Public Key Infrastructure: Building Trusted Applications and Web Services

II ANALYZING AND DESIGNING PUBLICKEY INFRASTRUCTURES (p. 159-160)

With regard to PKI architectural design considerations, the system administrator for the network server must install and configure the necessary security software in various secure locations, and make this software accessible to the security officers. System resources and network bandwidth must be available for the certificate issuance, verification, storage, and revocation processes. Thus, the PKI architecture's four functional design components are:

1. A certification authority (CA)
2. Optionally, one or more registration authorities (RAs)
3. Public directories
4. Client-side software

The CA system is established on a secure server that houses software for issuing and signing certificates and publishing certificate information in the directory server. If needed in larger environments, a hierarchy of CAs can be established. The CA is managed by a principle security officer who is responsible for the overall security and maintenance of the PKI. One or more RAs can be established to process user requests for certificates and other certificate management functions. Security administration officers can be chosen and assigned routine certificate management functions, such as manual issuance and revocation of user certificates.

Directories must be configured for storing certificates, and for synchronizing this information as needed to distribute certificates throughout an enterprise. The system administrator responsible for the directories must be made aware of the requirements of the directory for storage and maintenance of the certificates. The directories may need to be upgraded to use the Lightweight Directory Access Protocol (LDAP) standards, or reconfigured to enable security. Thus, a comprehensive PKI architecture design solution includes client-side software that operates consistently and transparently with existing applications to take advantage of encryption and digital certificates.

With the preceding in mind, this section begins with Chapter 12, which concentrates on a small but interesting area of software security based on public key cryptographic technology. Next, Chapter 13 is not about PKI technology, rather, it is about time and money. Then, Chapter 14 discusses why a number of enterprises develop the many significant standards related to PKI. Finally, Chapter 15 discusses PKI architectural design considerations. The first part of the chapter describes the requirements of a public key infrastructure. Next, the chapter presents the high-level structure of the PKI architecture by grouping the architecture’s design components into broad functional categories. The third part of the chapter enumerates the design components in each of the architecture’s functional categories, describes the functionality of each design component and lists existing specifications that could serve as candidate standards for each design component’s interfaces and protocols, identifies where negotiation facilities are required to deal with the probable existence of a multiplicity of security mechanisms, enumerates important public-key-related protocols, and discusses the need for environment-specific profiles. Finally, the chapter discusses the use of hardware security devices in the architecture.

Tip: To be considered a "candidate" for purposes of the public key infrastructure architecture, an interface or protocol must be described by a publicly available specification, and support a significant fraction of the functionality of the PKI design component for which it is proposed as a candidate.