Introduction
Over the past few years, I have implemented and supported the use of hardware 2FA in order to provide a much needed method of stronger authentication for working on systems that have access to sensitive medical data. This has been implemented successfully within the department of psychiatry for remote access and has been running for a number of years. More recently I have introduced this approach into Research Services and the unix group within ITI. This methodology is now starting to take hold, and as part of some pilot services being implemented for MVM, will be used more in the wild over the coming months. The product selected to provide 2FA are yubikeys from Yubico, due to their good reputation, open framework design, large scale adoption, price point and ease of implementation.
Proposal
The standard user keys are relatively inexpensive and provide a cost effective way to add this additional layer of authentication. As part of yubico’s hardware portfolio, they offer an server based key, that is capable of doing offloaded validation of the standard user keys, also known as a hardware security module (HSM). I would like to purchase 3 yubikey HSM keys at a cost of £1500. 2 of these keys will be used so that I can develop and test the setup of an internal yubikey validation server. The 3rd key will be used to test the additional features of the yubikey HSM’s features (secure off system key / identity management, encryption and validation). The purchase of these keys provides a fast start and secure way to investigate and explore the use of onsite OTP / 2FA validation, while also providing some additional developmental hardware for the use of dedicated offload validation hardware.
Limitations
In its default state, the yubikey HSM key can only store the IDs of 1024 keys. This limitation will only become an issues if the yubikey has a much wider adoption than it is currently expected to. If this were to occur I would be delighted as it would demonstrate a clear need for good hardware 2FA within the university. There are additional paths for the implementation of a full blown yubikey validation server without the use of the HSM key, but doing so would come with a number of additional security implementation considerations. I would consider and draw up implementation plans as part for this as part of monitoring the overall usage of the keys. Some additional low cost HSM keys that support x509 certificates may also be purchased to evaluate the hardware offloading.
Current project status
Report Date | RAG | Budget | Effort Completed | Effort to complete |
---|---|---|---|---|
July 2016 | BLUE | 0.0 days | 0.0 days | 0.0 |