• Choose a category
• All
• Classic-Fiction

Many recovery and archive systems use the M of N Control method of access. This method, simply stated, says that in order to access the key server if n number of administrators have the ability to perform a process, m number of those administrators must authenticate for access to occur. This may require the administrators’ physical presence.

A typical M of N Control method may stipulate that six people have access to the archive server and at least three of them must be present to accomplish access. In this situation, m = 3 and n = 6. This would ensure that no one person could compromise the security system.

It’s important to remember that your key archival system contains the complete history of all the keys that have been issued by your system. This information might also include all the current keys in use. Access to this server would be the equivalent of discovering the Rosetta stone of your organization. An attacker with this information would have full and unrestricted access to every bit of information in your network.

Renewing Keys

Key renewal defines the process of enabling a key for use after its scheduled expiration date. A key would be reissued for a certain time in this situation. This process is called a key rollover. In most cases, the rollover of keys occurs for a given time frame. What would happen, however, if an organization found itself in a situation where a key rollover must not occur? Many systems include means to prevent rolling keys over.

In general, key renewals are a bad practice and should not be performed except in the direst of situations. The longer a key is used, the more likely it is to be compromised. It is always better to renew keys than to do a key rollover.

If an earthquake occurred in your area and your building was inaccessible for two weeks, you would want to allow the existing keys to be used until higher-priority matters could be resolved when you went back to your building. In a natural disaster, a key rollover could add an inordinate amount of stress to an already very stressful situation.

Real World Scenario

What Do You Do About Forgetful Programmers?

You work as a network administrator for a software development company. The president of the company has been reading the newspapers, and he has recently become concerned about industrial espionage. Specifically, he wants to implement a system that will require the use of smart cards for access and authentication by all employees.

Your company has used employee badges for a number of years, and now you’ll be upgrading to a newer technology. You’ve noticed that your software developers work very long hours and sometimes forget to bring their badges to work. This hasn’t been much of a problem because you’ve been able to issue temporary badges when you needed them. How could you deal with an employee who leaves his smart card at home?

You could implement a system that allows a virtual smart card to be created for short periods of time. The employee’s supervisor or a security staff member could call your smart desk to authorize the release of a virtual smart card. You would need to make sure that only trusted individuals could authorize or initiate this process.

Destroying Keys

Key destruction is the process of destroying keys that have become invalid. For example, an electronic key can be erased from a smart card. In older mechanical key systems, keys were physically destroyed using hammers.

Many symmetrically based encryption systems use a dedicated device to carry the key for the encryption. This key would be physically delivered to the site using the encryption system. Old keys would be recovered and destroyed.

Always remember that symmetric encryption uses the same key to encrypt and decrypt the data (a primary weakness being that you have to share the key with others). Asymmetric encryption uses two keys: one to encrypt and another to decrypt the data.

Whether you’re using physical keys or software-oriented key systems,