G. Mappings of TLS 1.3 Visibility Capabilities to Risk Framework Documents#
Mappings between cybersecurity functions performed by the reference design’s logical components and the security characteristics enumerated in relevant cybersecurity documents are provided in this appendix. These mappings are intended for any organization that is interested in implementing TLS 1.3 visibility solutions or that has begun or completed an implementation. The mappings provide information on how cybersecurity functions from the reference design are related to NIST-recommended security outcomes and controls: the security outcome subcategories from the NIST Cybersecurity Framework (Framework for Improving Critical Infrastructure Cybersecurity [CSF] 2.0) and security controls identified in NIST SP 800-53r5 (Security and Privacy Controls for Information Systems and Organizations). All of the elements in these mappings—the TLS 1.3 visibility cybersecurity functions, CSF Subcategories, and SP 800-53 controls—are concepts involving ways to reduce cybersecurity risk.
Return to Risk and Compliance Management.
G.1 Use Cases#
There are two primary use cases for this mapping. They are not intended to be comprehensive.
Why should organizations implement TLS 1.3 visibility solutions? This use case identifies how implementing TLS 1.3 visibility solutions can support organizations in achieving CSF Subcategories and SP 800-53 controls. This helps communicate to an organization’s chief information security officer, security team, and senior management that expending resources to implement TLS 1.3 visibility solutions can also aid in fulfilling other security requirements.
How can organizations implement TLS 1.3 visibility solutions? This use case identifies how an organization’s existing implementations of CSF Subcategories and SP 800-53 controls can help support trusted implementation of TLS 1.3 visibility solutions. An organization wanting to implement TLS 1.3 visibility solutions might first assess its current security capabilities so that it can plan how to add missing capabilities and enhance existing capabilities. Organizations can leverage their existing security investments and prioritize future security technology deployment to address the gaps.
G.2 Mapping Terminology#
In this publication, we use the following relationship types from NIST IR 8477 to describe how the functions in our reference design are related to the NIST reference documents. Note that the Supports relationship applies only to use case 1 in Section D.1 and the Is Supported By relationship applies only to use case 2.
Supports: TLS 1.3 Visibility function X supports security control/Subcategory/capability/requirement Y when X can be applied alone or in combination with one or more other functions to achieve Y in whole or in part.
Is Supported By: TLS 1.3 Visibility function X is supported by security control/Subcategory/capability/requirement Y when Y can be applied alone or in combination with one or more other security controls/Subcategories/capabilities/requirements to achieve X in whole or in part.
Each Supports and Is Supported By relationship has one of the following properties assigned to it:
Example of: The supporting concept X is one way (an example) of achieving the supported concept Y in whole or in part. However, Y could also be achieved without applying X.
Integral to: The supporting concept X is integral to and a component of the supported concept Y. X must be applied as part of achieving Y.
Precedes: The supporting concept X precedes the supported concept Y when X must be achieved before applying Y. In other words, X is a prerequisite for Y.
When determining whether a reference design function’s support for a given CSF Subcategory or SP 800- 53 control is integral to that support versus an example of that support, we do not consider how that function may in general be used to support the Subcategory, control, capability, or requirement. Rather, we consider only how that function is intended to support that Subcategory, control, capability, or requirement within the context of our reference design.
Also, when determining whether a function is supported by a CSF Subcategory, SP 800-53 control, capability, etc. with the relationship property of precedes, we do not consider whether it is possible to apply the function without first achieving the Subcategory, control, capability, or requirement. Rather, we consider whether, according to our reference design, the Subcategory, control, capability, or requirement. Rather, 434 we consider whether, according to our reference design, the Subcategory, control, capability, or 435 requirement is to be achieved prior to applying that function.
G.3 Cybersecurity Framework (CSF) Mapping#
This section provides a mapping of system architectural elements to the CSF. It includes both CSF objectives that need to be met for secure operation of the platform for visibility into TLS 1.3-protected traffic and CSF objectives that the platform supports.
