All Security Depends on Authentication
by Eirik Iverson, Product Management
Authorization, privacy, integrity, and audit are very important security services to any organization. Their efficacy is limited by the level of assurance provided by the authentication that supports them. When authentication is unreliable, then so too are authorization, privacy, integrity, and audit.
Authentication – WHO’s who?
With flawed authentication:
• Authorization systems effectively become indiscriminate,
• Privacy services are pointless when the encryption key is available to anyone
• Integrity services (i.e., has ‘this’ been altered?) can be subverted
• Audit services capture events attributed to no one in particular and for events that may not have actually occurred.
BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.
Authorization – WHO can access it?
A flawed authorization system can allow Bob to access and modify resources that only Alice may, also violating privacy and integrity. If your Active Directory, other LDAP, or some standalone server application cannot effectively distinguish between one user and another, then its ability to regulate who may access what is undermined.
BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.
Privacy – WHO can see it?
Privacy, though a more general term, is frequently equated with encryption. Encryption is a commodity, generally. Any vendor’s implementation is usually as good as another’s. Administrators should always select an AES setting. In many circumstances, AES 256 adds little to no additional overhead as compared with AES 128 or AES 192. Nonetheless, weak authentication devalues strong encryption.
BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.
Integrity – WHO can change it?
Cryptographic mechanisms enable a recipient of delivered electronic data to determine if it has been altered since it left the sender. If the ‘receive’ does not credibly know the data came from the ‘sender’. What’s the point of testing for data integrity?
BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.
Audit – WHO did it?
Without assurance that data is unaltered, audit records are useless because the events they capture have no credible association with who did what.
Organizations are driven to meticulously audit activities due to regulatory requirements and security best practices.
BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.
Why two-factor?
Endpoints, such as desktops and laptops, can be compromised with malware. Over 20% of malware found on endpoints is designed to steal user name and password credentials. A digital identity that resides within a second, physical device that prevents any copying or spoofing of that data ensures that one can rely on assertions that Alice is indeed Alice.
Why mutual authentication?
Most authentication deployments support the server (a.k.a., its administrator) authenticate any user that approaches it. But, how does the end-user authenticate the server or site? If this is untrustworthy, then all other security measures can be compromised. That is why half the email or junk mail any end-user receives points to fake websites.
Why PKI?
One-time pass code authentication schemes are generally one-way, authenticating the end-user only. PKI facilitates mutual authentication. It also provides for non-repudiation and other useful security services.