Core Security Patterns Weblog

Hardware Security Module (HSM) plays a critical role in securing the storage of private keys and accelerating compute-intensive cryptographic processes associated with public-key encryption, symmetric-key(secret-key) encryption and digital signature applications. Using HSM in Oracle Transparent Data Encryption applications will ensure that the Key material stored on the card is protected and not exportable (never leaves the card) and all associated cryptographic operations are performed on the card. Using HSM in payment card transactions is critical and it is mandatory for compliance with Payment Card Industry – Data Security Standard (PCI-DSS), Payment Application – Data Security Standard (PA-DSS) and Health Insurance Portability and Accountability Act (HIPAA) privacy and security requirements and several government security standards.

Oracle Transparent Data Encryption

Oracle Transparent Data Encryption (TDE) was first introduced in Oracle Database 10gR2 as part of the Oracle Advanced Security option. TDE performs encryption and decryption of application table columns or entire application tablespaces. TDE uses standard algorithms and facilitates a built-in key management services for supporting data encryption. Since Oracle Database 11gR1, TDE supports HSMs using PKCS#11 interface to support providing centralized key management and to secure TDE’s master encryption key.

Sun Cryptographic Accelerator 6000 (SCA-6000)

The Sun Crypto Accelerator 6000 is a PCI-E card that combines a cryptographic accelerator for Secure Sockets Layer (SSL) and IPSec sessions and also it can act as a local HSM for performing secure key management functions. Qualified as a FIPS 140-2 Level 3 compliant device, the SCA-6000 PCI-E card is designed to prevent the disclosure or corruption of cryptographic keys, results, or other sensitive data. SCA-600o supports both Solaris and Linux environments.

Applied Scenarios

• HSM based Secure key store and Master Key Management for supporting encryption and decryption of keys performing actual data encryption:
  1. Encryption/decryption of tablespace keys and table keys
  2. Encryption/decryption support for Oracle Data Pump utility
  3. Encryption/decryption support for Oracle Recovery Manager (RMAN)
  4. Master key backup and recovery

• FIPS-140-2 Level 3 compliance
• Acceleration of Network encryption -  SSL/TLS communication between the Oracle client and server.
  • Offloading computationally intensive cryptographic operations to the accelerator

The Role of SCA-6000 as a HSM for Oracle TDE

If you are curious to know the configuration details and ready to test-drive the solution using Sun Crypto Accelerator 6000 (SCA-6000) PCIe card for Oracle TDE – Please download and read the following whitepaper (available from Sun Wiki).

Don’t forget to post your comments.

The untold reality is ….when your Web application on the DMZ hits the Internet… the colorful performance graphs/numbers does’nt mean anything !  Unless your performance guru in the lab captured the QoS requirements and realized it proactively and accounted its actual overheads associated with Security, Network bandwidth, High-availability and other mission-critical requirements.  Otherwise…performance is the nagging issue that every datacenter guy gnaws…. when an application bloats up with its cryptograhic shields such as SSL  and WS-Security and then goes into production.   If you are one of them in the datacenter, who is pulling the hair out on Security performance issues and compelled to meet the SLA including IT Security and compliance requirements mandating the use of cryptography for securing the exposed application layers  – transport, data and network – Then this Sun solution blueprint should help you for accelerating the real-world performance of Java EE based Web applications (especially Oracle Weblogic) delivering Security ground-up and all WITHOUT  your performance engineer help   :-)

No magic or surprises – The Sun CMT server features On-chip Cryptography and multi-threaded 10GbE networking out of the box – No kidding! If you are curious to know more or seize the power of your Sun CMT servers for security, take a look at the blueprint and also take a look at my previous post highlighting our presentation at Oracle Open World -  Wire-speed Cryptographic Acceleration for SOA and Java EE Security.

Last few weeks, I have been pulled into an interesting gig for demonstrating security for _____  SOA/XML Web Services and Java EE applications…. so I had a chance to play with some untold security features of Solaris 10. KSSL is one of the unsung yet powerful security features of Solaris 10.  As the name identifies, KSSL is a Solaris Kernel Module that helps representing server-side SSL protocol to help offloading operations such as SSL/TLS based communication, SSL/TLS termination and reverse-proxying for enduser applications. KSSL takes advantage of Solaris Cryptographic Framework (SCF), to act as an SSL proxy server performing complete SSL handshake processing in the Solaris Kernel and also using the underlying hardware cryptographic providers (SSL accelerators, PKCS11 Keystores and HSMs) to enable SSL acceleration and supporting secure key storage.