Logical Architecture Component |
Component’s Function |
Function’s Relationship to CSF Subcategories |
Relationship Explanation |
|---|---|---|---|
TLS Client Devices |
Devices that initiate encrypted traffic. These TLS client devices are likely to be located outside of the data center. |
Is supported by (example of) PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected |
The TLS client devices use TLS 1.3 to provide cryptographic protection to data-in-transit. |
Network Tap |
Component that provides a copy of traffic from a network segment. |
Is supported by (precedes) PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization. |
Authorization for access to (e.g., configuration of) and connections to a network tap must require credentialling and authorization of the responsible staff. |
Is supported by PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions. |
Authorization for access to (e.g., configuration of) and connections to a network tap must require credentialling and authorization of the responsible staff. |
||
Supports (integral to) DE.CM-01: Networks and network services are monitored to find potentially adverse events. |
In the passive inspection architectures, the network tap diverts TLS 1.3-protected traffic for analysis. |
||
Middlebox - Break and Inspect Component |
Component that terminates, decrypts, and re-encrypts/reinitiates traffic. |
Is supported by (precedes) GV.RR-02: Roles, responsibilities, and authorities related to cybersecurity risk management are established, communicated, understood, and enforced |
The organization must establish monitoring and analysis roles that are authorized access to the middlebox processes and information associated with inspection and analysis of TLS traffic in order to configure system access controls. The authorized roles must be consistent with internal information protection policies and agreements with external partners. |
Is supported by (precedes) PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization. |
Authorization for access to (e.g., configuration of) and connections to middleboxes must require prior credentialling and authorization of the responsible staff. |
||
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
The middlebox is a security-critical element capable of being used as an unauthorized man-in-the-middle. As such, physical access to this element must be managed and protected to protect against exploitation. |
||
Is supported by (integral to) PR.AA-03: Users, services, and hardware are authenticated |
The middlebox is capable of being used as an unauthorized man-in-the-middle. As such, authenticated control of access to this element is security critical. |
||
Is supported by (integral to) PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties. |
The middlebox is capable of being used as an unauthorized man-in-the-middle. As such, the principle of least privilege is essential to the integrity of the TLS protections. |
||
Supports (example of) PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected |
The break and inspect middlebox re-encrypts the traffic to provide cryptographic protection to data-in-transit within the data center. |
||
Supports (integral to) DE.CM-01: Networks and network services are monitored to find potentially adverse events. |
The break and inspect middlebox permits continuous network monitoring monitored to detect potential cybersecurity events by decrypting and forwarding traffic re-encrypted by data center keys to real time and post facto analysis platforms. |
||
Real Time Analytics Platform |
Set of tools for examining unencrypted payloads to identify undesired characteristics such as identification of causes of network or applications performance degradation or failures, key management-based communications failures, detection and identification of anomalous received data, identification of sources of anomalous data, and detection of traffic from unauthorized sources), and identification of legitimate enterprise data being exfiltrated to anomalous destinations. |
Is supported by (precedes) GV.PO-01: Organizational cybersecurity policy is established, communicated, and enforced. Policy for managing cybersecurity risks is established based on organizational context, cybersecurity strategy, and priorities and is communicated and enforced |
Organizational security policy is prerequisite to determining authorized vs unauthorized data sources and destinations. |
Is supported by (precedes) PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization. |
Authorization for access to the analytics platform(s) must require prior credentialling and authorization of the responsible staff. |
||
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
The real time analytics platform processes potentially sensitive decrypted TLS traffic. |
||
Is supported by (integral to) PR.IR-01: Networks and environments are protected from unauthorized logical access and usage. |
The real time analytics platform processes potentially sensitive decrypted TLS traffic. |
||
Supports (example of ) ID.RA-03: Internal and external threats to the organization are identified and recorded. |
Detection and identification of anomalous received data, identification of sources of anomalous data, and detection of traffic from unauthorized sources contribute to identification of new threats. |
||
Supports (example of) ID.RA-10: Critical suppliers are assessed prior to acquisition. |
Information discovered in the course of analytics contributes to audit and evaluation of connected business partners for conformance with contractual data security obligations. |
||
Is supported by (integral to) PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties. |
The real time analytics platform accesses a variety of potentially sensitive unencrypted payloads in large quantities. Only personnel having duties specifically authorizing access to the payloads may have access permission. |
||
Supports (example of) ID.AM-03: Representations of the organization’s authorized network communication and internal and external network data flows are maintained. |
The data provided by the real time analytics platform’s tools are used to maintain and manage the baseline of network operations and expected data flows. |
||
Supports (integral to) DE.AM-02: Potentially adverse events are analyzed to better understand associated activities. |
The real time analytics platform’s tools are used to detect events and analyze attack targets and methods. |
||
Supports (integral to) DE.AE-03: Information is correlated from multiple sources. |
The real time analytics platform’s tools can correlate information from multiple sources to support determination of the impact of anomalous events. |
||
Supports (integral to) DE.CM-01: Networks and network services are monitored to find potentially adverse events. |
The real time analytics platform monitors the network for undesired characteristics such as identification of causes of network or applications performance degradation or failures, key management-based communications failures, detection and identification of anomalous received data, identification of sources of anomalous data, and detection of traffic from unauthorized sources), and identification of legitimate enterprise data being exfiltrated to anomalous destinations. |
