Implementation of CA eTrust Access Control For Government of India

Torrid sponsors OWASP Delhi Chapter Meeting
October 13, 2008
Torrid’s team member nominated as OWASP Delhi Chapter’s Communication Committe Lead
November 29, 2008

Customer is a prime department under Government of India and processes highly sensitive financial information across its datacenters distributed at different locations in India. The department is mainly responsible for matters relating to levy and collection of Direct and Indirect funds.

The Challenge

The sheer size and type of the organization made it most vulnerable for security breaches. There was need for a high level of availability, performance density, memory scalability, and investment protection therefore they implemented Hp Superdome Servers at multiple data centers distributed over different locations in India running HP-UX 11i operating systems.

The major challenges that were faced in the server infrastructure as described below:

  1. Role-Based Access Control and Superuser Containment: Superuser accounts were often shared by application operators, leading to ambiguous accountability. There was no available method to restrict or delegate operators based on “who will use it”. Also it was difficult to ensure availability to different users based on time, network attributes, access methods and so on.
  2. No centralized enforcement administration: There were major platform security differences that existed along with lack of remote policy administration which lead to a highly decentralized system. Decentralization pointed to lack of manageability which was a big problem for the management.
  3. Unrestricted superuser: Superuser account, which have unlimited access and authority, were unrestricted making breaching a cake walk like target for hackers. Imagine one of the bad Guys in your backyard having access to your assets.
  4. Inadequate auditing: Native auditing procedures were inadequate with a very low granularity level in the Operating System. Audit logs were accessible to Superusers for tampering and auditing processes could also be shut down at any time. Due to no presence of self-protecting mechanism against attacks pilferage, native logs would not be in a position to keep track of the original login and thus culprit could escape easily.
  5. Consistent Cross-Platform Problems: Different platforms have different security models and for the same reason different strategies need to be used for handling the difficulties in managing various security systems which, in turn, also increase management costs.

Torrid understood the challenges faced by the customer to propose CA eTrust Access Control (AC) software that could easily mitigate the risk of different threats. eTrust AC provides capability to manage centralized access control on different servers using policy enforcement mechanism along with lots of security features.

As the servers were running highly critical government applications it was not possible to put the policies into the enforced mode from day one, so initially all the policies were planned to put in the warning mode. It was a challenge in itself to provide with the accurate completion timelines to the project due to the close monitoring required for critical application and other components before enforcing the policies.

The Solution

Torrid deployed CA’s eTrust Access Control to counter the above challenges faced by the customer. Our security experts interacted with client’s team to understand the basic design of the architecture, target customers, end users, and confidential assets to design eTrust Access Control framework and its policy model database (PMDB) for implementation which is used to distribute policies to clients from the servers.

There were a total of 12 superdome servers which were having a pool of 68 virtualized servers distributed over 4 locations in India. The pool of servers further comprised development, pre-production and production servers. It was a huge pool, so starting with the best and right framework was undoubtedly an essential pre-requisite.

The following steps were taken to implement the solution in the architecture:

  1. Installation of eTrust Access Control server on a dedicated server.
  2. As per requirements, a Master PMDB and its sub-group PMDB’s were installed on the eTrust Access Control server.
  3. Baseline security policies were discussed with their team and enforced on the master PMDB as these policies should be on each and every host and thereafter policies on different sub group PMDB were discussed and enforced. As there were very critical production servers, so all the policies were put in the warning mode.

4. After designing the architecture of eTrust Access Control, installation and customization of the eTrust Access Control client was done on each server and subscribed to the respective PMDB.
5. Warnings on all the servers were regularly monitored for some time, discussed with their team and then put in the restrictive mode.

The Results

After analyzing the challenges, Torrid’s technical expertise helped the execution of the project and the successful implementation was rolled out in the first phase itself without second iteration. All the documentation was handed over to the client and further assistance was readily available for support and solving issues. Following benefits were reaped by the client due to the solution implementation:

  1. Role-Based Access Control and Superuser Containment: By using the solution, super user privileges were fully contained and delegated. There was no back door to bypass checks and gain full control of the system or unauthorized access to files and services. In turn, operators no longer need superuser account to perform their jobs.
  2. Centralized Enforcement Administration: Solution delivered a uniform level of security by bringing security up to correct level. It provided a centralized security control which allowed enterprise wide management of access enforcement and tracking with the help of Policy Model Database using a push mechanism to sequentially update the subscribers. Administrators could easily create, delete, suspend, revoke and expire user accounts centrally. They could also enforce password rules, quality, history, interval etc.
  3. Data Protection: Solution helped protecting confidential and sensitive data against hacks and thefts through identity based granular access control for all files through its Host Based Intrusion Prevention feature. This delivered high service uptime as well as made resources less susceptible to attacks.
  4. Secure Auditing: The solution offered a very secure, scalable and reliable means to collect and report access information – It provided secure audit logs – generated locally with possibility of being collected centrally.
  5. Consistent Security Policies: CA eTrust Access Control provided consistent security policy across all the HP-UX partitions.