In Part One of this blog series, we discussed the concept of Self-Sovereign Identity (SSI). To recap, the intent of SSI is to make identities versatile for essentially every setting one can imagine. In the world at large, an identity is basically a digital certificate, which you can use to authenticate yourself or a machine. The SSI idea goes a bit further. It starts with a base identity (called decentralized identifier) and then goes a next step by enabling us to sign arbitrary claims and prove those claims towards third parties. These claims are called verifiable credentials and can be used to identify and sign any declarative statement whatsoever.
What does the applications of SSI mean for machine manufacturers? Using SSI, they can not only provide their machines with a decentralized and secure identity, but also enhance authentication and authorization through verifiable credentials issued on top of these identities. With an SSI solution that filancore built with Venafi for machine identities, organizations can communicate with or authenticate and authorize these devices and prevent them from vulnerability to attack or counterfeit. In addition, new business models are emerging that focus on guaranteeing the authenticity of generated and transmitted data by having the machine or sensors—as holders of the decentralized identity—sign the data themselves.
But if there’s one thing we know in IT, you never have full security, ever. It doesn't exist. You need to be agile enough to respond quickly if and when a security incident occurs. Crypto-agility plays a vital role in avoiding or mitigating the worst-case scenario: stolen private keys.
CIO Study: Outages Escalating with Massive Growth in Machine Identities
To minimize your exposure by supporting crypto-agility, you need to ensure that security administrators can identify potential issues as quickly as they arise. But more importantly, your administrators need the ability to recover quickly when those issues eventually do come up. To do this, they will need visibility into the usage of keys and certificates throughout the enterprise. Administrators must also be enabled to collect detailed Intelligence about the cryptographic processes used in your machine identities. And finally, they should be able to automatically remediate security risks as soon as vulnerabilities and compromises arise.
Machine identities are based on private keys. Credentials and certificates rely on private keys, and if they are stolen, then it can be game over. That being said, we know that cybercriminals often balance the amount of effort it costs to attack a system with the reward received when attacking it. SSI can actually deter attacks by minimizing the reward, because it spreads out your identities across a broader population.
If attackers gain access to the whole identity and everything that's connected to it, that's the absolute worst case (not to mention access to everything in between). But the good thing is that with SSI, you can give the identity to whoever is actually the subject of the identity. If you spread the identities out across everyone that's using them, and attackers target one person, they can only get one identity and one identity only. Because in this scenario there's not that much damage that can be done, it minimizes the risk profile.
Still, when worst case scenarios arise, with SSI, there are different methods for how to support crypto-agility and recover stolen private keys. The method you chose will depend on the exact scenario. You can do a key rotation, which will update your identity in such a way that everyone knows that the currently valid key is not the one that was stolen. This approach basically issues a new key on top of the old one. Another method is to re-issue yourself a completely new identity and get all the claims reissued. That's a bit more cumbersome, because you have to have your claims re-issued by whoever created them in the first place.
Ultimately, your goal is to make the effort to attack quite high. The great thing about the integrated solution from filancore and Venafi, is that the private key stays on the secure end device where it was created, such as on an HSM. The private key is never sent back to Venafi, so there is no central repository of the private key in that case, making the key very secure in that scenario.
Optimize for crypto-agility
Keys and certificates are used throughout your network to serve as machine identities and authorize and protect a wide range of machine-to-machine connections and communications. But this landscape of machine identities is constantly changing, and it requires constant vigilance to maintain strong cryptography across your entire environment. You need crypto agility to make changes to every cryptographic security asset at a moment’s notice without increasing security risks or ongoing availability of critical applications and services.
The filacore integration for Verifiable Credentials is available now. You can learn more from the Venafi Marketplace.
This blog features solutions from the ever-growing Venafi Ecosystem, where industry leaders are building and collaborating to protect more machine identities across organizations like yours. Learn more about how the Venafi Technology Network is evolving above and beyond just technical integrations.
Why Do You Need a Control Plane for Machine Identities?
Related posts
- Securing Machine Identities for Industrial IoT Devices: [Interview with Intrinsic ID]
- How PKI Certificates Could Help Secure the Internet of Things [IoT]
- Why the Rise of Enterprise IoT Puts Machine Identities to the Test
- IoT and Machine Identity Protection: Getting Smarter about Securing Smart Technologies