||
Supports (example of) DE.CM-6: External service provider activities and services are monitored to find potentially adverse events. |
The real time analytics platform monitors the network for potential cybersecurity events |
||
including unauthorized connections and devices. |
|||
Traffic Capture Platform for Post Facto Decryption and Analysis |
Encrypted storage of captured traffic to allow subsequent analytics of captured traffic. This can be encrypted storage of the captured decrypted traffic or storage of the captured original encrypted traffic. |
Is supported by (precedes) PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization. |
Authorization for access to the traffic capture platform must require prior credentialling and authorization of the responsible staff. |
Supports (integral to) PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected. |
Traffic is stored only in encrypted form. |
||
Supports (example of) DE.AM-03: Representations of the organization’s authorized network communication and internal and external network data flows are maintained. |
The data provided by post facto analysis are used to maintain and manage the baseline of network operations and expected data flows. |
||
Supports (integral to) DE.AE-02: Potentially adverse events are analyzed to better understand associated activities. |
The data provided by post facto analysis are used to detect events and analyze attack targets and methods. |
||
Supports (integral to) DE.AE-03: Impact of events is determined. |
Post facto analysis of TLS 1.3-protected traffic correlates information from multiple sources and supports determination of the impact of anomalous events. |
||
Supports (example of) DE.CM-01: Networks and network services are monitored to find potentially adverse events. |
Post facto analysis of captured, decrypted, and re-encrypted TLS 1.3-protected data permits network monitoring to detect characteristics such as identification of causes of network or applications performance degradation or failures, key management-based communications failures, detection and identification of anomalous received data, identification of sources of anomalous data, and detection of traffic from unauthorized sources), and identification of legitimate enterprise data being exfiltrated to anomalous destinations. Post facto analysis of TLS 1.3-protected traffic can support detection of malicious code and mobile code. |
||
Key Governance Platform |
Security module performing storage and distribution of keys (e.g., discover, create, renew, provision, revoke, and destroy certificates and keys). Bounded lifetime DH keys are pushed to the TLS server and passive decrypt device providing real time decryption, they are also stored for future use by decrypt solutions that work with captured encrypted sessions. Ephemeral session keys and flow identification data are received from the Session Key Capture agent or the decrypt platform providing real time decryption using these keys and stored for future use by decrypt solutions that work with captured encrypted sessions. |
Is supported by (precedes) PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization. |
Authorization for access to (e.g., configuration of) and connections to the key governance platform must require prior credentialling and authorization. |
Is supported by (integral to) PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties. |
The key governance platform discovers, creates, renews, provisions, revokes, and destroys certificates and keys upon which transport layer security relies. Unauthorized access to these keys and processes compromises the effectiveness of TLS. Unauthorized access to TLS transactions can result in access to the full range of information being exchanged. |
||
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
The key governance platform discovers, creates, renews, provisions, revokes, and destroys certificates and keys upon which transport layer security relies. |
||
Supports (integral to) PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected. |
Keys are stored only in encrypted form. |
||
Supports (integral to) PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected. |
Keys are distributed within the data center in encrypted form only. |
||
Supports (example of) ID.AM-08: Systems, hardware, software, services, and data are managed throughout their life cycles. |
The key governance platform supports management of keys including revocation and destruction keys according to enterprise policy. |
||
Supports (integral to) DE.CM-01: Networks and network services are monitored to find potentially adverse events. |
The key governance platform permits continuous network monitoring to detect potential cybersecurity events by providing key variable information necessary to enable decrypting and forwarding re-encrypted traffic (by data center keys) to real time and post facto analysis platforms. |
||
TLS Server |
Counter party for encrypted traffic that generates session keys, negotiates encryption protocols, and connects to key management infrastructure. |
Is supported by (precedes) GV.OC-02: Internal and external stakeholders are understood, and their needs and expectations regarding cybersecurity risk management are understood and considered. |
The organization must establish monitoring and analysis roles that are authorized access to the server processes and information associated with inspection and analysis of TLS traffic to configure system access controls. The authorized roles must be consistent with internal information protection policies and agreements with external partners. |
Is supported by (precedes) PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization. |
Authorization for access to (e.g., configuration of) TLS servers must require prior credentialling and authorization of appropriate staff. |
||
Is supported by (integral to) PR.AA-05: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties. |
The TLS server has access to all information being transferred under TLS. Access to the TLS transactions and security processes by unauthorized individuals can result in serious harm to the organization. |
||
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
The TLS server performs TLS cryptographic processes, including access to keys. It hosts the session key capture and registration agent. Physical access to the server can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PR.IR-01: Networks and environments are protected from unauthorized logical access and usage. |
The TLS server performs TLS cryptographic processes, including access to keys. It hosts the session key capture and registration agent. Network-based privileged access to the server can result in unauthorized access to the keys and information protected under the keys. |
||
Key Management Agent |
Provisions the TLS server with bounded lifetime DH keys under control of the key governance platform. |
Is supported by (precedes) PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization. |
Authorization for access to (e.g., configuration of) and connections to the key management agent must require prior credentialling and authorization of the responsible staff. |
Is supported by (integral to) PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties. |