Before I jump into how to use KSSL for offloading SSL operations, here is some compelling aspects you may want to know:

1. Helps non-intrusively introduce an SSL proxy server for Web servers, Java EE application servers and also applications that does’nt implement SSL.
2. KSSL proxy listens to all secured requests on the designated SSL port (ex. HTTPS://:443)  and renders a cleartext traffic via reverse proxy (ex. HTTP://:8080) port for the underlying Web or application server. All SSL operations including the SSL handshake and session state are performed asynchronously in the Solaris Kernel and without the knowledge of the target application server.
3. KSSL automatically uses SCF for offloading operations to underlying hardware cryptographic providers with no extra effort needed.
4. Manages all the SSL certificates independently supporting most standard formats (ex. PKCS12, PEM),  the key artifacts can be stored in a flatfile or a PKCS11 conformant keystore (If you are worried about loosing the private key).
5. Supports the use Solaris zones, where each IP identified zone can be configured with a KSSL proxy
6. Delivers 25% – 35% faster SSL performance in comparison with traditional SSL configurations of most popular Web servers and Java EE application servers.
7. KSSL can be used to delegate Transport-layer security and the applications may choose to implement WS-Security mechanisms for message-layer security.

Those are some compelling aspects of KSSL that are hard to ignore…. if you really understand the pain from performance overheads associated with SSL/TLS   As I verified, KSSL works well with most common Web servers and Java EE applications servers.

Try it yourself

Certainly it is worth a try…and you should able to do it very quickly than configuring SSL for your web sever !

• Obtain your server SSL and CA certificates. If you just want to test-drive KSSL and considering to using a self-signed OpenSSL certificate.. just follow the example commands and make sure that your web server hostname is correct. If you choose to use a flatfile based SSL keystore, KSSL requires to have all your certificate artifacts (including private key and certificates) in a single file.  If you need more OpenSSL help, read my earlier post.

          Ex. To create a self-signed server certificate using OpenSSL (in PEM format).

    openssl req -x509 -nodes  -days 365 -subj

     "/C=US/ST=Massachusetts/L=Burlington/CN=myhostname"

    -newkey rsa:1024  -keyout myServerSSLkey.pem -out mySelfSSLcert.pem

           Ex.  Concatenate the server certificates in a single file.

    cat mySelfSSLcert.pem myServerSSLkey.pem > mySSLCert.pem

• Configure the KSSL proxy service,  assuming the secured requests are forwarded to an SSL port (ex. 443) and the reverse-proxy of your backend Web server listens to a non-SSL port (ex. 8080). Use -f option to identify the certificate fomat, to represent PEM (-f pem) and to represent PKCS12 (-f pk12).  If the certificates are located in a HSM/PKCS11 Keystore, use -f pkcs11 to identify the token directory, -T to identify the token label and -C to identify the certificate_subject.

          Ex. To configure the KSSL proxy service with SSL Port 443 and reverse-proxy port is 8080 using PEM based certificates and the passphrase stored in file (ex. password_file).

           ksslcfg create -f pem -i mySSLCert.pem -x 8080 -p password_file webserver_hostname 443

• Verify the KSSL proxy service under Solaris Service Management Framework (SMF) controls, the KSSL services is identified with FMRI svcs:/network/ssl/proxy.

                    svcs - a | grep "kssl"

•  Assuming your webserver in the backend listens at port 8080, you should able to test the SSL configuration provided by the KSSL proxy.  Open your browser, goto https://webserver_host:443/ you should be prompted by the SSL dialog warning to accept a self-signed certificate.

• More importantly, if your Solaris host is a Sun CMT server (based on UltraSPARC T1/T2 processor), KSSL automatically takes advantage of the cryptographic acceleration and no additional configuration is necessary.

Here is an unofficial benchmark that highlights performance comparisons with KSSL and other SSL options.  The following shows the latency of an Web application running on Oracle Weblogic server using different SSL configurations (Certificate using RSA 1024) on a Sun CMT server (T5440) – To interpret the graph, make a note “Smaller the Latency means Faster”.

