Providing Security for Certification Authority Servers

Computers that run CA services can be priority targets for attack by intruders who maliciously want to disrupt network services or compromise the security of network and information systems. If intruders can gain unauthorized access to a CA server or exploit weaknesses in the security of the server, they can gain access to valuable network resources and compromise the security of the affected portion of the certification trust chain. Therefore, you should provide higher security for CA servers than for regular servers.

The risk of attacks on your CAs depends on many factors, including how secure your networks are, the value to be gained by a successful attack, and the costs of attempting the attack. If the CA is inside your firewall and used on the intranet for routine business purposes, the risk of attack might be low. However, if the CA is outside your firewall and used for an extranet, the risk of attack might be high.

If a CA is compromised, there can be considerable damage and cost to your organization. The damages and costs of a compromised CA include the following:

  • Stolen proprietary information.

  • Efforts spent investigating and stopping the intruder's attacks on the network.

  • Failed or disrupted network services.

  • Destroyed or corrupted network resources.

  • Efforts to recover from the CA compromise and redeploy new CAs and certificates.

A compromised root CA is far more costly than a compromised intermediate CA or issuing CA. You can deploy multiple CA hierarchies to reduce the impact of a single compromised CA on your organization.

To determine what security measures are appropriate for CAs, weigh the estimated cost of providing security measures against the estimated cost of compromised CAs. Security measures for CA servers can include the following:

  • Maintaining servers in secure data centers and controlling physical access to trusted administrators.

  • Using hardware CA devices or hardware-based CSPs to provide maximum security for the CAs' private keys.

  • Configuring server security settings for high security levels, such as those security levels provided by the High Security template.

  • Using the Windows 2000 System Key (SysKey) to provide additional encryption protection of CA servers' protected stores.

  • Performing security auditing to monitor for potential attacks on CA servers.

  • Restricting user rights assignments to limit user rights to the appropriate administrator group. (No other users or groups have rights or permissions to view or perform any tasks on the local CA computer.)

  • Disabling unnecessary services so they cannot run on CA servers; running unnecessary services provides a mechanism that intruders can exploit.

  • Implementing security policies and procedures to control the deployment of CAs in the enterprise.

Choosing security measures for a CA involves weighing the costs of implementing and maintaining those security measures against the risks of potential attack on the CA and the potential costs of a CA compromise. Higher risks of attacks on the CA and higher costs of a CA compromise generally justify higher costs for security measures to protect the CA. Provide the most protection for root CAs, and provide more protection for intermediate CAs than for issuing CAs.

For example, your organization decides to protect a large amount of highly valuable and confidential information by using public key security solutions. You also decide to acquire expensive hardware CA devices for root CAs and store the root CAs in maximum security vaults that are located at your headquarters for safekeeping. You authorize access to the root CAs for trusted administrators so that they can certify intermediate CAs for each of your business units. The intermediate CAs are offline Windows 2000 CAs, which are disconnected from the network and maintained in locked data centers by the administrator for each business unit. The intermediate CAs are used to certify issuing Windows 2000 CAs as necessary to meet the certificate needs of each business unit. Issuing CAs are Windows 2000 enterprise CAs or stand-alone CAs that are maintained in secure data centers by each business unit. Your organization's security policy includes strict procedures and controls for requesting, authorizing, and implementing root CAs, intermediate CAs, and issuing CAs in the enterprise.

However, if your organization uses public key security solutions to protect information with relatively low value, you might decide to deploy offline Windows 2000 root CAs that are locked in data centers, rather than expensive hardware-based CAs locked in vaults. You might allow business units to maintain intermediate CAs and issuing CAs outside data centers. You also might place fewer restrictions on requesting, authorizing, and implementing CAs.

You can deploy Windows 2000 Certificate Services by using the Microsoft Base CSPs to provide CA security that meets a wide range of needs. However, when you need to provide the highest security for CAs, consider using hardware-based CAs. For more information about hardware-based cryptography solutions that work with Windows 2000 Server and Certificate Services, contact the appropriate hardware vendors.