The key management agent has access to the session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. For this reason, access must be limited to those having specific duties requiring access to all transactions. |
||
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
The key management agent has access to the session keys under which TLS transactions are protected. Physical access to the key management agent by unauthorized individuals can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PR.IR-01: Networks and environments are protected from unauthorized logical access and usage. |
The key management agent has access to the session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected. |
Keys are stored by the key management agent only in encrypted form. |
||
Supports (integral to) PR.DS-2: The confidentiality, integrity, and availability of data-in-transit are protected. |
Keys are distributed by the key management agent within the data center in encrypted form only. |
||
Supports (integral to) DE.CM-01: Networks and network services are monitored to find potentially adverse events. |
The key management agent permits continuous network monitoring to detect potential cybersecurity events by providing key variable information necessary to enable decrypting and forwarding re-encrypted traffic to real time and post facto analysis platforms. |
||
Key Capture and Registration Agent |
Captures the ephemeral session keys and registers the captured keys and flow identification data with the key governance platform. |
Is supported by (precedes) GV.OC-02: Internal and external stakeholders are understood, and their needs and expectations regarding cybersecurity risk management are understood and considered. |
The organization must establish monitoring and analysis roles that are authorized access to the processes and information associated with inspection and analysis of TLS traffic to configure system access controls. The authorized roles must be consistent with internal information protection policies and agreements with external partners. |
Is supported by (integral to) PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties. |
The key capture and registration agent has access to the ephemeral session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. For this reason, access must be limited to those having specific duties requiring access to all transactions. |
||
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
The key capture and registration agent has access to the ephemeral session keys under which TLS transactions are protected. Physical access to the key management agent by unauthorized individuals can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PR.IR-01: Networks and environments are protected from unauthorized logical access and usage. |
The key capture and registration agent has access to the ephemeral session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected. |
Keys are stored by the key capture and registration agent only in encrypted form. |
||
Supports (integral to) PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected. |
Keys are distributed by the key capture and registration agent within the data center in encrypted form only. |
||
Supports (integral to) DE.CM-01: Networks and network services are monitored to find potentially adverse events. |
The key capture and registration agent permits continuous network monitoring to detect potential cybersecurity events by providing key variable information necessary to enable decrypting TLS 1.3-encrypted traffic and forwarding re-encrypted traffic to real time and post facto analysis platforms. |
||
Key Source |
Stores private and secret keys. |
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
Protection of private and secret cryptographic keys is critical to TLS and to enterprise security and integrity in general. The Thales key source provides physical protection. |
Supports (integral to) PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected. |
Keys are stored only in encrypted form. |
||
Supports (integral to) PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected. |
Keys are distributed by the key source within the data center in encrypted form only. |
||
Enterprise PKI |
Provides enterprise key certificates. |
Is supported by (integral to) PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties. |
The enterprise PKI has access to private keys. Unrestricted access to the key management agent can result in unauthorized access to the keys and information protected under the keys for the entire enterprise ‘ including other enterprises for which it provides PKI services. |
Is supported by (integral to) PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk. |
The enterprise PKI has access to private keys, usually for multiple systems. Physical access to the enterprise PKI by unauthorized individuals can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PR.IR-01: Networks and environments are protected from unauthorized logical access and usage. |
The enterprise PKI has access to private keys, usually for multiple systems. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected. |
Provides keying material for protection of decrypted TLS 1.3 traffic sent to storage in post facto analytics platforms within the data center. Keys are stored in the enterprise PKI only in encrypted form. |
||
Supports (integral to) PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected. |
Provides keying material for protection of data-in-transit within the data center. Only cryptographically protected private and symmetric keys are distributed by the enterprise PKI. |
G.4 Special Publication (SP) 800-53 Mapping#
While SP 800-53 identifies a broad range of controls that are applicable to the TLS 1.3 visibility platform that is described in this publication, a number of the controls are particularly needed to implement the demonstrated configuration securely. The following table identifies these controls using the “is supported by” designation. The table also identifies SP 800-53 controls that are supported by the demonstrated platform.
Logical Architecture Component |
Component’s Function |
Function’s Relationship to SP 800-53 Controls |
Relationship Explanation |
|---|---|---|---|
TLS Client Devices |
Devices that initiate encrypted traffic. These TLS client devices are likely to be located outside of the data center. |
Supports (example of) SC-8: Transmission Confidentiality and Integrity |
The TLS client devices use TLS 1.3 to provide cryptographic protection to data-in-transit. |
Network Tap |
Component that provides a copy of traffic from a network segment. |
Is supported by (precedes) AC-2: Account Management |
Accessing tapped network data requires that the organization have defined and documented the types of accounts allowed access to the tapped information; assigned account managers; have identified and applied role-based criteria for individual and group access, continuously monitor use of the account(s); notify account managers and specified staff within an organization-defined time period when accounts are no longer required when users are terminated or transferred, and notify account managers and specified staff within an organization-defined time period when system usage or need-to-know changes for an individual; and authorize access to the system based on: a valid access authorization and Intended system usage. |
