melfi Security Solutions
Task to be solved
Imagine a distributed organization or a company with an array of different locations or sites: many business processes are transacted with other organizations (vendors, customers). In so doing, a wide variety of different systems are used on either side. Back-office employees and external users and applications require dedicated access rights and a universal identification.
Uniform, secure user rights administration providing for full reconstructibility is key when it comes to effectiveness, cost vs. benefit, and the protection of sensitive business data.
Sound user administration is dependent not only on a reliable technology, e.g. employing strong encryption to protect individual administrative processes, but also on taking the human factor into account: the personal relationship of trust between the administrator and the system user is an essential security element in issuing access rights. In a highly distributed organization, an interrupted chain of relationships based on trust has to be established throughout the enterprise. This aspect in particular is instrumentally supported by melfi’s design.
In so doing, all administrative processes have to provide for complete reconstructibility, a key prerequisite to be satisfied by processes in large listed corporations (cf. IFRS, Sarbanes-Oxley Act).
This results in the following requirements:
- Distributed administration of users and rights
- Maximum security provided by encryption
- Support of personal relationships of trust between users and the local administrator
- End-to-end traceability providing uncontroverted proof of the granting or revocation of access rights
- Easy integration in any application
- Global deployment
- across individual sites within the enterprise or beyond the enterprise itself
- for individual applications, or for groups of applications
melfi provides the ideal security solution for all cases whether complex or simple: persons and systems/programs alike are identified via the digital certificates of a public key infrastructure (see RFC 5280).
Access and administrator rights are modeled by attribute certificates (see RFC 5755).
melfi functions like an electronic notary: a set of rules is defined and monitored by melfi for one or more applications operated in a network. These rules determine the conditions under which someone may issue rights to someone else or revoke them. In so doing, the security policy is precision-modeled by a uniform set of rules.
Representation of identities, rights and rules
Rules pertaining to access rights
- The rules in turn are signed using a public key certificate (PKC) specific to the respective application and loaded in a central repository administered by melfi.
- Persons are granted administrative rights — also represented by a PKC — and thus become a local administrator: these persons are permitted access to other administration processes as provided for by the registered rules.
- Like administrators or users, applications are represented by a public key certificate as a resource. The specific rules of an application are stored in an attribute certificate (AC).
Granting and monitoring of rights
- The rules and the initial administrators of the respective application are automatically registered while melfi is being installed.
- A potential user of a melfi-registered application is issued a right by an administrator in the form of an AC. A right is revoked by entering the respective AC in a certificate revocation list.
- Local administration on site is done using melfi’s downloadable signing tool. As a rule, administration is underpinned by the unambiguous identification of a person, e.g. by personally meeting the local administrator or personally knowing him or her.
- The target application — represented by a public key certificate — is given the right to query melfi for the user rights of a requestor.
- Acting as an electronic notary, melfi responds to such queries of a registered application by checking the user’s public key certificate. The result is that the user rights are batched and returned in the form of an attribute certificate certificate signed by melfi and valid for only a brief period.
In this manner, the issuing and revocation of rights is secured by strong encryption; the issuing processes provide for complete reconstructibility and evidentiary value thanks to being electronically signed.
Depending on the respective security requirements, both software- and hardware-based certificates can be used, i.e. stored on encryption cards or HSMs.
melfi consists of a number of Java-based components that can be integrated with existing applications without any programming effort. Thanks to proprietary expansion components these modules can also be adapted to the special requirements of an organization or the target applications requiring protection.
- Central Java EE Server with a repository for storing certificates and revocation lists (accessible via secure web services).
- Signing tool serving as a Java Web Start application for the administration of resources and rights (support for tokens via PKCS#11, PKCS#12 and MSCAPI and specially adaptable user interface by way of expansion interfaces; can also be enhanced or replaced with proprietary tools).
- Java Servlet filters for direct, seamless integration of authentication components and the electronic notary in the JCA infrastructure (no specific interface needed when integrating a JAVA EE application; supports TLS termination to an application server and an upstream reverse proxy).
- OCSP responder that delegates status queries to the central server during TLS termination. This causes a status check to be performed via the online services of the issuing authority. A check is also performed of the rights linked to a PKC (the module can be seamlessly slotted into existing software or hardware appliances).
Advantages to you
melfi is a must whenever the central, secure, uniform administration of users is not possible or practical for organizational or other reasons.
The key features of melfi:
- Universal user and rights management
- Enables the delegated administration of complex organizations
- Can be used on all applications throughout the network
- Secure processes and user data ensured by digital signatures
- Provable processes evidenced by end-to-end audit trail
- Multi-tenant capability
- Integration in any environment made easy
Have we piqued your interest?
Please don’t hesitate to contact us for more information on melfi.
Head of Security Solutions
Telefon: +49 (6897) 935-175
Telefax: +49 (6897) 935-100
Contact me for your security needs.