Go Back   nV News Forums > General Forums > Archived News Items

Newegg Daily Deals

Thread Tools
Old 11-05-12, 12:30 PM   #1
Registered User
Join Date: Jun 2009
Posts: 56,536
Post A Fort Knox for Web crypto keys: Inside Symantec's SSL certificate vault

Enlarge / Inside these security cabinets are the hardware security modules that safeguard millions credentials used to authenticate the websites of Symantec customers.
Dan Goodin

At the entrance to a nondescript building on the sprawling Symantec campus in Silicon Valley, the company's Senior Director of Operations, Identity and Authentication, Paul Meijer, is presenting his badge and entering his personal identification number to get inside. A second door not far away requires him to repeat the process all over again. A dozen or so feet further is a third door, and this one requires him to press his index finger against a sensor to prove he's one of fewer than 100 Symantec employees permitted to enter.

As he negotiates a series of additional mazes inside, he comes upon still more security checkpoints. One room at the center of the building'inside two concentric squares protected by a double layer of metallic mesh that isn't easily drilled, cut, or welded, requires two authorized Symantec employees to enter. To enter, Meijer and a colleague must key in a PIN and show a fingerprint. Inside are cabinets housing special-purpose computer servers that neither of the two employees can open because the combination is held by a different class of employees. A separate room where digital certificates are generated under rigorous "key-signing ceremonies," also requires dual occupancy. To further ensure the security of the operation, the second employee who must accompany Meijer is one of fewer than two dozen people with the required access codes.

Welcome to Symantec's SSL certificate vault, the company's repository that's built to military-grade specifications. The assets protected here aren't made of gold, silver or any other tangible material. Rather, they're the secret mathematical keys in the public key infrastructure that forms the basis of virtually all encrypted communications between websites and end users. Ars Technica recently took a rare tour of one facility where Symantec mints, stores, and sometimes revokes keys on behalf of companies such as Amazon, PayPal, and British Telecommunications.

Read 12 remaining paragraphs | Comments

News is offline   Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

All times are GMT -5. The time now is 01:08 AM.

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.