Persistent Protection of Data: Part 2

By Jay Wack, President
Tecsec, Inc. USA

IEEE Internet Initiative eNewsletter, September 2017

Part 1 of this article was published in the July 2017 issue of the IEEE Internet Policy Newsletter. Click here to read the full article.

The Internet Architecture Board, the Internet Engineering Steering Group and others have written about the internet becoming the predominant vehicle for electronic commerce and information exchange. And as such, it is essential that the support structure for these activities can be trusted.

RFC 1984^[1], published by the Internet Engineering Task Force, states: “Security mechanisms being developed in the Internet Engineering Task Force to meet these needs require and depend on the international use of adequate cryptographic technology. Ready access to such technology is therefore a key factor in the future growth of the Internet as a motor for international commerce and communication.”

We have all seen evidence that the capabilities and activities of attackers are greater and more pervasive than previously known. The point of this article is to recognize that it is important for protocol designers, developers, and operators to make encryption the norm for internet traffic and content. This can be done with existing standards, and doing so will make the internet safer for us all.

Trustworthiness of a network or information system asserts that the system does what is required—despite environmental disruption, human user and operator errors, and attacks by hostile parties—and that it does not do other things.

Trustworthy networks are challenging systems to build, operate, and maintain. There is the intrinsic difficulty of understanding what can and cannot happen within any complex system and what can be done to control the behavior of such a system. With the environment only partially specified, one can never know what kinds of attacks will be launched or what manifestations failures may take.

That being said, we have an immediate problem; we are all, as a group, using these network systems daily. And while we can contemplate what might be in the future we need to act now to improve our own current circumstances. One of the things to consider is the use of cryptography and, in particular, standards based cryptographic techniques.

The internet has been called the Information Highway by many, and that comparison is a valid one. In particular, when roads are built, the concern is connectivity and the availability of a defined predictable path of access between locations. So too with an information network, a path of connectivity between locations is the objective. Continuing the analogy, the providers of either pathway are responsible for the condition of the conduit. However, neither of these “highways” are responsible for the vehicles being used, nor the content of these vehicles.

We are not going to stop using the systems we have, but we can help ourselves and others by protecting our belongings. The use of cryptographic tools to protect our data while in transit and at rest (in the garage or parking lot) will allow us to continue to help maintain the basic requirements of a useful information system which include: the confidentiality (restriction of access to content), the integrity of the data (it has not been altered or if altered it is detected), and to do both while assuring the data remains available for its intended purpose.

It is unreasonable to expect the physical highway builders to assure the safety of the content of our vehicles, so too it is unreasonable for us to expect the internet providers to provide safety of our data content. You wrap a package for shipping, you label it, and your confidence comes from your own preparation and actions. This is true for both the physical and logical networks.

In the earlier years of network design the assurances at the network level were focused on point-to-point connections. As we have become ubiquitous in our connectivity…everyone can connect to everyone else…and many times in ways unexpected…we need to separate the security of our data from the security of the network.

When looking at this problem, we quickly see that we must be able to address data objects of all types. And we must be able to assist in the interaction of the protected data indifferent to the network topography we might use. One of the tools to accomplish this level of control is the use of a key management process built for purpose. Rather than a communications model of security (COMSEC) needed for the network, we need an information security (INFOSEC) model to protect our data.

Luckily this process has been identified, peer reviewed, and codified into a collection of standards by the American National Standards Institute (ANSI). Specifically, X9.69 A Framework for Key Management and X9.73 Cryptographic Message Syntax.

X9.69 offers a framework to apply a dynamic (constructed on the fly at the time of need) key management process. A dynamic key system is needed for information protection, because the communication models of security are built on fixed/static keys. This static approach simply will not scale well with the needs of an object level design. The result of the application of the ANSI X9.69 techniques properly applied provides an enterprise with an attribute-based access control system for any digital object that can be named, enforced by cryptography. The standard, named a Framework for Key Management Extensions, is a comprehensive approach. The framework described in the standard can include the control of all digital objects within the enterprise: physical (e.g., electronic door locks) and logical (e.g., network, volume, directory access) functional controls (for example, .exe or .dll) and content (down to a period in a sentence, an embedded image, or video clip as examples) under a common security architectural design.

X9.73 addresses message content structure such as Extensible Mark Up languages and in particular ASN.1, which supports the interface between the encrypted objects and the network as ASN.1 is the dominant language of networks. This approach means encrypted objects can be adjudicated by the network, supporting routing, prioritization, and filtering, without compromising content.

In a presentation titled “Avoiding Cybersecurity Groundhog Day,” Diana Kelly, global executive security advisor at IBM Security, called for the cyber industry to stop making the same mistakes over and over. “Every time there is another breach, it kind of feels like Groundhog Day. We need to get out of that repetition,” she said.

Lucky for us all, there are industry groups like ANSI ready to help us move to an appropriate solution.

References:

^[1] https://tools.ietf.org/html/rfc1984

Jay Wack

Jay has over 45 years in the electronic security industry. He has been awarded over a dozen U.S patents in the areas of cryptography and security product design. Jay is a strong supporter of standards and an active participant in ANSI, ISO, IEEE, and CIGRE working groups. SME in cryptography, key management, and digital currency.

Editor:

Dr. Waleed Ejaz

Waleed Ejaz (S’12, M’14, SM'16) is a Senior Research Associate at the Department of Electrical and Computer Engineering, Ryerson University, Toronto, Canada. Prior to this, he was a Post-doctoral fellow at Queen's University, Kingston, Canada. He received his Ph.D. degree in Information and Communication Engineering from Sejong University, Republic of Korea in 2014. He earned his M.Sc. and B.Sc. degrees in Computer Engineering from National University of Sciences & Technology, Islamabad, Pakistan and University of Engineering & Technology, Taxila, Pakistan, respectively. He worked in top engineering universities in Pakistan and Saudi Arabia as a Faculty Member. His current research interests include Internet of Things (IoT), energy harvesting, 5G cellular networks, and mobile cloud computing. He is currently serving as an Associate Editor of the Canadian Journal of Electrical and Computer Engineering and the IEEE ACCESS.In addition, he is handling the special issues in IET Communications, the IEEE ACCESS, and the Journal of Internet Technology. He also completed certificate courses on Teaching and Learning in Higher Education from the Chang School at Ryerson University.