Adopting to Sun CMT servers (based on UltraSPARC T1/T2 processors) helps delivering on-chip cryptographic acceleration for supporting SSL/TLS and its cryptographic functions. With KSSL based SSL deployment, you will atleast get an additional 30% performance advantage while comparing with other Web server based SSL deployments. I heard that Intel Nehalem EX processors are expected to provide similar on-chip crypto capabilities, not sure !  Either way, using KSSL is a no brainer and it works.  If you are itching the head to provide transport-layer security for your applications, this could be easiest way to go !  Ofcourse, it can help you score some points in those IT infrastructure security assessment checklists verifying for PCI-DSS, FISMA, HIPPA and/or similar regulatory/industry compliance mandates !  :-)

Just came across this interesting web site – NationalIDWatch.org  a consumer protection web site by Liberty Coalition, which provides a registry of personalized data breach reports… that reports whether your personal identity information has been stolen or publicly exposed or not !  If your identity information is compromised, it indicates the size of exposure, sensitivity and how it is distributed and so forth  !  The web site does guarantee that the report is not intended to sell anything besides reporting personal data breaches.  I am not affiliated with this organization also not sure how accurate the information is and its authenticity…. still you can verify for yourself..to see if you are a victim of an Identity theft or exposure !

http://www.nationalidwatch.org/

FIPS-140* compliance has gained overwhelming attention these days and it has become a mandatory requirement for several security sensitive applications (mostly in Government and Security solutions and recently with select finance industry solutions and particularly for achieving compliance with regulatory mandates such as PCI DSS, FISMA, HIPPA, etc ). FIPS-140 also helps defining security requirements for supporting integration with cryptographic hardware and software tokens.  Ensuring FIPS compliance to Java based application security has been one of demanding needs of security enthusiasts but unfortunately neither Sun JCE or JSSE is not yet FIPS-140 certified – hopefully soon !  Sun JDK 6 (and above) has also introduced several enhancements including support for enabling FIPS-140 compliance for Sun JSSE using FIPS-140 certified cryptographic providers for supporting SSL/TLS communication and associated cryptographic operations. To accomplish this, Java 6 uses the PKCS#11 support for JSSE to integrate with PKCS#11 based FIPS-140 cryptographic token.

Lately I worked on a security solution using SunJSSE with NSS as a software cryptographic token… and here is my tipsheet for those keen on playing FIPS conformance with SunJSSE.

• SunJSSE can be configured to run on FIPS-140 compliant mode as long as it uses a FIPS-140 certified cryptographic hardware or software provider that implements all cryptographic algorithms required by JSSE  (ex. Network Security Services – NSS, Sun Cryptographic Accelerator 6000, nCipher, etc).

• To enable FIPS mode, edit the file ${java.home}/lib/security/java.security and modify the line that lists com.sun.net.ssl.internal.ssl.Provider and associate the name of the FIPS-140 cryptographic provider (ex. SunPKCS11-NSS). The name of the provider is a string that concatenates the prefix SunPKCS11- with the name of the specified PKCS#11 provider in its configuration file.

                            security.provider.4=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-NSS

• In case of using NSS as cryptographic software token (Make use of NSS 3.1.1. or above), assuming the libraries are located under the /opt/nss/lib directory and its key database files  (with the suffix .db) are under the /opt/nss/fipsdb directory, the sample configuration for representing NSS will be as follows:

• In FIPS mode, SunJSSE will perform SSL/TLS 1.0 based communication and cryptographic operations including symmetric and asymmetric encryption, signature generation and verification, message digests and message authentication codes, key generation and key derivation, random number generation, etc.
• To refer to the SunJSSE supported Ciphersuites suites refer to the Sun JSSE’s documentation and notes for FIPS guidance.

Just got this Dilbert comic strip from a friend of mine… pokes fun to highlight the importance of IT auditing and compliance reporting.

Jim Seward (@VersionOne) asked me to take a look at this research study (by Version One, UK) about the confusion surrounding cloud computing amongst senior IT professionals -  I’m not sure it includes your boss !  This high-level study was conducted with a group of 60 Senior IT professionals at UK….. has revealed some interesting findings.

1.  41% of senior IT professionals admit that they “don’t know” what cloud computing is !
2.  59% of IT professionals who profess to know what cloud computing, that include:

• 17% of these understand cloud computing to be internet-based computing
• 11% believe it is a combination of internet-based computing, software as a service (SAAS), software on demand, an outsourced or managed service and a hosted software service
• The remaining respondents understand cloud computing to be a mixture of the above.

More interesting to note, Only 2% of respondents mentioned that their company is “definitely” going to invest in cloud computing in the next 12 months…. I would suggest you to read the complete study visiting VersionOne and their findings are right here.