Securing Data At Rest
Securing Data at Rest
Another day, another multi-million dollar breach of personally identifiable information. Why don’t they just encrypt their data? The answer is that encryption is easy but sharing access to encrypted data is simply too difficult for most people to manage.
Storage level encryption prevents data being breached when a laptop goes missing, a backup tape is accidentally discarded or a decommissioned hard drive is sold rather than destroyed. Such systems are useful and necessary but do not address the far more common cases of data at rest breach where a document is copied onto a USB thumb drive that is lost or an intruder raids the file system or the mail server. To protect against this type of breach, document level security is required.
The Multiple Device Problem
Microsoft Office and its competitors have offered password-based encryption of documents for decades. While this provides ‘better than nothing’ security, users rarely choose secure passwords and when files are emailed to co-workers, the password almost invariably accompanies the file.
In theory, public key encryption provides a much simpler means of managing and sharing encrypted data. In practice, using public key encryption requires Public Key Infrastructure (PKI), a technology that has promised much but delivered rather less.
One of the biggest limitations in Public Key Infrastructure is that it has failed to provide usable means of managing the user’s private key. Instead of automating certificate enrollment and making it completely transparent, users have been forced to navigate systems that are poorly designed, documented and implemented.
Modern users make use of multiple devices to do their daily work switching from a laptop to a desktop to a tablet or even a phone as they work on a single document.
Solving the Multiple Device Problem
The Mesh uses Threshold Key Generation to connect all the devices a user owns together provisioning them with the exact configuration and set of credentials required to perform their function.
Each connected device is securely provisioned with a set of encryption, authentication and signature keys and a set of credentials for those keys which allow the device to communicate securely with any other connected device through the user’s selected Mesh Service.
The Document Sharing Problem
Traditional public key encryption schemes such as S/MIME and OpenPGP allow documents to be encrypted to a list of recipients, but the list of recipients must be known at the time the document is encrypted. If Carol joins the team of Alice and Bob, Carol can only decrypt the documents created after she became a member. If Bob leaves the group, he will still have access to all the documents encrypted before he left.
Commercial Contents Rights Management (CRM) schemes use symmetric cryptography to control access to individual documents. But this approach has limited ability to share documents across organizational boundaries. The CFO can share encrypted copies of accounting information inside the company, but the external auditors must receive the documents in the clear because they don’t have access to the key service.
The key service itself is a major concern in symmetric CRM systems. If the key service should fall to an attacker, every document is breached. And even the most security conscious organization is vulnerable to an insider threat.
Mesh Encryption Groups
Mesh Encryption Groups provide a much better way to share data between co-workers.
When an encryption group is created, a public encryption keypair is generated in the normal fashion. In the simplest version of the scheme, the private key used for decryption is held by the administrator who created the group.
To add a member to the group, the administrator splits the group private key into two key shares. Each member added has a unique pair of decryption key shares. One of the key shares is sent (securely) to the user, the other to the key service .
To decrypt a document encrypted under the group public key, the user must combine the result of performing the decryption operation on the share they hold with the result from the key service share.
Before performing a decryption share operation, the key service checks to see if the user is still an authorized member of the group and that they have not exceeded any policy limits on decryption requests etc.
The key service can control the member’s ability to decrypt documents but cannot decrypt. In addition to enforcing access control policy, the key service maintains a log of all decryption requests allowing accountability controls to be enforced.
Public key cryptography is more powerful than symmetric cryptography because it separates the encryption and decryption roles by introducing separate keys for each. Threshold encryption has the effect of further dividing the decryption role into two parts, one of which is performed by the authorized reader and the other by the key service. Since neither has the full key neither can perform the decryption role by themselves. Encrypted data remains secure even if all the key shares held by the key service are breached.
In situations where the highest levels of security are required, the administration role and even the key service role can be further split. For example, an encryption group might have five administrators and require two administrators to add a user to the group. In situations in which collusion between an end user and the administrator of the key service is a concern, we might divide the key service role in similar fashion.
Making Document Level Security Ubiquitous
According to Ellison’s law, the number of users who will apply a security control is halved for every key press and every mouse click required to enable it. Experience suggests that this is an understatement.
If we are to expect users to make use of our security controls, we must provide them in a form that allows them to focus on their work without requiring additional effort. We can ‘require’ users to take additional steps to encrypt their documents before saving them, but we should not expect them to comply.
If we want users to make use of encrypted Word documents, the encryption and decryption technologies must be integrated into the Word application itself and be used automatically, without the user needing to think about security. All a user should need to do in order to restrict distribution of a document to internal distribution is to select the ‘Internal’ document template.
The only way that we can expect a document level encryption scheme to be integrated into Word and Excel an PowerPoint and Solidworks and Inventor and AutoCad and Premiere and Photoshop and all the rest of the applications we make use of in our every-day work is if it is an Open Specification that any software provider can implement without licensing restrictions.
Beyond Document Level Security
As with most security problems, the problem of securing data at rest has multiple aspects. Just as storage level encryption by itself does not provide document level security, document level encryption does not protect data being accessed through a database or Web application. While database security has traditionally been considered a part of the ‘Data at Rest’ concern, the data itself is not at rest, it is in use.
The problem of securing data in use is a hard one because in the typical case there is an application program that has unrestricted ability to interact with a large quantity of sensitive data providing individual users with limited views on that data according to their permissions. These are the type of considerations traditionally considered in operating system design. While the Mesh provides many tools that are relevant to developing security controls to protect data in use, application of those tools to a particular system is likely to require a considerable degree of re-engineering.
In the near term, making the distinction between data at rest and data in use allows us to apply the principle of ‘least data’ separately to each. There are many business processes that require an employer to store sensitive private data such as a social security number but only a very small number of businesses have a need to maintain such information as Data in Use. Use of Mesh encryption technologies to store such information as encrypted Data at Rest allows such businesses to minimize the consequences of a breach.