Review: Enterprise Key Management Software

Data security companies are having a field day with lurid tales of credit-card numbers and personal information being stolen, and as a result the data-backup industry has wholeheartedly embraced tape encryption to mitigate data loss during transit. Quite simply, if you use an off-site service for tape storage, there's really no excuse not to encrypt your backups to protect data when it's out of your hands.

For many companies this may be sufficient, but for heavily regulated industries, such as finance and health care, even those in retail who process credit-card transactions, the need for secure data transactions could spill over into encryption of databases, WAN communications, even whole-disk systems.

Our point here is not to drive the paranoia level up a notch, but to highlight that--depending on your business--encryption will likely be required for more and more of your company's data. With that comes an increasing need to manage numerous encryption keys securely.As a rule, key management has been integrated as a part of each encryption platform, and in the absence of industrywide guidelines, each vendor has developed its own methodology for operation of its key systems. As of 2007, there are draft standards before the Internet Engineering Task Force and the National Institute of Standards and Technology designed to standardize protocols for key generation and transfer across multiple platforms, but until vendors come to an agreement, it will continue to be a challenge for companies to obtain a global key-management solution that encompasses all types of encryption systems.

The gold standard for high-security key management today comes directly from NIST. Federal Information Processing Standard (FIPS) 140-2 establishes specific rules for the generation, security, encryption, storage, recovery and auditing of passwords. It also proscribes four security levels for the physical protection of password control systems, with Level 3 being the highest level required for most corporate applications. FIPS 140-2 Level 3 includes requirements for identity-based authentication, internal encryption, physical separation of secure/nonsecure ports and strong protections against physical tampering. Although FIPS 140-2 clearly establishes the security requirements of key systems, it doesn't specifically dictate how those requirements are accomplished, leaving the details up to individual vendors. In response, several encryption companies have recognized the need for key-management systems that can provide:

What's New Now?There's no way around it: Global key management is still a relatively immature market. Our research brought us to several vendors that are focused on providing improved key management for their own encryption solutions, but as far as cross-platform capabilities, as we discuss in "Key Overload," you'll need to pressure vendors to publish their key-management APIs for third-party use or wait for an open key-management interface.

Continue Reading This Story...

Decru Lifetime Key Management

Decru's Lifetime Key Management (LKM) system is available as an appliance or a server-based Windows application, and is targeted at providing key services for the company's DataFort line of storage encryption systems.

Decru DataFort appliances are available in E-series for NAS and iSCSI, FC-series for Fibre Channel SAN and tape, and S-series for SCSI-based storage. The LKM system is designed to generate, manage and store keys as well as configuration information for all of Decru's LKM-enabled encryption systems.

The software-based LKM product is primarily targeted at smaller installations, but for enterprise-class applications the Decru LKM appliance is designed to support clustering for security and failover, and each LKM can support as many as 100 DataFort appliances and provide storage for upwards of 10 million keys.Decru also has an OpenKey Partner Program that offers third-party access to its API, but as of press time only Quantum and Symantec have signed on as charter members. It bears mentioning that Decru is an independent division of Network Appliance, and that might serve as a limiting factor for buy-in of the LKM platform from other storage vendors.

Like the KeyVault, the LKM appliance is focused on secure key administration, centralized policy management and long-term key archiving, but unlike NeoScale's model, keys are generated by individual DataFort encryption appliances. Each DataFort uses a FIPS 140-2 Level 3 certified SEP (Storage Encryption Processor) that contains a true random number generator; those numbers are then encrypted and sent to the LKM system for archiving. The question of where the key is generated doesn't seem to be as much of an issue as how securely those keys are archived and managed, and Decru's LKM system in a clustered configuration offers enterprise-class features for key archiving, role-based access, system recovery and failover as well as emergency key access using a smartcard and "M of N" authentication.

Ncipher Keyauthority

The keyAuthority application from nCipher is a software suite that consists of the keyAuthority Management Server, Management Console client and Provisioning Server modules. These modules were developed to provide key- and configuration-management capabilities to nCipher's line of Hardware Security Modules (HSMs). Targeted at providing security and key access for applications, transaction security and embedded systems, nCipher HSMs are available as sharable network-connected modules (netHSM), PCI expansion cards (nShield) and miniature modules for OEM integration (miniHSM). There's also a PayShield option that provides the additional security required for credit-card transaction processing.

In a keyAuthority infrastructure, all servers and endpoints are equipped with an HSM, and the Management Server system generates keys, enrolls endpoints and provides centralized management of security policies for all connected devices. Administration can be done through the use of a keyAuthority Management Console client, and the Provisioning Server module distributes keys to endpoints on request.Unlike most rival offerings, the keyAuthority system doesn't offer database capabilities for storing and archiving key information, so an installation requires a host system with a Microsoft SQL or Oracle ODBC client.