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) IA-2: Identification and Authentication (Organizational Users) |
Unique identification and authentication of users is applied to all having access to tapped information except for the authorized use of group authenticators without individual authentication. Since processes execute on behalf of groups and roles, organizations may require unique identification of individuals in group accounts or for detailed accountability of individual activity. Note that the use of encrypted virtual private networks for network connections between organization-controlled endpoints and non-organization-controlled endpoints may be treated as internal networks with respect to protecting the confidentiality and integrity of information traversing the network. |
||
Is supported by (integral to) IA-4: Identifier Management |
Authorization for access to (e.g., configuration of) and connections to a network tap must require receipt of authorization from an organization-defined person or role to assign an individual, group, role, service, or device identifier; selection of an identifier that identifies an individual, group, role, service, or device; and assignment of the identifier to the intended individual, group, role, service, or device. |
||
Supports (integral to) CA-7: Continuous Monitoring |
In the passive inspection architectures, the network tap diverts TLS 1.3-protected traffic to analytic platforms that are used to conduct continuous monitoring. |
||
Supports (integral to) SI-4: System Monitoring |
In the passive inspection architectures, the network tap diverts TLS 1.3-protected traffic to invoke internal monitoring and analysis for attacks and indicators of potential attacks, unauthorized local, network, and remote connections, unauthorized use of the system, and analysis of detected events and anomalies. |
||
Middlebox - Break and Inspect Component |
Component that terminates, decrypts, and re-encrypts/reinitiates traffic. |
Is supported by (precedes) AC-2: Account Management |
The organization must establish monitoring and analysis roles that are authorized access to the middlebox processes and information associated with inspection and analysis of TLS traffic to configure system access controls. The authorized roles must be consistent with internal information protection policies and agreements with external partners. |
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege. |
The middlebox is capable of being used as an unauthorized man-in-the-middle. As such, the principle of least privilege is essential to the integrity of the TLS protections. |
||
Is supported by (integral to) AC-17: Remote Access |
The middlebox is capable of being used as an unauthorized man-in-the-middle. As such, control of remote access to this element is security critical. This includes establishing and documenting usage restrictions, configuration/connection requirements, and implementation guidance for each type of remote access allowed and authorizing each type of remote access to the system prior to allowing such connections. |
||
Is supported by (integral to) IA-2: Identification and Authentication (Organizational Users) |
Unique identification and authentication of users is applied to all having access to break and inspect functionality except for the authorized use of group authenticators without individual authentication. Since processes execute on behalf of groups and roles, organizations may require unique identification of individuals in group accounts or for detailed accountability of individual activity. Note that the use of encrypted virtual private networks for network connections between organization-controlled endpoints and non-organization-controlled endpoints may be treated as internal networks with respect to protecting the confidentiality and integrity of information traversing the network. |
||
Is supported by (integral to) IA-4: Identifier Management |
Authorization for access to (e.g., configuration of) and connections to and from a break and inspect device must require receipt of authorization from an organization-defined person or role to assign an individual, group, role, service, or device identifier; selection of an identifier that identifies an individual, group, role, service, or device; and assignment of the identifier to the intended individual, group, role, service, or device. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The middlebox is a security-critical element capable of being used as an unauthorized man-in-the-middle. As such, physical access to this element must be limited to individuals who have been specifically authorized access to the device and connections to the device. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The middlebox is a security-critical element capable of being used as an unauthorized man-in-the-middle. As such, physical access to this element must be controlled and limited to authorized staff. |
||
Supports (integral to) CA-7: Continuous Monitoring |
In the passive inspection architectures, the break and inspect device captures TLS 1.3-protected traffic, decrypts it, re-encrypts it, and routs it to analytic platforms in a form that permits its use in conducting continuous monitoring. |
||
Supports (example of) SC-8: Transmission Confidentiality and Integrity |
The break and inspect middlebox re-encrypts the traffic to provide cryptographic protection to data-in-transit within the data center. |
||
Supports (example of) SC-12: Cryptographic Key Establishment and Management |
The break and inspect middlebox obtains keys from the enterprise PKI and routes keys to the key governance platform to support decryption and re-encryption functions necessary to the secure operation of continuous network monitoring and analytics necessary to detect potential cybersecurity events. |
||
Supports (integral to) SI-4: System Monitoring |
In the passive inspection architectures, the network tap diverts TLS 1.3-protected traffic to invoke internal monitoring and analysis for attacks and indicators of potential attacks, unauthorized local, network, and remote connections, unauthorized use of the system, and analysis of detected events and anomalies. |
||
Real Time Analytics Platform |
Set of tools for examining unencrypted payloads to identify undesired characteristics such as identification of causes of network or applications performance degradation or failures, key management-based communications failures, detection and identification of anomalous received data, identification of sources of anomalous data, and detection of traffic from unauthorized sources), and identification of legitimate enterprise data being exfiltrated to anomalous destinations. |
Is supported by (precedes) AC-1: Access Control Policy and Procedures |
Organizational security policy is prerequisite to determining authorized vs unauthorized data sources and destinations. |
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege. |
The real time analytics platform accesses a variety of potentially sensitive unencrypted payloads in large quantities. Only personnel having duties specifically authorizing access to the payloads may have access permission. |
