Public Key Infrastructure (PKI)
Workshop
Summary Observations and Recommendations

 

Prepared for Cornell University
February 15, 2002

 

 

 

Contents

• Introduction
• Proceedings
• Observations
• Analysis & Recommendations
  • General Recommendations
  • Recommendations Regarding PKI
  • Other Issues
• Appendix A: PKI Technical Position Outline
• Appendix B: Acronyms

 

Introduction

The Burton Group conducted a Public Key Infrastructure (PKI) Workshop on the Cornell University campus in Ithaca, NY, on January 29 — 30, 2002. Some 20 representatives from several departments, including Computer Science, Computing Director Office, and Undergraduate Admissions, participated in the workshop. The purpose of the workshop was to:

• Educate representatives from departments and colleges on the technology and policy issues surrounding PKI
• Develop an understanding of the Cornell University’s application environment and potential uses of PKI products and services

Proceedings

The Workshop consisted of the following events:

• On January 29, 2002, Burton Group conducted an executive overview presentation on Strategic Context, Business Drivers, Industry Status, PKI Case Studies, and Deployment Considerations. Following the executive overview, Burton Group conducted an in-depth presentation on Security and PKI Basics, Applications for PKI, Standards and Interoperability, Products and Services, and Deployment Considerations.
• On January 30, 2002, Cornell University representatives from Computer Science, Undergraduate Admissions, and the Computing Director’s office delivered presentations on campus initiatives that have PKI requirements. The presentations were followed by an open brainstorming session on specific Cornell University application needs, such as the systems used by the Office of Sponsored Programs, that could use PKI and whether those applications were appropriate for PKI deployments. About 20 representatives from Cornell University attended both sessions.
• On February 15, 2002, Burton Group submitted this report, which summarizes our observations and recommendations to Cornell University.

 

Observations

During the course of our pre-workshop meeting, workshop presentations, and discussions, we identified the following conditions:

• Cornell University consists of many fairly autonomous departments and colleges that work independently to meet the computing needs of their constituents. Each area may have its own information technology (IT) budgets, staff, and initiatives, and organizational structures.
• The departments or colleges all use a variety of network technologies, services, and products. Server operating systems in use include Windows and UNIX, while client systems are a mix of Windows and Mac. Kerberos is widely deployed as an authentication mechanism; with other systems developed in-house providing authorization services that leverage the Kerberos login.
• Cornell University does not have a campus wide directory system in place and there are no active plans for its deployment. However, LDAP directories are being deployed to replace the permits server and instances of Active Directory also exist. Correction–The LDAP directory is being positioned as a campus wide directory system.--AB
• Today, the use of PKI products and services is generally very low throughout the university. The Computer Science department likely has the most experience with PKI, having deployed the Microsoft Certificate Authority for more than one year. It is used to issue certificates for SSL, Encrypted File System (EFS), and for strong authentication using smart cards within the department. For the rest of the university, PKI is primarily used for Web server authentication via Secure Sockets Layer (SSL).
  
• The applications driving member institution interest in PKI include authentication (student, faculty, applicants, others), secure messaging (digital signature and message encryption), data encryption (documents and other data), remote access, and single sign-on. There is also a significant desire to reduce paperwork, particularly for the admissions and grant request processes.
• The university is feeling significant pressure from outside sources, both higher education, government agencies, and grant institutions to incorporate digital signatures, secure email transfer, and other PKI based mechanisms into Cornell systems.
• During many discussions throughout the two-day workshop, the subject turned to legal concerns and issues as it relates to PKI policy development. The group certainly gained appreciation for the necessary close relationship that PKI practitioners will need to develop with the university legal department as it addresses liability and privacy challenges.
• Technically advanced computer systems are becoming a competitive advantage for higher education institutions and Cornell University desires to at least be on a par with comparative institutions.
• New York State conducted a pilot that Cornell participated in where documents were signed and submitted digitally via email. This pilot project discovered the normal barriers that users face when attempting to deploy PKI services: the certificates purchased were not compatible with an email client in use, extra configuration changes were required for Macintosh systems, executives requested that the software be installed on administrative assistant machines (to delegate authority), and a lot of end user help was required. This is an excellent example of the need for extensive planning, testing, and education required to implement digital signature technology.
• In addition to a lot of discussion on legal aspects of PKI, considerable concern was raised about privacy regulations. When deploying systems that will support collaboration with external parties, Cornell must be aware of recent and developing privacy regulations in effect both domestically and internationally as up to 50% of students are foreign born. For further information on European Union Privacy issues and policy, please refer to http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/index.htm
• There are many email clients and servers in use today at Cornell that further complicates the ability to enable secure email. Configuration requirements of the individual platforms also add a layer of complexity to interoperability.
• If digital certificates were to be widely deployed at Cornell, a flexible roaming solution for user convenience would be a very important aspect of the PKI system.
• Cornell University collaborates with many partners, including:


• Other universities
• Submitting grant requests to NIH, NFS, and other local, state, and federal agencies
• Admissions services such as CollegeNet
• Testing services such as Educational Testing Service

 

Analysis and Recommendations

Public key security holds a great deal of promise for Internet-based applications and services. Public key security provides critical security services, including authentication, integrity, and confidentiality, in highly distributed systems, making it ideal for Internet applications. Therefore, it seems inevitable that some form of public key security will become the preferred security system for important Internet applications. Indeed, public key security has become the foundation for important Internet security standards, including the Transport Layer Security standard (formerly known as SSL) for authenticating Web servers and the Secure Multipurpose Internet Mail Extensions (S/MIME) standard for secure messaging.

It’s important, however, to distinguish between public key security and the public key infrastructure, or PKI, necessary to manage it. PKI adds layers of security to public key systems by supporting X.509 digital certificates and the facilities for managing both encryption keys and certificates. In short, PKI adds many useful features and functions to public key systems. But as is the case with any technology, those features and functions come at the price of additional complexity. Today, then, there many outstanding issues related to PKI.

First and foremost, it’s important to remember that PKI isn’t a complete security solution on its own. PKI will serve the Cornell University best when it’s part of a comprehensive security architecture that includes general-purpose directory and authorization services. In addition, it’s important to understand that PKI isn’t just technology. It involves people, process, policy, and law. The industry has yet to sort out many issues, including complexity, manageability, and legal precedent, so caution is warranted.

For these reasons, we are fond of saying that the "I" in PKI, is only just emerging. The industry has made a great deal of progress in creating PKI standards in the last two years, and vendors are providing increasingly robust products. But many standards are immature, and as is the case in any market, customer needs (and products) are evolving faster than the standards. Today, interoperability, manageability, liability, and policy remain significant issues.

Still there are reasons to deploy PKI and to seriously consider plans for deploying PKI in the future. This is especially true for organizations such as the Cornell University. As we’ve said, public key security is poised to play a strategic role in Internet applications. Consequently, organizations that intend to use the Internet to conduct business must prepare themselves for the inevitable. And organizations that want to shape PKI policy within their community must get involved early in order to influence that community.

Today, there are several standards efforts and community organizations working to address the deployment barriers that prevent wider PKI adoption. The Internet2, Educause, and CREN have collaborated to create the Higher Ed Bridge Certificate Authority, which just completed a successful round of testing with the Federal Bridge Certificate Authority. The Organization for the Advancement of Structured Information Standards (OASIS) has technical committees developing the Security Assertions Markup Language (SAML) and XML Key Management Services (XKMS), which will have potentially significant impact on Cornell University’s plans to deploy PKI. In addition, Internet2 has made great strides with the Shibboleth project and is working closely with the SAML community to bring viable cross-security domain identity sharing to reality. While complexity, interoperability, application integration, and cost issues are barriers to immediate PKI deployment at Cornell, the University and its member institutions must prepare for PKI by first planning and then deploying PKI applications with clear scopes (limitations) and goals (solving a real problem). Simply put, Cornell University should be planning its PKI strategies and policies, viewing those efforts as an essential part of creating e-business infrastructure. Whenever possible, the University should strive to create general-purpose security infrastructure that many applications can leverage, integrating that infrastructure with directory and authorization services.

Only then can Cornell meet its goals of inter-institutional information sharing, cross-institutional curriculum enrollment, and secure electronic grant submissions in a scalable, secure, and manageable form. And by getting actively involved now, Cornell can influence the evolution of PKI policy and law as well as interoperability improvements in the higher education community at large.

During workshop discussions and Cornell presentations, digital signatures were frequently discussed for several applications. It became clear, however, that digital signature requirements varied widely across the applications mentioned. For example, applying digital signatures to grade submissions can be very different from signing grant requests to be submitted to NIH. A key aspect of this problem is the degree to which Cornell will go to validate the identity of individuals that digital certificates are issued to and the assurance level assigned to those certificates.

Validating the identity of digital certificate recipients will be a formidable challenge that will become manageable if Cornell outlines a clear and simple policy outlining certificate assurance levels. Once policy is determined, Cornell can decide what mechanisms and processes to employ to satisfy certificate policy guidelines. To vet active students, faculty, and staff will be much more straightforward than if Cornell desires to issue certificates to applicants or even prospects. Cornell must analyze the objectives of all efforts to issue digital certificates to the various constituencies it deals with to ensure project success.

