The present invention relates to systems that provide security and privacy for data. In particular, the present invention allows flexible access for authorized users of a communication system authorized while maintaining security for data at rest and in transit on the system.
As an information security tool, cryptography can compliment changes in information technology. The growth of information systems has been phenomenal. However, today""s cryptography and its key management have reached a crossroads as it attempts to adapt to the information system changes. The predominant public key management scheme of the 1980s and 1990s has shortcomings that will constrain the information industry from expanding into greater information sharing applications without a shift in public key application. A new direction in encryption is needed if the distributive enterprise solution, with its myriad information applications, is to be made effective.
By combining what has been learned in the implementations of public key management and pre-1980s key management, an expanded symmetrical core key management technology emerges as the better choice for bridging to the 21st century information applications that include data-at-rest and communications security models. Issues that confront future information protection models such as scalar, data separation, or role-based enforcement, system performance, and multiple enterprise authentication for the user or for the workstation can be satisfied by combining enterprise-wide information distribution with information control and access control capabilities while protecting the information.
An evolution in cryptographic technology is taking place. A symmetrical key management model that is particularly well suited for role-based access control systems that look to the roles users have within an organization, and to the information access that should be afforded those roles is being bound to an authentication key management model that incorporates the mathematical models of digital signatures and signed public certificates with physical properties of identification techniques as smart cards. The resultant key management technology is the basis for what will be referred to herein as Constructive Key Management (CKM).
In recent years, both government and industry have dramatically altered their perceptions of the development and expansion of information systems. The computer heralded the practical management of information. As its power and flexibility increased, the communications industry expanded its services and capabilities to accommodate the automated enterprise and its users. The rapid drop in prices and explosive development of both hardware and software compounded the computer""s potential power.
Rapid growth is also evident in the conveyance of information on the software side. The entertainment world now produces games using terms like Virtual Reality and Cyberspace. This rapid advancement of information technologies has provided a somewhat uneven growth pattern, particularly in the sociological and legal arenas. Today, even the casual user has a headlong rush of information available at a level that did not exist ten years ago. We have moved from the radio-controller, to the microprocessor, and to today""s multi-processor systems with complexities that even the most prescient PC gurus did not foresee. As we have become more familiar with the capabilities of our machinery, we have followed the most human of instincts: we attempt to share our discoveries.
The sharing of IDs has also extended to the sharing of workloads and the concept of distributive processing. The computer and communications communities responded to this demand. They have increased speed and provided connective opportunities enabling the booming of links, networks, LANs, WANs, and more and more acronyms that all mean xe2x80x9ctogether.xe2x80x9d The result today is that any computer user, with a reasonable amount of equipment, can connect with just about any information application over the Internet. The age of the Internet and xe2x80x9cinformation warfarexe2x80x9d is upon us. The protection of selected information and selected channels of information has become a paramount concern in defense and commerce. While this evolution has been taking place in information processing, cryptography has emerged as a premier protection technology.
Keys are an essential part of all encryption schemes. Their management can be the most critical element of any cryptography-based security. The true effectiveness of key management is the ability for keys to be maintained and distributed secretly without penalizing system performance, costs, or user interaction. The management of the keys must be scalar, must be capable of separating information flow, must include interoperability needs, and must be capable of providing information control.
A method of distributing keys predominantly used in the 1980s and 1990s is public key, or asymmetrical, cryptography. In this method, the conversion of information to cipher text and the conversion of basic properties of the public key method include separate encryption and decryption keys, difficulty in deriving one key from another, secret decryption keys, and public encryption keys. The implementation of public key information encrypting keys is the result of the mathematical combination of the encryption and decryption keys. Public key management was developed for a communications channel requirement to establish cryptographic connectivity between two points, after which a symmetrical cryptogen such as DES was to be executed. Over the years, public key implementations have demonstrated their effectiveness to authenticate between two entities. However, to take the authentication process to a global certificate process has not been successfully done. Stated in other words, public key management is effective in an information model that defines point-to-point communications channels where the information encrypted does not need to be recovered.
Many of the recent implementations of public key management have left users with an option to create their own pair-wise connectivity within the network. This action can leave an organization vulnerable, and in some cases liable, if that user leaves the organization without identifying the keys that were previously used for encrypted files or data. Also, to assure the integrity of the public key from misuse, a third-party infrastructure scheme has surfaced, that is, a certificate authority process is created to mathematically confirm that a particular public key was issued to a specific user. The exchange of certificates with a third party can significantly impact the performance of a network. Further, this raises the legal issue of whether an organization should give a third party control over the validation of corporate correspondence.