||
Is supported by (integral to) AC-17: Remote Access |
The real time analytics platform processes potentially sensitive decrypted TLS traffic. Therefore, remote access to the platform must be controlled. |
||
Is supported by (integral to) IA-2: Identification and Authentication (Organizational Users) |
Authorization for access to the analytics platform(s) must require prior credentialling and authorization of the responsible staff. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The analytics platform is a has access to decrypted sensitive information. As such, physical access to this element must be limited to individuals who have been specifically authorized access to the device and connections to the device. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The analytics platform is a has access to decrypted. As such, physical access to this element must be controlled and limited to authorized staff. |
||
Supports (example of) CA-7: Continuous Monitoring |
The real time analytics platform monitors the network for unauthorized connections and devices. The real time analytics platform also monitors the network for undesired characteristics such as identification of causes of network or applications performance degradation or failures, key management-based communications failures, detection and identification of anomalous received data, identification of sources of anomalous data, and detection of traffic from unauthorized sources), and identification of legitimate enterprise data being exfiltrated to anomalous destinations. |
||
Supports (example of) CM-2: Baseline Configuration |
The data provided by the real time analytics platform�s tools are used to maintain and manage the baseline of network operations and expected data flows. |
||
Supports (example of) IR-4: Incident Handling |
The real time analytics platform�s tools support determination of the impact of anomalous events which is essential to incident handling. |
||
Supports (example of) IR-5: Incident Monitoring |
The analytics platform is an incident monitoring and analytics tool. |
||
Supports (example of) SA-9: External System Services cybersecurity events. |
The real time analytics platform monitors the network for potential cybersecurity events that might be initiated by external service providers. |
||
Supports (integral to) SI-4: System Monitoring |
The real-time analytics platform is an integral element of system monitoring. It enables discovery of attacks and indicators of potential attacks, unauthorized local, network, and remote connections, unauthorized use of the system, and analysis of detected events and anomalies. |
||
Supports (example of) SR-6: Supplier Assessments and Reviews |
Information discovered in the course of analytics contributes to audit and evaluation of connected business partners for conformance with contractual data security obligations. |
||
Supports (example of) SR-6: Supplier Assessments and Reviews |
Information discovered in the course of analytics contributes to audit and evaluation of connected business partners for conformance with contractual data security obligations. |
||
Traffic Capture Platform for Post Facto Decryption and Analysis |
Encrypted storage of captured traffic to allow subsequent analytics of captured traffic. This can be encrypted storage of the captured decrypted traffic or storage of the captured original encrypted traffic. |
Is supported by (precedes) AC-1: Access Control Policy and Procedures |
Organizational security policy is prerequisite to determining authorized vs unauthorized data sources and destinations. |
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege. |
The post facto decryption and analysis platform accesses a variety of potentially sensitive cryptographic keys and decrypted payloads in large quantities. Only personnel having duties specifically authorizing access to the payloads may have access permission. |
||
Is supported by (integral to) AC-17: Remote Access |
The post facto decryption and analysis platform processes key variables and potentially sensitive decrypted TLS traffic. Therefore, remote access to the platform must be controlled. |
||
Is supported by (integral to) IA-2: Identification and Authentication (Organizational Users) |
Authorization for access to the post facto decryption and analysis platform must require prior credentialling and authorization of the responsible staff. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The post facto decryption and analysis platform has access to cryptographic keys and decrypted sensitive information. As such, physical access to this element must be limited to individuals who have been specifically authorized access to the device and connections to the device. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The post facto decryption and analysis platform has access to cryptographic keys and decrypted sensitive information. As such, physical access to this element must be controlled and limited to authorized staff. |
||
Supports (example of) CM-2: Baseline Configuration |
The data provided by the post facto decryption and analysis platform�s tools are used to maintain and manage the baseline of network operations and expected data flows. |
||
Supports (example of) IR-4: Incident Handling |
The post facto decryption and analysis platform�s tools support determination of the impact of anomalous events which is essential to incident handling. |
||
Supports (example of) IR-5: Incident Monitoring |
The post facto decryption and analysis platform is an incident monitoring and analytics tool. |
||
Supports (example of) SA-9: External System Services cybersecurity events. |
The post facto decryption and analysis platform supports a history of potential network-based cybersecurity events that might be initiated by external service providers. |
||
Supports (integral to) SC-12: Cryptographic Key Establishment and Management |
The platform performs cryptographic key management processes necessary to decryption for post facto analysis. |
||
Supports (example of) SC-18: Mobile Code |
Post facto analysis of TLS 1.3-protected traffic supports detection of unauthorized mobile code. |
||
Supports (integral to) SC-28: Protection of Data-at-Rest |
Traffic is stored only in encrypted form. |
||
Supports (example of) SC-35: External Malicious Code Identification |
Post facto analysis of TLS 1.3-protected traffic supports detection of and identification of malicious code from external sources. |
||
Supports (integral to) SI-4: System Monitoring |
Post facto analysis of captured, decrypted, and re-encrypted TLS 1.3-protected data permits analysis of information obtained through network monitoring to detect characteristics such as identification of causes of network or applications performance degradation or failures, key management-based communications failures, detection and identification of anomalous received data, identification of sources of anomalous data, and detection of traffic from unauthorized sources), and identification of legitimate enterprise data being exfiltrated to anomalous destinations. |
||
Supports (example of) SR-6: Supplier Assessments and Reviews |
Information discovered in the course of analytics contributes to audit and evaluation of connected business partners for conformance with contractual data security obligations. |
