digital certificates securing email communication nicholas davis, is consultant/admin doit...
TRANSCRIPT
Digital CertificatesSecuring Email Communication
Nicholas Davis, IS Consultant/Admin DoIT Middleware
Overview
What are digital certificates?What can digital certificatesbe used for?How could digital certificateshave been used avoid datatheft at Ameritrade?Other methods of authenticationSocial EngineeringSummary & Discussion
What is a Digital Certificate?
A digital certificatecan be thought of asan electronicpassportIt is used it todigitally sign emailand documentsIt’s components canbe used to encryptemail andattachments for endto end security.It can securedatabases and otherserver data
Public Key Cryptography
Digital Certificates Functions
• Authentication – Proof that you are who you claim to be
• Encryption – encoding information in such a way as to make it unreadable
• Non-repudiation – Inability to deny having sent specific information or having accessed a specific system
• Data Integrity – Proof that the data has not been altered since it was originally sent
Public Key Cryptography
• A digital certificate is made up of two keys, a private key and a public key
• Public key is used for encrypting and verifying a person’s digital signature
• Private key is used for decrypting and digitally signing
Digital Certificates Are For Machines Too
• SSL – Secure Socket Layer
• Protection of data in transit
• Protection of data at rest
• Where is the greater threat?
Using a Digital Signature for Email Signing
Provides proof that the email came from the purported sender (Authenticating theuser)
Provides proof that the contents of theemail have not been altered from theOriginal form (Message Integrity)
Why Is Authenticating the Sender So Important?
What if This Happens at UW-Madison?
Could cause harm ina critical situationCase Scenario
Multiple hoax emails sent with Chancellor’s name and email. When real crisis arrives, people might not believe the warning.
It is all about trust!
Digital Signing Summary
• Provides proof of the author
• Testifies to message integrity
• Valuable for both individual or mass email
• Supported by Wiscmail Web client (used by 80% of students)
What Encryption Does
Encrypting data with a digital certificate
securesIt end to end.While in transit
Across the networkWhile sitting on email servers
While in storageOn your desktop computerOn your laptop computerOn a server
Encryption Protects the Data
Physical theft from officePhysical theft from airportVirtual theft over the network
Why Encryption is Important
• Keeps private information private• HIPAA, FERPA, SOX, GLB• Proprietary research• Human Resource issues• Legal Issues• PR Issues
Where is my Certificate Stored?• You digital certificate is stored
either on your machine or on a cryptographic USB hardware device
• Dual factor authentication
What does it actually look like in practice? -Sending-
What does it actually look like in practice (unlocking my private key)
-receiving-
What does it actually look like in practice?-receiving- (decrypted)
Digitally signed and verified; Encrypted
What does it actually look like in practice?-receiving- (intercepted)
Benefits of Using Digital Certificates
Provide global assurance of your identity,both internally and externally to the UW-MadisonProvide assurance of message authenticityand data integrityKeeps private information private, end toend, while in transit and storageYou don’t need to have a digital certificateTo verify someone else’s digital signatureCan be used for individual or generic mailaccounts.
Who Uses Digital Certificates at UW-Madison?
DoITUW Police and SecurityOffice of the RegistrarOffice of Financial AidOffice of AdmissionsPrimate Research LabMedical SchoolOthers
Who Uses Digital Certificates Besides UW-Madison?
US Department of DefenseUS Department of Homeland
SecurityAll Western European countriesDartmouth CollegeUniversity of Texas at AustinJohnson & JohnsonRaytheonOthers
The Telephone Analogy
When thetelephone wasinvented, it washard to sell.It needed toreach criticalMass and theneveryone wantedOne.
That All Sounds Great In Theory…..But
• The world seems to get along just fine without digital certificates…
• Oh, really?• Let’s talk about
Ameritrade
• 1971, Ameritrade is founded• Provides securities brokerage services and
technology-based financial services • 2006, TD Ameritrade reported more than 6.2
million accounts and average client trades of 216,970 per day. The company had $276 billion in client assets.
• Summer, 2007, Ameritrade customers begin receiving stock pump and dump spam
• September 14, 2007, Ameritrade states that it has found and removed “unauthorized code” from one of its databases.
• What went wrong? How could it have been avoided? Are legacy systems to blame?
Unauthorized code in database allowednames and mailing addresses to beharvested and used for spamminginvestment related email
How did this code get there?
Ameritrade claims that the investigation isongoing and that they don’t have all thefacts yet….You decide who is responsible.
Are Usernames and Passwords to blame?• Why do we have usernames and
passwords? • Authenticate and Authorize, control
access rights• Why are usernames and passwords a
bad idea?• Theft, sniffing, shoulder surfing, brute
force attacks, concurrent usage, intentional sharing to thwart technical controls.
• Would authenticating with digital certificates have helped?
Digital Certificates vs. Passwords
• Password = something you know
• Digital Certificate = something you have
• Digital Certificate on a hardware token = dual factor authentication
Database Information
• Storing data in the clear• Storing data in encrypted form• Both have their advantages• Could Ameritrade had
benefited from using an encrypted database?
Summary of Ameritrade Issue
• Using a digital certificate for authentication would have provided additional assurance
• Using a digital certificate to encrypt the data within the database
• Dual tiered approach to data protection
Other Authentication Technologies
Proximity BasedAuthentication
Biometrics
One Time Passworddevices
Proximity Based Authentication and Authorization
• Usually radio-frequency responders
• Base station recognizes token
• Communicates with access-control system
• Initiates automatic logon
• Can have two-factor authentication
• Immediate screen lock when user leaves
One Time Password Devices
• RSA SecurID• Addresses many
username/password concerns• Time based• Event based• Only good for authentication
Social Engineering Threats
• If you insist on username/password, beware of:– Threatening behavior– Authoritarian behavior– Flattery
The Importance of Maintaining a Trusted Network
• Control who has access to your systems with dual factor authentication
• Do daily data comparisons• Keep critical data encrypted
when possible• Apply patches and updates• Look at the logs regularly
Question and Answer [email protected]
As you seek to find the truth,
don’t forget to protect your information!