In addition to the technical level investigation of PKI that Cornell will undertake, Cornell must also prepare for the training and awareness necessary to educate users that will be issued digital certificates. Today, most computer users are not aware of what digital certificates are, how to properly handle or store them, or what to do when something goes wrong. Application developers do not have an abundance of easy to use programming tools to incorporate PKI into applications and systems. Furthermore, system administrators will have new system components to manage and maintain to ensure adequate availability.

To assist Cornell in future PKI planning, Burton Group makes the following recommendations, which we split into three groups: General Recommendations, Recommendations Regarding PKI, and Minor Concerns.

General Recommendations

Burton Group makes the following general recommendations to Cornell University:

• As with any large and complex undertaking, Burton Group recommends that Cornell exercise good project management principles when considering a wide scale PKI deployment. Two key aspects of a PKI project are developing the business case for the technology and gaining adequate management and funding support. In addition, Cornell should structure the project to include pilot testing, a practical proof of concept that includes Cornell systems, and a deployment plan that includes clear deliverables that enables the PKI team to declare successes and continue to garner management support.
  
  
• A critical component of PKI systems in particular, and identity management systems in general, is the directory infrastructure. Cornell should consider investigating and pursuing a university wide directory strategy that will enable more efficient management of identity and authorization information. Most identity and access management systems, including PKI, Web access management, and provisioning systems rely on LDAP directories to function and interoperate. Having a directory strategy in place along with the infrastructure to support it will ease the configuration of secure collaboration systems.

• Resources must be allocated to pursue these objectives (human, financial, hardware, software, bandwidth, etc.). Cornell must be prepared to invest the necessary capital in technical training, software acquisition, hardware, and other resources necessary to accomplish the goals of a PKI project.

• Training and awareness for users, administrators, developers, and management is a significant requirement for PKI projects. Using PKI services is a large impact for all constituencies and cannot be taken lightly. In concert with PKI training and awareness, Cornell should also provide training for good security practices, such as promoting use of strong passwords, discouraging the sharing of userids, etc.

• Privacy legislation and regulations are evolving a rapid pace and Cornell should assign a person or group to monitor and track privacy regulations. Some of the particular regulations that may impact Cornell include HIPAA, FERPA, and the EU Privacy Directive.

Recommendations Regarding PKI

Burton Group makes the following PKI recommendations to Cornell University:

• Cornell should continue to proceed cautiously before deploying widely used PKI systems as the industry continues to address interoperability, application integration, and complexity issues. As applications or partner institutions request PKI services, Cornell must carefully distill actual technical and business requirements before proceeding. Once Cornell has established a strategic plan for PKI deployment, it can make the appropriate tactical decisions that will be compatible with the long-term vision.

• As discussed during the two-day workshop, cross certification and interoperability with external parties is a complex challenge. Burton Group recommends that Cornell actively pursue higher education community projects that are addressing these issues. In particular, Higher Ed PKI has just demonstrated interoperability with the Federal Bridge PKI system. Internet2, among other projects, supports the Shibboleth initiative, which allows the federation of identity information between security domains. The Shibboleth model may also be a viable option to consider instead of traditional PKI cross certification procedures for certain applications or partner scenarios.

• In addition to tracking the activities of the organizations mentioned above, Burton Group recommends that Cornell become more actively involved in industry organizations that are working on the same PKI challenges that face Cornell. These organizations are addressing technical issues as well as making PKI policy recommendations that are of tremendous value as Cornell formulates its PKI strategy. Furthermore, with active participation, Cornell can help to shape the agenda to include issues that are of local importance and also arm Cornell with the information it needs to convince other partners to follow the same path.

• Cornell should use the PKI technical position outline attached in Appendix A as a tool to help distill PKI requirements for applications. While not an exhaustive list, it details many of the areas that PKI architects will have to explore to develop the Cornell PKI strategy.

• When deploying PKI, Cornell should consider process implications as well as the technology itself. For example, if Cornell were to issue digital certificates to all students, then it should integrate certificate issuance with the registration process to leverage the validation of personal information.

Other Issues

Workshop participants discussed the following topics, agreeing that they are concerns shared by many of the member institutions:

• Cornell should consider how it would accept identities from 3^rd party institutions. Instead of managing a userid and password for all users that access Cornell systems, Cornell can choose to accept the identity from another party. This could be accomplished by registering with central service like Microsoft Passport or AOL Magic Carpet, utilizing Shibboleth or SAML assertions when they are available, cross certifying with an external PKI, or accepting users from admissions services like CollegeNet.