A negative aspect of the public key process is a high computation time, which can impact the performance of an information application. In many instances, hardware solutions have compensated for the high computational requirements. Semi-public key architecture historically has been a point-to-point design; moving to a distributive network with group sharing of information can create higher transmission costs and greater network impact. Although the older key management systems of the 80""s and 90""s worked well for point-to-point communications and one-to-one file transfer, they are too time consuming to use in a case wherein a single file is placed on a file server and decrypted by thousands of users. As the trend toward work groups and complex communications infrastructures continues, the need for more efficient information and communications key management technology becomes paramount.
Shared secret keys or symmetrical key is the earliest key management design and pre-dates public key management. The earlier versions of symmetrical designs suffered what was referred to as the xe2x80x9cn-squaredxe2x80x9d problem in that the number of keys needed was very large as a network expanded, and these designs did not have an effective authentication capability. However, symmetrical encryption has a measurably better system performance than public key implementations.
The key management and distribution design of the present invention builds on the advantages, and takes into account the disadvantages, of both public and symmetrical key management implementations. Constructive Key Management (CKM) combines an encryption process based on split key capability with access control credentials and an authentication process based on public key and identification techniques. The binding method between the symmetrical and public key processes is itself an encryption sequence that ensures integrity to the parts of the processes.
Part of CKM is a split key symmetrical encryption technology. Split keys are key modules that when combined create the session key for the encryption/decryption process. As with all encryption key management processes, a certain portion of the process has to be pre-positioned. For example, the split keys that make up the Credential set must be distributed before a user (or a workstation) can initiate the encryption process.
Constructive Key Management is suited for role-based access designs that look to the roles users have within an organization, and to the information access that should be afforded those roles. Users"" access permissions are changed as their roles within an organization change. As a symmetrical design, the cryptographic architecture model is closed to those users given split keys. A new user (or a workstation) would have to be given, through the process, a suite of split keys to participate in the encryption or decryption process. The CKM encryption process can be amended to data-at-rest such as files or information objects that are used in a store and forward and read later architecture, and the process can be part of the key exchange and the attribute exchange process for a transmission key management architecture.
Constructive Key Management integrates organizational information flow and control with an encryption key creation, distribution, combination, and authentication process. The design can support multiple symmetric key cryptogens or algorithms, and uses a data encryption process of combining split keys. These split keys are created by a Policy Manager for overall organizational distribution and managed through a credential manager to the user. Other administrative features are included in the key management process such as read and write authorization, identification fields, a user terminal field and an access import field for directory authentication. Additional administrative and security features can be realized with a hardware token such as a smart card. The internal Constructive Key Management design process can be used and adapted to various smart card implementations. For example, a 16 Kbit memory card may contain portions of the combiner process and the authentication process with the encryption process performed at the host. Additional memory and processor capability on the card offers further on-card encryption functionality and added authentication capabilities such as biometrics and card integrity techniques.
When a file or a transaction is encrypted using Constructive Key Management, a unique session key is created, used, and discarded. The session key cannot be derived from the file or message header. The (file) header contains the creator""s identity and permissions (labels) indicating the audience of the file. The labels and algorithm form a matrix for separating access to information. The labels may be defined by the organization, or defined for a workstation""s authority, or may be selected by a user. Upon receipt, the header is decrypted and the permission labels are compared to those of the recipient. If the comparison is favorable, other splits are obtained and combined, the session key is reconstructed, and the file is decrypted. If the focus was on protecting the information communications channel, a standardized split key exchange would be done to establish the channel (or tunnel) and to ensure encryption synchronization for maintaining the encrypted channel. Regardless of whether an object is encrypted or a channel is encrypted, no session or key split is transmitted with the information.
If necessary, an organization can recover all files since it controls the total label permission set and the corresponding key splits. Thus a private xe2x80x9crecoveryxe2x80x9d capability is inherent within the symmetrical key management portion.
In addition to the variable key splits associated with the label permission process, other key splits used in the combining process that include a random split, an organization-unique key split, and a maintenance key split for periodic key updates. Each key split, as an entity, is combined with a non-linear function to offer a level of internal integrity to the cryptographic combining process. The resultant combination of key splits results in the session key used for the encryption and decryption processes.
