|
|
|
|
Background Information
There are several data security and encryption standards in the personal computer industry
that cover areas like cryptography, key management, and digital signatures. However, what is
missing is a mechanism that comprehends and integrates all these various standards and presents
a common interface both for application developers and cryptographic service providers.
Common Data Security Architecture (CDSA) is our vision of how to address the need for such a
security manager, and is being presented here in an experimental fashion to invite review and
comment.
The CDSA specification, the figure shows,is composed of three parts:
- A collection of System Security Services
- A Common Security Services Manager (CSSM)
- Add-in modules that implement cryptographic operations and trust-model-specific
policies
The CSSM is, in turn, made up of four components:
- Cryptographic Services Manager - Manages the selection and use of cryptographic
algorithms and key management. The manager allows applications to query a Cryptographic Service
Provider (CSP) and determine if it is available, what algorithms are supported, and the
identification of keys stored within the CSP. A CSP typically performs operations like
encryption, decryption, digital signatures, key pair generation, random number generation
and key exchange.
- Certificate Services Manager - Responsible for creation, storage, and use of digital
certificates. The manager allows an application to view, find, and retrieve a particular
certificate as well.
- Trust Policy Manager - Manages what actions can be performed by a certificate. Trust
policies are determined by certificate authorities, institutions that issue certificates, or
applications. Multiple trust modules managed by the Trust Policy Manager are developed to
specify what actions can be performed by a certificate
- Database Services Manager - Stores and manages digital certificates. The Database
Services Manager uses a Database Library Interface (DLI) to access a user-defined database.
All records are protected from undetected tampering by computing an associated digital signature
when a record is written to the database. Signatures are verified when records are read from the
database
In addition, integrity services provide a way to check that the CSSM installation on the machine
has not changed.
The lowest layer provides complete extensibility to the architecture through add-in modules
that conform to the various interfaces like the Service Provider Interface (SPI), Trust Policy
Interface (TPI), Certificate Library Interface (CLI) and Database Library Interface (DLI). For
example, SPI allows the addition of CSPs and the TPI implements model-specific and
application-specific policies applied to certificates.
System Security Services (which can be built above CSSM) include protocols to implement
secure communications, electronic commerce, private data storage, and utilities for installing
and managing the security infrastructure itself
Please send comments to cdsa@ibeam.intel.com
Legal Stuff
|