust.com/entrust/validation.htm
E-mail: [email protected]: (613)247-3446