What Makes a Secure PKI Solution? Access Control

I’ve often noticed that it can be difficult to find information in one place around PKI solutions and what makes them secure.

That’s why I’ve decided to create a PKI resource myself! This ongoing series will outline the elements that make up a secure PKI. So continuing on from last week’s blog, I’m discussing access control!

Access Control

As with every application and infrastructure in an organisation, access to it should be limited to those who actually need access to it, and with the minimum access required to perform the role that they are assigned. This is not a new concept and commonly known as the principle of least privilege; it’s certainly very relevant to PKI infrastructures within organisations as they provide a critical service and protect the organisation’s sensitive data.

As per Microsoft documentation, the roles within a PKI management team deemed as trusted are as follows:

  • Overall responsibility for administering the implementation of the CA’s security practices
  • Approval of the generation, revocation, and suspension of certificates
  • Installation, configuration and maintenance of servers that operate the CA
  • Day-to-day operation of the servers
  • CA backup and recovery
  • Maintenance and review of audit records
  • Cryptographic key life cycle management functions (for example, key component custodians)
  • Development and validation of the CA

These all fall broadly into four areas:

  • CA administrator
  • Certificate manager (or security officer)
  • CA operations staff
  • Security auditors

It goes without saying, these levels of access should be closely monitored and managed through use of Active Directory Groups, restricted and separate administrative accounts for day-to-day usage and separation of roles specifically around auditing roles and through delegated administration. Additionally, local administrative access to the servers should be restricted as this could lead to unwanted access to the PKI infrastructure for non-authorised role holders.

Further information can be found on the extensive Microsoft Documentation libraries here.

Rest of the Series

Here’s the series in full – I’ll be updating here each week as each part is released:

  1. Multiple Tiers
  2. RSA vs ECC
  3. Access Control
  4. Physical Access
  5. Backups
  6. Certificate Revocation Lists

If you have any questions on what I’ve discussed here or security in general, feel free to email in on info@poweronplatforms.com and I’ll be happy to answer any queries you have.

Related resources

Surviving Audits and Compliance…

o business or organisation can get away from it entirely, whether you’re bound by regulatory requirements, internal processes, or external accreditations, and there are ways of approaching audit and compliance as a positive experience. Honestly – bear with me!

What Makes a Secure PKI Solution? CRLs

The Certificate Revocation List (CRL) is a list of Certificates that have not expired but have been revoked where clients and services can verify presented or held certificates.

What Makes a Secure PKI Solution? Backups

Just as with any other system within your organisation, PKI needs to be backed up regularly to ensure it can be restored in event of a disaster. So the Operating System, Disks and Virtual Machine are a given, but with PKI you also need to…

What Makes a Secure PKI Solution? Physical Access

Apart from obvious server security aspects such as patching, with PKI solutions there are also considerations relating to cryptography and even physical access. These are rarely documented as a consolidated list, so we decided to try and lay out what we look for and why in a PKI solution.