The combination of nCipher's keyAuthority system and HSM devices can support a wide variety of Web, e-mail, e-commerce and network applications, and the products also provide support for several common security APIs, including RSA's PKCS#11, CSP for Microsoft CryptoAPI, Java JCA/JCE CSP and OpenSSL. Although not as elegant a solution as the appliances from NeoScale and Decru, the keyAuthority system can scale to service thousands of distributed endpoints and can run on a wide variety of hardware platforms that support Windows.

Neoscale Cryptostor Keyvault

NeoScale offers a full line of storage encryption appliances, the CryptoStor FC Disk and CryptoStor SAN VPN for data in flight, the CryptoStor Tape for D2D and tape applications, and the CryptoStor KeyVault.

Targeted at data at rest, the CryptoStor KeyVault appliance is a rackable 2U system designed to provide enterprise-class key management. It offers a high level of scalability for environments looking to extend unified key management across multiple storage systems or locations.The KeyVault enables secure IP-based management of keys between CryptoStor Tape systems as well as other KeyVaults in a clustered environment. The system offers FIPS 140-2 Level 3 security and can generate and maintain on the order of 200 million random keys per appliance. Clustering multiple KeyVaults allows for automation and centralized management of key usage policies across remote locations and provides support for simplified off-site key accessibility in the event of a disaster-recovery scenario.

For emergency key recovery, NeoScale uses smartcards and an "M of N" policy. Each KeyVault also supports creation of multiple security domains and role-based control for access to management functions. The system offers five levels of access: administrators, security officers, recovery officers, key domain managers and auditors. To protect against insider threats, these roles can be designated to ensure that no single individual has access to all functions.

NeoScale was one of the first vendors to publish its key-management API, letting third-party vendors write modules that can natively interface their encryption endpoints with the KeyVault. So far only Entrust, Optica Technologies and Symantec have partnered with NeoScale on this, so it remains to be seen how well its open API strategy will play in the long run as other standards evolve. Still, at least the company is making an effort.

Aside from its FIPS 140-2 Level 3 rating, the CryptoStor KeyVault system has been certified under FIPS 197 for Advanced Encryption Algorithm, FIPS 180-2 for Secure Hash Standards, FIPS 186-2 for Random Number Generation and FIPS 186-2 for Digital Signature Standards.

RSA Key ManagerAlthough it was acquired by storage giant EMC in mid-2006, RSA remains one of the big names in encryption. Its RSA Key Manager is a software-only product designed to work hand-in-hand with the RSA BSafe Data Security Manager to provide key services for RSA's encryption platform. RSA Key Manager is a client- server application that operates under both Windows and Linux, and uses the Key Manager client software to serve as a platform to provide key services for applications running under Hewlett-Packard HP-UX, IBM AIX, Java, Linux, Microsoft Windows and Sun Solaris; C++ development tools also are available for the IBM x/OS and AS/400 OSs.

RSA Key Manager serves only as a key-generation module and database front end for issuing, storing and managing access to keys. Like nCipher's keyAuthority product, it requires the back-end support of a SQL Server or Oracle database. Key Manager is only one of a number of security tools from RSA targeted at large development environments. Other components include the Key Manager Client Library, Data Security Manager, Certificate Manager, Access Manager, Card Manager, Federated Identity Manager and enVision Log management tool, as well as modules for SecureID and smartcard interfaces.

RSA offers consulting and development services for customized security. For companies without an internal application-development group, an investment in an RSA key-management system will likely require third-party development assistance. In any case, it's clear that RSA gear can form the core of a massively scalable, integrated security environment.

Sun Microsystems Storagetek Crypto Key Management Station

Although its not yet a global key-management offering, Sun's new StorageTek Crypto Key Management Station (SCKMS) is worthy of mention. The SCKMS is a software "appliance" that runs under Solaris on a dedicated Sun Ultra 20 workstation equipped with the Sun Crypto Accelerator 6000 card with random number generator. It's designed to interface primarily with the StorageTek T10000 encrypting tape drive, but on closer examination it has all the goodies necessary to expand into other security applications in Sun's lineup. Sun hasn't made any announcements to that effect, but the potential for other applications for the SCKMS are obvious.Sun also has stepped up to the plate and offered at least one solution to the key-management challenge with its SKIP (Simple Key Management for Internet Protocols), which was submitted to the IETF in 2006. Already available in product form for both Windows and Solaris, SunScreen SKIP software combines public key and shared key cryptography to authenticate incoming IP traffic and protect network communication. n

Steven Hill is an NWC technology editor. Write to him at [email protected].