Military Communications and Information Technology: A Trusted ...
Share Embed Flag
Download ePaper

Military Communications and Information Technology: A Trusted ...

Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...

wil.waw.pl
22.01.2015 Views

446 Military Communications and Information Technology... may or may not use this key – this depends on the exact trust model tied to the PKMA. • If the PKMA mandates the use of certificates, these are included in the signature-element. Certification information required for delegation are an exception for this rule (discussed below). • The schema may make provisions to embrace extensions of a certain PKMA type, provided they do not exclude other PKMAs from the same function. In practice, these include: ✓ The block key may be encrypted several times by different public keys, and these listed independently. The encrypted data blob should not give preference to any of these. ✓ The role information may be a single identifying string, a list of roles, or a (propositional) logic expression involving roles, activities and other restrictions. C. Design principles: signing The construction of our CBIS schema follows the principles outlined in [12], with one major distinction about the signatures. The distinction concerns the signatory role: whereas in [12] this role was always equated with the key management center, we implement three different roles: Owner/ADMIN-User, WRITE-User and Filter. In the structured document itself this is reflected as content-signatures and metadata signatures, which must thus be independent of each other. The trust model used here dictates that the administrative restructuring of the document should not reveal or modify the actual content, thus the content and administrative signatures (data vs. metadata) should be independent. However, in [12] it was not clear how to automatically compute compound signatures for restructured content with the authority of the Owner. The book suggested using delegation with attribute certificates. The work in [5] presents a brilliant solution to retain the compound signatures constant throughout the whole tree-structure of an XML document. Using this approach, we are able to keep the content signatures unmodified (by administrative components). In addition to the Owner, WRITE-Users are allowed to legally modify the data. This is accomplished through a list of users with WRITE-permission on an element. Technically this means that upon opening a document, the User Agent checks at least the content signatures, and if the signatory is either the Owner (the only completely trusted party) or another user with WRITE-permissions listed in the metadata, the signature is accepted as valid. To enforce the WRITE-permissions list, the whole element containing the list (cbis:securityAttribute) is signed by an ADMIN-user.

Chapter 4: Information Assurance & Cyber Defence 447 The Filter signs parts of the document security metadata (History-related). As the Filter is only semi-trusted, and ADMIN-users may have conflicts of interests, different public keys need a validity certification from the Owner. The Filter validity certification is required irrespective of the PKMA. We assume for simplicity that the correspondence between Owner and a document is oneto-many (instead of many-to-many). Thus the validity certification can be placed in the per-document metadata element. Furthermore, the schema doesn’t specify the form of the certification – it could be a PKI certificate, IBC-based delegation (e.g. with a public key of the type “Owner X grants admin privileges to Filter Y”, which is verifiable with the Owner X public parameters and the claimed string only), or something else, as long as it contains sufficient cryptographic strength. In order to separate the administration and content, some cryptographic conventions need to be observed: • The need to separate non-repudiation and basic integrity signatures is PKMA-dependent, so the number of signatures is left open here, and the types of signatures are listed as widely as needed. • Layered encryption (super-encryption, encrypting already enciphered content) is not used. Opening administrative metadata would require additional layers of filters and/or key management. In [12] and [11] super-encryption is defined – the purpose here could be embedding other documents or hiding the access control information – but we leave it out here for simplicity. D. Design principles: versioning The main document is assumed to be modifiable. There are two types of modification possibilities: content modification and permission type modification. In each case, the CAC paradigm entails that since the actual modifications cannot be prevented (only detected), there should be a possibility of rollback and attribution (finding the perpetrator). Rollback requires versioning and storage of the previous versions. Content versioning is considered to be outside the scope of this paper – it can be done by creating a separate document per committed modification and transferring the versioning burden to the Storage (as it should be optimized for availability). Per-element versioning does affect the CBIS schema itself, and this is considered more of a document management than a security issue. Per-element versioning should bind the content signature together with the content – thus we do not consider content signature versioning either here. Attribution has two facets: illegal modifiers of content and security policy. If content is modified meaningfully, it implies than legal keys of some user are used. This in turn can be traced back to the user identity by comparing different versions and signature information. Thus content modification attribution is built in to the signatures (enforcing non-repudiation) and versioning.

446 <strong>Military</strong> <strong>Communications</strong> <strong>and</strong> <strong>Information</strong> <strong>Technology</strong>...<br />

may or may not use this key – this depends on the exact trust model tied<br />

to the PKMA.<br />

• If the PKMA m<strong>and</strong>ates the use of certificates, these are included in the signature-element.<br />

Certification information required for delegation are<br />

an exception for this rule (discussed below).<br />

• The schema may make provisions to embrace extensions of a certain PKMA<br />

type, provided they do not exclude other PKMAs from the same function.<br />

In practice, these include:<br />

✓ The block key may be encrypted several times by different public keys,<br />

<strong>and</strong> these listed independently. The encrypted data blob should not give<br />

preference to any of these.<br />

✓ The role information may be a single identifying string, a list of roles,<br />

or a (propositional) logic expression involving roles, activities <strong>and</strong> other<br />

restrictions.<br />

C. Design principles: signing<br />

The construction of our CBIS schema follows the principles outlined<br />

in [12], with one major distinction about the signatures. The distinction concerns<br />

the signatory role: whereas in [12] this role was always equated with the key<br />

management center, we implement three different roles: Owner/ADMIN-User,<br />

WRITE-User <strong>and</strong> Filter. In the structured document itself this is reflected<br />

as content-signatures <strong>and</strong> metadata signatures, which must thus be independent<br />

of each other.<br />

The trust model used here dictates that the administrative restructuring<br />

of the document should not reveal or modify the actual content, thus the content<br />

<strong>and</strong> administrative signatures (data vs. metadata) should be independent. However,<br />

in [12] it was not clear how to automatically compute compound signatures for<br />

restructured content with the authority of the Owner. The book suggested using<br />

delegation with attribute certificates.<br />

The work in [5] presents a brilliant solution to retain the compound signatures<br />

constant throughout the whole tree-structure of an XML document. Using this<br />

approach, we are able to keep the content signatures unmodified (by administrative<br />

components).<br />

In addition to the Owner, WRITE-Users are allowed to legally modify the data.<br />

This is accomplished through a list of users with WRITE-permission on an element.<br />

Technically this means that upon opening a document, the User Agent<br />

checks at least the content signatures, <strong>and</strong> if the signatory is either the Owner<br />

(the only completely trusted party) or another user with WRITE-permissions<br />

listed in the metadata, the signature is accepted as valid.<br />

To enforce the WRITE-permissions list, the whole element containing the list<br />

(cbis:securityAttribute) is signed by an ADMIN-user.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!