||
Supports (example of) SR-6: Supplier Assessments and Reviews |
Information discovered in the course of analytics contributes to audit and evaluation of connected business partners for conformance with contractual data security obligations. |
||
Key Governance Platform |
Security module performing storage and distribution of keys (e.g., discover, create, renew, provision, revoke, and destroy certificates and keys). Bounded lifetime DH keys are pushed to the TLS server and passive decrypt device providing real time decryption, they are also stored for future use by decrypt solutions that work with captured encrypted sessions. Ephemeral session keys and flow identification data are received from the Session Key Capture agent or the decrypt platform providing real time decryption using these keys and stored for future use by decrypt solutions that work with captured encrypted sessions. |
Is supported by (precedes) AC-2: Account Management |
Authorization for access to (e.g., configuration of) and connections to the key governance platform must require prior credentialling and authorization. |
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege. |
Unauthorized access to TLS transactions can result in access to the full range of information being exchanged. |
||
Is supported by (integral to) AC-17: Remote Access |
The key governance platform discovers, creates, renews, provisions, revokes, and destroys certificates and keys upon which transport layer security relies. Unauthorized access to these keys and processes compromises the effectiveness of TLS. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The key governance platform discovers, creates, renews, provisions, revokes, and destroys certificates and keys upon which transport layer security relies. As such, the key governance platform has access to cryptographic keys used to decrypt and re-encrypt sensitive information and processes used to protect the confidentiality and integrity of the keys. Physical access to this element must be limited to individuals who have been specifically authorized access to the device and connections to the device. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The key governance platform discovers, creates, renews, provisions, revokes, and destroys certificates and keys upon which transport layer security relies. As such, the key governance platform has access to cryptographic keys used to decrypt and re-encrypt sensitive information and processes used to protect the confidentiality and integrity of the keys. As such, physical access to this element must be controlled and limited to authorized staff. |
||
Is supported by (integral to) SC-12: Cryptographic Key Establishment and Management |
Conformance to cryptographic key establishment and management controls is necessary for the correct and secure operation of the key governance platform. |
||
Supports (integral to) CA-7: Continuous Monitoring |
The key governance platform permits continuous network monitoring to detect potential cybersecurity events by providing key variable information necessary to enable decrypting and forwarding re-encrypted traffic (by data center keys) to real time and post facto analysis platforms. |
||
Supports (integral to) SC-8: Transmission Confidentiality and Integrity |
Keys are distributed within the data center in encrypted form only. |
||
Supports (integral to) SC-12: Cryptographic Key Establishment and Management |
The key governance platform discovers, creates, renews, provisions, revokes, and destroys certificates and keys upon which transport layer security relies. |
||
Supports (integral to) SC-28: Protection of Data-at-Rest |
Keys are stored only in encrypted form. |
||
TLS Server |
Counter party for encrypted traffic that generates session keys, negotiates encryption protocols, and connects to key management infrastructure. |
Is supported by (precedes) AC-1: Access Control Policy and Procedures |
The organization must establish monitoring and analysis roles that are authorized access to the server processes and information associated with inspection and analysis of TLS traffic in order to configure system access controls. The authorized roles must be consistent with internal information protection policies and agreements with external partners. |
Is supported by (integral to) AC-2: Account Management |
Authorization for access to (e.g., configuration of) TLS servers must require prior credentialling and authorization of appropriate staff. |
||
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege. |
The TLS server has access to all information being transferred under TLS. Only personnel having duties specifically authorizing access to the payloads may have access permission. Access to the TLS transactions and security processes by unauthorized individuals can result in serious harm to the organization. |
||
Is supported by (integral to) AC-17: Remote Access |
The TLS server performs TLS cryptographic processes, including access to keys. It hosts the session key capture and registration agent. Privileged remote access to the server can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
TLS cryptographic processes, including access to keys. It hosts the session key capture and registration agent. Rationale for authorization should stress need-to-know. Physical access to the server can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PE-3: Physical Access Control |
TLS cryptographic processes, including access to keys. It hosts the session key capture and registration agent. Control of physical access to the server is essential to avoiding unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) SC-8: Transmission Confidentiality and Integrity |
TLS server provides TLS 1.3 protection to data-in-transit outside the data center. TLS server also provides cryptographic protection to its connections within the data center. |
||
Key Management Agent |
Provisions the TLS server with bounded lifetime DH keys under control of the key governance platform. |
Is supported by (precedes) AC-1: Access Control Policy and Procedures |
The key management agent has access to the session keys under which TLS transactions are protected. Organizational access control policies and procedures need to support limiting access to the key management agent to only those individuals who are authorized access to the keys and information protected under the keys. |
Is supported by (integral to) AC-2: Account Management |
The key management agent has access to the session keys under which TLS transactions are protected. Authorization for access to The key management agent must require prior credentialling and authorization of appropriate staff. |
||
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege |
The key management agent has access to the session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. For this reason, access must be limited to those having specific duties requiring access to all transactions. |
||
Is supported by (integral to) AC-17: Remote Access |
