The present invention relates generally to secure communications. More particularly, the present invention relates to private key protection for secure servers.
FIG. 1 shows a conventional secure web services deployment environment 100 where a plurality of web servers 102A-N are connected by an internal network (intranet) 104 such as an Ethernet network to a wide-area network (WAN) 106 such as the Internet. Web servers 102 are generally protected from WAN 106 by a firewall 108.
To protect the communications between secure web services and their clients on WAN 106, many secure web servers 102 employ a public key infrastructure such as that specified by the ITU-T X.509 standard. According to such mechanisms, each web server 102 stores a certificate comprising a public key that is available to the clients of the web server 102, and a private key that is kept from the public. The public and private keys are used together to protect communications between web servers 102 and their clients on WAN 106.
As long as the private key is not released to the general public, the web services are secure. For this reason, the private key file (that is, the file stored on a web server 102 that contains the private key) is generally encrypted to prevent the release of the private key to an intruder accessing the web server 102 in an unauthorized manner from WAN 106. However, whenever the web service is restarted, for example after a power failure affecting the web server 102, a passphrase must be provided to the web server 102 to decrypt the private key file in order to support further secure communications.
According to one conventional technique, the passphrase is provided by a human in response to a prompt from the web server 102. The primary disadvantage of this approach is that the web server is unavailable during the interval required for the human to learn of the outage, travel to the web server 102, and provide the passphrase. Most webs services have availability requirements that render such delays unacceptable.
According to another conventional approach, the passphrase is stored in a file on the web server 102, and is provided to the web service automatically upon restart. The primary disadvantage of this approach is that an attacker could obtain the passphrase, and decrypt and obtain the private key, thereby rendering the web service communications unsecure.