CKM can be implemented completely in software, using a floppy disk as a token, or it can be implemented with a mix of hardware and software, using a smart card as a token. It can be implemented as a stand-alone encryption process, or it can be embedded into an information application. In summary, CKM encompasses a mix of symmetrical and public key management properties that can be used to encrypt objects or establish encrypted channels.
Constructive Key Management was designed to meet goals stated previously. The first level of Constructive Key Management meets the objectives of secrecy, that is, data confidentiality, access control, and user authentication. As a byproduct of the design, data separation and key recovery are available. The design of Constructive Key Management also gives it the functionality of a public key infrastructure. Adding public key cryptography to Constructive Key Management at the second level gives it the capability to meet the last three goals that are broadly termed authentication.
Constructive Key Management uses symmetric key cryptography for secrecy. Role-based access controls are implemented with the use of labeled splits that are combined to generate keys used in symmetric key cryptographic algorithms. Strong user authentication is realized with Constructive Key Management technology in the form of user passwords, biometric data, and tokens, such as a super card or other smart card. Data separation, through labeling and algorithm selection, provides functionality comparable to physical separation.
Constructive Key Management technology lends itself to data-at-rest that may be defined as objects that exist for some time, such as computer files, databases, e-mail messages, etc. However, Constructive Key Management is also suited for channel or pipeline transmitted data. Constructive Key Management technology can be extended beyond applications into lower levels of network protocol, for example, in IEEE 802 protocols or at level 2 in the OSI model of networking. The Constructive Key Management encryption protocol to establish the session key for the channel can be adapted to the parameters of the communications environment.
Constructive Key Management imposes a hierarchical infrastructure on an organization to securely manage splits. This infrastructure also gives Constructive Key Management the ability to distribute public keys, thus giving it the functionality of a public key infrastructure. The scalability of Constructive Key Management infrastructure is better than that of other proposed public key infrastructures, which require additional bandwidth over the network to exchange certificates and public keys. In Constructive Key Management, digital signatures and the Diffie-Hellman key exchange between the smart card and workstation are the principal forms of asymmetric key cryptography used. The Constructive Key Management infrastructure also gives Constructive Key Management the ability to implement a key recovery method. Flexibility in algorithm management means that strong symmetric key algorithms or exportable algorithms can be used.
Constructive Key Management technology meets a set of security objectives that provide the xe2x80x9cclassicalxe2x80x9d role of secrecy. First, data confidentiality keeps the content of information from being revealed to those who are not authorized to read it. This is realized in Constructive Key Management with symmetric key cryptography using a robust key management system that provides a new and unique key for each encryption with the user xe2x80x9cselectingxe2x80x9d the readership for the encrypted object. An object can be a file, a message, or some other defined entity.
Also, access control restricts use of encrypted objects to those entities specifically given permission to use them. Access control in Constructive Key Management is role-based; permissions are granted and revoked based on an entity""s responsibility or position within an organization and not on who or what the entity is. It currently encompasses the actions of encryption and decryption but can include, for example, permissions to use certain programs, certain devices, or specific hardware operating raodes. Further, entity (or user) authentication establishes the identity of a user or other entity to the system. Entity authentication becomes stronger when other enhancements, to be discussed below, are added to Constructive Key Management.
Inherent in Constructive Key Management are the means to meet two additional, xe2x80x9cmodemxe2x80x9d, objectives. First, data separation gives the illusion that data at the same physical location, on a server or network wire for example, is physically separate. Two cryptographic means of separation are used in Constructive Key Managementxe2x80x94separation by algorithm and separation by label. Also, key recovery in Constructive Key Management is the ability to regenerate the keys used to encrypt objects. Within any particular Constructive Key Management domain (or organization), encrypted objects are not lost with the loss of the entity that encrypted the object or the entity to which the encrypted object has been sent. But, at the same time, key recovery is an organized process requiring several deliberate events plus access to the encrypted object in order to regenerate the key and decrypt the object.
A digital signature offers Constructive Key Management the means to meet three additional, xe2x80x9cconventionalxe2x80x9d, security objectives. First, data origin authentication (also called message authentication) corroborates the source of Constructive Key Management encrypted information. Also, data integrity is the ability to prove that a Constructive Key Management encrypted object has not been altered since being encrypted and digitally signed. If digital signatures are not used, then a Message Authentication Code (xe2x80x9cMACxe2x80x9d) or Manipulation Detection Code (xe2x80x9cMDCxe2x80x9d) with encryption can provide data integrity in Constructive Key Management. Further, non-repudiation proves that the signature on a signed object came from the signatory such that the signatory cannot deny having digitally signed the object.