Skip to main content
banner image
venafi logo

Federal PKI Security Challenges: Are You Doing Enough to Protect Machine Identities?

Federal PKI Security Challenges: Are You Doing Enough to Protect Machine Identities?

Federal PKI Security Challenges
August 30, 2018 | Lindsy Drake

Over the coming months Department of Defense (DoD) agencies will be actively working towards aggressive deadlines for migrating to a public trust public key infrastructure (PKI) for all publicly facing websites. The result will be a laudable all-HTTPS environment. However, that environment will rely on vast populations of short-lived certificates, or machine identities to maintain security. All of these unique machine identities will need to be carefully managed and secured against expiry or misuse. Will DoD agencies be prepared to protect these new machine identities as well as they protect the identities of the people who are accessing them? Let’s take a closer look at what that would entail.

With two kinds of actors on every network—people and machines—Federal agencies must definitively identify, authenticate, and secure every one of these to authorize proper access. While people rely on usernames, passwords, smart cards, and biometrics to access machines, the machines, in turn, use keys and certificates as identification for machine-to-machine authentication. Billions are spent each year on ICAM/IdAM solutions in both the public and private sectors, but virtually all of it is dedicated to securing human access while machine identitiesremain un-managed, or at best under-managed.

Modernizing technology efforts are forcing machines to take a more central role in agency operations and decision making from cloud workloads, virtualization, Fast IT & containerization, and mobility and IoT. With faster processing and artificial intelligence, machines are doing work that was traditionally performed by humans. Like humans, machines must be authenticated, and their access controlled.

Most federal agencies are challenged to produce a complete inventory of their machine identities, such as X.509 certificates, and SSH keys. If an attacker compromises a machine identity, they can impersonate the system to which the identity is assigned, enabling unauthorized access and the ability to eavesdrop and pivot through networks undetected. Inadequate management of machine identities further results in poor crypto-agility, reducing agencies’ ability to rapidly change machine identities in response to a security event, such as a Certificate Authority (CA) compromise, vulnerable algorithm (e.g., SHA-1), or cryptographic library bug (e.g., Debian or Infineon). The mismanagement of machine identities is evidenced by the ongoing outages that occur when certificates assigned to machines expire.

While traditional centralized identity management systems maintain an inventory of human identities with extensive access controls, most federal agencies lack the same type of control systems for machine identities, leaving them without a comprehensive picture of machine identity concerns such as validation of the certificate authorities (CAs) used in their environments, locations where certificates are deployed, policy control of encryption standards, and human accountability. Without this visibility, when a cryptographic issue is detected, agencies are left scrambling to find the responsible parties for all affected certificates and keys.

Existing National Institute of Standards and Technology (NIST) guidelines can be leveraged to provide parameters for machine identity management and security. NIST includes certificates and keys used by machines as authenticators in SP 800-53 IA-5 Authenticator Management. In the ITL Bulletin for July 2012, NIST explains the risks of CA compromise and best practices for preparing and responding. Risks and best practices related to SSH keys are detailed in NISTIR 7966.

Machine identities play an increasingly critical role in federal agency operations. As the DoD moves to a public trusted public key infrastructure, is your agency ready to minimize the risks posed by poor machine identity management? Contact usto discuss the importance of including machine identities in the overall ICAM/IdAM security strategy and policy development.

Related posts

Like this blog? We think you will love this.
image of a young blonde woman in a turquoise blouse looking up in a confused expression
Featured Blog

Intermediate Certificate Authorities to Be Revoked for Revocation Errors [Ironically]

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Machine Identity Protection for Dummies

Machine Identity Protection for Dummies

About the author

Lindsy Drake
Lindsy Drake

Lindsy Drake writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more