"nShield had the features and flexibility necessary for the various ways we planned to use cryptography."

Download in PDF »

What does it take to convince aerospace and defense companies that it’s safe to permit sensitive product design information to be shared and stored outside the corporate firewall?

Exostar (www.exostar.com), a provider of e-business services for the aerospace and defense industry, knew that ordinary security considerations wouldn’t be enough. “Security is top-of-mind for our customers,” says Exostar security manager Jeff Nigriny. “Not only is national security of paramount concern, but these companies can’t afford to take chances with their intellectual property. To meet their needs, we created the most secure online collaboration service commercially available by building security into the system design from the very beginning.”

Exostar, which was founded by industry leaders BAE SYSTEMS, Boeing, Lockheed Martin, Raytheon and RollsRoyce, connects manufacturers, suppliers and customers in a virtual marketplace. Its collaboration service, ForumPass, enables business partners throughout the aerospace and defense industry to work together more effectively through shared online workspaces. With ForumPass, companies create a Web-based workspace for each product development project, where internal and external team members can come together to share and markup information across various applications and formats, conduct virtual realtime meetings and track project progress. By giving extended project teams better communication and management tools, ForumPass helps companies streamline the supply chain and gain control over the unwieldy product development process—and in turn, speed time to market, improve product quality and significantly cut product development costs.

To collaborate successfully, team members must have instant access to the latest project data – highly sensitive CAD drawings, product specifications, project plans, timelines and more. To protect this intellectual property as it is shared—and to meet the strict security requirements established by the founding partners—Exostar makes advanced use of cryptography for a broad range of functions, such as ncryption, user authentication and audit logging. When it came time to select a solution to provide cryptographic processing and key protection for its sophisticated security infrastructure, Exostar chose nCipher’s tamper-resistant nShield™ hardware security module (HSM).

Hardware key protection at every step

“One of the mandates for ForumPass was comprehensive encryption,” says Nigriny. “That meant we needed to find the best way to protect the encryption keys. While we looked at various options, nShield fit our needs exactly. Not only did it have the features and flexibility necessary for the various ways we planned to use cryptography, but it offered the FIPS 140 Level 3 (Federal Information Processing Standard) validation that is important to government entities and other organizations. At the same time, nShield came highly recommended by Evincible, who provided the privacy technology behind ForumPass, and satisfied the criteria laid out by the security analysis firm @stake, who served as the project integrator for ForumPass.”

Within ForumPass, multiple nShield HSMs enable the secure generation, protection and management of cryptographic keys to provide strong 128bit encryption and facilitate:

End-to-End Encryption — One of the unique features of ForumPass is the encryption of each document being exchanged among team members – from the second it leaves a user’s desktop to the time a colleague downloads it. When a user uploads a document to a project workspace via a Web browser, the document is automatically encrypted with a symmetric key. That symmetric key itself is then encrypted, and is uploaded with the document to the Web server. The private key used for decryption of the symmetric key is protected in an offsite key server with the help of nShield. When a user wants to download a document, its encrypted symmetric key is passed to the key server, which authenticates the user and decrypts the symmetric key. The key is then sent to the user’s browser, which then decrypts the document.

User Authentication — In addition to mandating that all users present a digital certificate to access the system, ForumPass authenticates users each time they decrypt a document. When initially uploading a document to a project workspace, users are asked to indicate which colleagues are allowed to download it. When one of the authorized team members wants to retrieve the document, ForumPass leverages SAML (Security Assertion Markup Language), an XMLbased language used to exchange security information, to validate the user’s request. nShield signs these SAML “assertions” to ensure their authenticity and after successful validation, authorizes the document to be decrypted.

Database Encryption — With ForumPass, all information and documents retained within the system– from CAD drawings to discussion threads – is encrypted while stored on the distributed Oracle database. Database encryption is a critical component of the system, as it prevents someone with database access from accessing information while it is not in use. nShield provides highly secure database encryption and decryption by ensuring that sensitive encryption keys are never exposed. The Evincible Privacy database encryption server, which resides on the same host as the database server engine, interfaces with the nShield HSM that secures the symmetric encryption keys.

Secure Audit Logs — To maintain overall system integrity, ForumPass’ audit logs are digitally signed. The audit logs record all decryption requests and security policy changes. nShield cryptographically electronically signs each new log entry with a private key to indicate authenticity and provide a mechanism to detect tampering of audit records. Any attempts to insert, modify or delete audit entries are detected by a failure in the audit log signature verification process.

Securing confidence with HSMs

“Cryptography is incredibly central to ForumPass and its functionality,” says Nigriny. “Just look at the task of document review as an example. Every time someone accesses a document, three HSMs are involved: one for the database, one for user authentication, and one for protection of the key server.”

All the cryptographic processing takes place quickly and transparently, providing a positive user experience. “Security functionality does not get in the way of actual collaboration,” explains Nigriny. “nShield’s performance capabilities are an important feature. For example, we’ve found that the whole decryption process for a 100KByte document typically takes under one second.”

ForumPass 2.0, which was launched in October 2002, is already yielding results for initial users like RollsRoyce, which uses the service to improve collaboration on the development of its Trent 900 engine for commercial airliners. As customers create ForumPass workspaces for more and more projects, Exostar is ready. “ForumPass is designed to scale easily,” says Nigriny. “We simply add more servers and in turn, more HSMs. nShield’s key management features make it simple for us to expand as the number of project workspaces and users increases.”

According to Nigriny, use of HSMs plays a key role in Exostar’s success. “Our customers’ security review boards look for security gaps, and one of the most common is insecure key storage. An HSM is recognized as the most secure way to protect keys—so having nShield in place stops that conversation right where it starts.”