English   Deutsch

Martin Kuppinger: DigiNotar and RSA hackings demonstrate need for multi-level IT security

DigiNotar and RSA hackings demonstrate need for multi-level IT security
DigiNotar and the single point of failure
by Martin Kuppinger
mk@kuppingercole.com

In late August it emerged that Dutch SSL certificate authority DigiNotar, a subsidiary of the VASCO Group, had been the subject of a successful attack in which an attacker, presumably from Iran, hacked into DigiNotar’s certificate authority (CA). Claims have meanwhile surfaced that the CA was insufficiently secured.

Now – when an attack succeeds, the existence of a vulnerability is obvious. The question, however, is whether it is even possible to sufficiently secure a CA. The problem is that certificates issued by this CA can no longer be considered trustworthy, as they may be false.

The usual verification process, which uses either CRLs (Certificate Revocation Lists), i.e. lists of invalid certificates, or sometimes OCSP (Online Certificate Status Protocol), is fairly weak: CRLs are not always up to date, and OCSP is often not used.
The first consequence of this attack is that Microsoft, Apple and various Linux distributions have removed DigiNotar from their lists of trustworthy root certificate authorities. This means that certificates issued by DigiNotar are no longer accepted, and will – assuming appropriate system and browser settings – trigger warning messages.

Because the websites of, for example, the Dutch government are secured via DigiNotar, this of course creates a number of problems, especially in the Netherlands. The resulting financial loss is almost impossible to estimate when all the follow-up costs of switching to other certificates, support for access problems, and the like are included.

But there is nothing surprising about the DigiNotar case. It matches the RSA attack that recently caused a furore when sensitive, secret information for authentication via RSA SecurID tokens was hacked at RSA.

In both cases, attackers were able to overcome the central element of the security concept – in one case the CA, in the other the central storage of security information at RSA. In both cases there was a “single point of failure”; once this has been breached, security is non-existent.

This means that we have to fundamentally reconsider what security on the Internet might look like in future. The concept of CAs has long since reached its limits – and now that fact has become widely apparent. In the case of RSA, the best response is “versatile authentication”.

This approach uses and combines various authentication solutions with a wide range of different mechanisms. The authentication method varies depending on security requirements, user groups and other circumstances, removing the dependency on a particular mechanism.

Security must however also be designed in such a way that it no longer depends on a single entity. One question is what form such a solution could take on the Internet. Internally, it means that security concepts must be multi-layered.

Most companies have long recognised that in addition to increasingly porous firewalls, further security levels are required to protect internal IT. These multi-layered models must be rigorously designed and implemented. The aim is explicitly not to use as many technologies as possible, but to specifically implement several layers of security.

Options include firewalls, system, database and application security, Endpoint security solutions (as part of an overall concept, not as an isolated solution) or Information Rights Management (IRM). The main objective is to ensure that a successful attack on a single system is not sufficient to compromise the entire security set-up. A “single point of failure” is even less affordable in security than it is elsewhere in IT.

Created: 06.10.11, modified: 06.10.11

top
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Register now
Services
KuppingerCole Analyst Services
In the networked economy of the 21st century, digital identities play a key role in establishing trust, achieving security, lowering costs and making business processes more efficient. Things like Identity and Access Management (IAM) or...
KuppingerCole Vendor Services
The market for Identity and Access Management (IAM), governance, risk management, and compliance (GRC) and cloud computing is expanding by leaps and bounds. In fact, no other segment of the IT market can boast such dynamic growth rates. At the...
KuppingerCole Briefings
KuppingerCole welcomes the opportunity to hear from IT companies when they launch a new product or service or have other interesting progress to announce. Please fill in the request form , and we will contact you shortly. 
Links
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on Google+

 KuppingerCole on YouTube

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing

 GenericIAM
Imprint       General Terms and Conditions       Terms of Use       Privacy policy
© 2003-2014 KuppingerCole