Security infrastructure for modern information and message exchange systems, networks and applications

现代信息和消息交换系统、网络和应用程序的安全基础设施

• 批准号: RGPIN-2018-05339
• 负责人: VanOorschot, Paul
• 金额: $ 4.01万
• 依托单位: Carleton University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2020
• 资助国家: 加拿大
• 起止时间: 2020-01-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=713597
• 关键词: Security; infrastructure; modern; information; message

The program addresses problems with communications security infrastructure used for virtually all web communications and secure email systems. Issues addressed involve certificate-based public key infrastructure (PKI), trust management, systems security, and supporting authentication and identity management mechanisms. The model underlying essentially all secure communications today involves a Certification Authority (CA) binding a public key to an entity identifier, creating a public key certificate. Problems without satisfactory solutions include mechanisms: to reliably verify the legitimacy of bindings asserted in certificates, and their ongoing validity (revocation status); to configure software to “trust” an appropriate set of CAs, in order to automate certificate verification; to limit the ability of CAs to create certificates for arbitrary web sites and email users; to increase visibility when CAs delegate trust to subordinate authorities; to distinguish rogue certificates from those legitimately issued; to prevent downgrading secure HTTPS web sessions to unsecured HTTP; to eliminate current fragility whereby compromise of a single CA can undermine trust in the entire infrastructure. Problems are considered in two primary PKI use cases. The web communications focus is on the TLS protocol (including as used by HTTPS), the backbone of Internet security for site authentication, encryption, and integrity of browser-server data and downloaded software. The email focus spans end-to-end secure email and link-based secure email via TLS. The program seeks to improve or replace exploitable security mechanisms. The recent surge of research on such systems stems from essentially all of society's critical infrastructures -- power, transportation, finance, communications -- depending on the Internet, despite most of the thousands of CAs browsers and email software “trust” to issue certificates being unrecognizable to end-users. This infrastructure is widely recognized as vulnerable to cyber-attack in this post-Snowden era of increased awareness about how easily systems are compromised, and of the elevated consequences due to physical society's reliance on our digital infrastructure. HTTPS is acknowledged by experts to be a critical but fundamentally flawed infrastructure, while email is a foundation for business communications but remains almost entirely unsecured. The program results will improve fundamental understanding of how to build and maintain robust, secure information exchange systems, address root causes of security infrastructure flaws, and provide new approaches to address current limitations. Results are expected to find their way into widely deployed software systems used for government, enterprise and private communications.

该程序解决了用于几乎所有Web通信和安全电子邮件系统的通信安全基础架构的问题。解决的问题涉及基于证书的公钥基础架构（PKI），信任管理，系统安全以及支持身份验证和身份管理机制。如今，本质上所有安全通信的基本模型都涉及认证机构（CA）将公钥绑定到实体标识符，创建公共密钥证书。没有满意厂解决方案的问题包括机制：可靠验证证书中主张的绑定的合法性及其持续的有效性（撤销状态）；将软件配置为“信任”适当的CAS，以自动化证书验证；限制CAS为任意网站和电子邮件用户创建证书的能力；当CAS将信托委派给下属当局时，可以提高可见性；将流氓证书与合法签发的证书区分开；为了防止将安全的HTTPS Web会话降低到无抵押的HTTP；为了消除当前的脆弱性，从而妥协单个CA可能会破坏整个基础架构的信任。在两个主要的PKI用例中考虑了问题。 Web通信的重点是TLS协议（包括HTTPS使用），Internet Security用于网站身份验证，加密和浏览器服务器数据的完整性和下载软件的骨干。电子邮件焦点跨越端到端的安全电子邮件和基于链接的安全电子邮件通过TLS。 该计划旨在改善或取代可利用的安全机制。对此类系统的最新研究激增源于社会所有关键基础设施 - 权力，运输，金融，通信 - 取决于互联网，目的地，成千上万的CAS浏览器和电子邮件软件“信任”以发行最终用户无法识别的证书。在这个偏僻的时代，人们对​​系统的损害更容易受到损害，以及由于卫生社会对我们的数字基础设施的救济而导致的后果提高的后果，被广泛认为是受到网络攻击的影响。专家认为HTTP是一个至关重要但根本上有缺陷的基础设施，而电子邮件是商业通信的基础，但几乎完全不安全。该计划的结果将提高人们对如何构建和维护强大，安全信息交换系统的基本理解，解决安全基础设施缺陷的​​根本原因，并提供新的方法来解决当前局限性。预计结果将进入广泛部署的用于政府，企业和私人通信的软件系统。