• Unique identifiers may be required for all users that are issued Cornell University credentials by a single system. Best practices for unique identifiers are: they are globally unique, they do not contain personally identifiable attributes, and they are never re-issued.

• Many agencies that Cornell interfaces with are building their own systems and Cornell should try and head this off by educating others of the benefits of common methods and processes.

• Any new products or technologies should integrate with and leverage the key existing systems at Cornell such as Kerberos and Metastorm.

 

Appendix A: PKI Technical Position Outline

• What applications will the PKI support?
• Strong authentication
• Digital signatures
• Secure email
• General encryption
• VPN
• Non-repudiation
• Who will own and operate the infrastructure?
• University, department, mixed?
• What are the guidelines for ownership and coordination?
• Should PKI be treated as strategic or tactical?
• IF strategic, call for significant effort by owners to expand use of PKI under the master plan and to standardize its use so as to guide and control its growth. Further the owners are willing to invest the funds to accomplish this.
• IF tactical, minimize use and where it is absolutely required, deploy in the cheapest and easy way. This does not preclude a standard for the cheap and easy way, but would be lowest common denominator in nature.
• CP and CPS
• How many assurance levels of certificates will Cornell require?
• What are the identity verification requirements for each level?
• Will hard tokens be used?
• Who dictates each policy — Cornell or external party?
• Elements of architecture to consider
• Registration and enrollment
• Key creation
• Key storage
• Key archive/recovery
• Key renewal
• Trust relationships
• Recovery
• Roaming
• Revocation and validation
• Application integration
• Users and Relying parties
• Staff
• Partners
• Students
• Faculty
• External Agencies
• Other Universities
• Certificates
• What is the naming convention for the subjectName field?
• What attributes will be stored
• What attributes will be stored in certificate?
• What Cornell extensions are needed?
• Should extensions be marked as required?
• Key length
• What key lengths are required for signing, encryption?
• What key length should the CA use for its own keys?
• Algorithms
• What algorithms will be supported for signing and encryption?
• How long will certificates be valid for?
• What is the usage policy?
• Key and certificate storage
• Local workstation
• Will client software be installed to store certificates, or will the local browser be used?
• Laptops
• Will client software be installed on laptops, or will smart cards be used to store certificates and keys?
• Roaming server
• Will a roaming solution like Entrust TruePass be required?
• Smart card
• What type of smart card will be deployed?
• Java card or other
• Will card be used for other applications?
• Building entry
• Cafeteria purchase
• Company credit card
• Digitized photo
• Will card with antenna and bar code be required?
• Trust relationships
• Cross certify
• Hierarchical
• Partners
• Customers
• Will there be a Cornell trust hierarchy — central CA and departmental CAs?
• Certificate validation
• CRL
• OCSP
• Short lived certificates
• Directory
• Will CRLs be used for validation?
• What directories will store CRL data?
• Will CRL distribution points be used?
• Is OCSP required for any applications?
• Will OCSP v2 be considered easier for developers to use?
• One general-purpose PKI vs. multiple implementations
• User registration
• Bulk
• One by one
• Existing shared secret
• How will the RA structure be configured?
• How will certificates be issued for each assurance level?
• Will user registration be automated?
• Help desk issues
• Lost PIN
• Lost smart card
• How will Help Desks assist users with lost PINs?
• How will lost, damaged, forgotten cards be dealt with?
• Insource vs. outsource
• Programming interfaces
• W2000 integration
• Certificate management protocols
• What protocols are required?
• CMP, CMC, both?
• XKMS?

 

Appendix B: Acronyms

• CA — Certificate Authority
• CP — Certificate Policy
• CPS — Certificate Practice Statemet
• CREN — Corporation for Research and Educational Networking
• EU — European Union
• FERPA — Family Educational Rights and Privacy Act
• FPKI — Federal Public Key Infrastructure
• HEPKI — Higher Education Public Key Infrastructure
• HIPAA — Health Insurance Portability and Accountability Act
• LDAP — Lightweight Directory Access Protocol
• NIH — National Institute of Health
• OASIS — Organization for the Advancement of Structured Information Standards
• PDS — Policy Disclosure Statement
• PGP - Pretty Good Privacy
• PKI — Public Key Infrastructure
• SAML — Security Assertions Markup Language
• S/MIME — Secure Multipurpose Internet Mail Extensions
• SMTP — Simple Mail Transfer Protocol
• SOAP — Simple Object Access Protocol
• SSL — Secure Sockets Layer
• VPN — Virtual Private Network
• XKMS — XML Key Management Services
• XML — Extensible Markup Language