The key management agent has access to the session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The key management agent has access to the session keys under which TLS transactions are protected. Authorization for physical access must be strictly limited and be informed by need-to-know. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The key management agent has access to the session keys under which TLS transactions are protected. Physical access to the key management agent by unauthorized individuals can result in unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) CA-7: Continuous Monitoring |
The key management agent permits continuous network monitoring to detect potential cybersecurity events by providing key variable information necessary to enable decrypting and forwarding re-encrypted traffic to real time and post facto analysis platforms. |
||
Supports (integral to) SC-8: Transmission Confidentiality and Integrity |
Keys are distributed by the key management agent within the data center in encrypted form only. |
||
Supports (integral to) SC-12: Cryptographic Key Establishment and Management |
Keys are distributed by the key management agent within the data center. |
||
Supports (integral to) SC-28: Protection of Information as Rest |
Keys are stored by the key management agent only in encrypted form. |
||
Supports (integral to) SI-4: System Monitoring |
The key management agent permits network monitoring to detect potential cybersecurity events through distribution of key variable information to decryption processes. |
||
Key Capture and Registration Agent |
Captures the ephemeral session keys and registers the captured keys and flow identification data with the key governance platform. |
Is supported by (precedes) AC-1: Access Control Policy and Procedures |
The key capture and registration agent has access to the session keys under which TLS transactions are protected. Organizational access control policies and procedures need to support limiting access to the key capture and registration agent to only those individuals who are authorized access to the keys and information protected under the keys. |
Is supported by (integral to) AC-2: Account Management |
The key capture and registration agent has access to the session keys under which TLS transactions are protected. Authorization for access to The key capture and registration agent must require prior credentialling and authorization of appropriate staff. |
||
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege |
The key capture and registration agent has access to the ephemeral session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. For this reason, access must be limited to those having specific duties requiring access to all transactions. |
||
Is supported by (integral to) AC-17: Remote Access |
The key capture and registration agent has access to the ephemeral session keys under which TLS transactions are protected. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The key capture and registration agent has access to the ephemeral session keys under which TLS transactions are protected. Authorization for physical access to the key management agent must be limited to the set of individuals authorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The key capture and registration agent has access to the ephemeral session keys under which TLS transactions are protected. Physical access to the key management agent by unauthorized individuals can result in unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) CA-7: Continuous Monitoring |
The key capture and registration agent permits continuous network monitoring to detect potential cybersecurity events by providing key variable information necessary to enable decrypting TLS 1.3-encrypted traffic and forwarding re-encrypted traffic to real time and post facto analysis platforms. |
||
Supports (integral to) SC-8: Transmission Confidentiality and Integrity |
Keys are distributed by the key capture and registration agent within the data center in encrypted form only. |
||
Supports (integral to) SC-12: Cryptographic Key Establishment and Management |
Keys are distributed to the real-time decryption process and the key governance platform by the key capture and registration agent. |
||
Supports (integral to) SC-28: Protection of Information at Rest. |
Keys are stored by the key capture and registration agent only in encrypted form. |
||
Supports (integral to) SI-4: System Monitoring |
The key capture and registration agent permits network monitoring to detect potential cybersecurity events by providing key variable information necessary to enable decrypting and forwarding re-encrypted traffic to real time and post facto analysis platforms. |
||
Key Source |
Stores enterprise private and secret keys. |
Is supported by (integral to) AC-6: Least Privilege. |
The key source has access to private keys. Unrestricted access to the key source can result in unauthorized access to the keys and information protected under the keys for the entire enterprise. |
Is supported by (integral to) AC-17: Remote Access |
The key source has access to private keys, usually for multiple systems. Privileged remote access to the key source can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The enterprise key source has access to private keys. Physical access to the key source must be authorized to only those trusted individuals exercising appropriate roles and possessing need-to-know. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The enterprise key source has access to private keys. Physical access to the enterprise key source must be controlled because unauthorized individuals can result in unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) SC-8: Transmission Confidentiality and Integrity |
Provides keying material for protection of data-in-transit. Only cryptographically protected private and symmetric keys are distributed by the key source. |
||
Supports (integral to) SC-12: Cryptographic Key Establishment and Management |
Provides and protects keying material for protection of data-in-transit within the data center. |
||
Supports (integral to) SC-28: Protection of Information at Rest |
Securely stores keying material for protection of TLS 1.3 traffic within the data center. Keys are physically protected and stored in the key source only in encrypted form. |
||
Enterprise PKI |
Provides enterprise key certificates. |
Is supported by (precedes) AC-1: Access Control Policy and Procedures |
The enterprise PKI distributes the enterprise server certificates. Organizational access control policies and procedures need to support limiting access to the key capture and registration agent to only those individuals who are authorized access to the keys and information protected under the keys. |
Is supported by (integral to) AC-2: Account Management |
The enterprise PKI distributes the enterprise server certificates. Authorization for access to The key capture and registration agent must require prior credentialling and authorization of appropriate staff. |
||
Is supported by (integral to) AC-4: Access Enforcement |
Enforcement implements approved authorization policies for logical access to information and system resources in accordance with applicable access control policies. |
||
Is supported by (integral to) AC-6: Least Privilege. |
The enterprise PKI has access to private keys. Unrestricted access to the key management agent can result in unauthorized access to the keys and information protected under the keys for the entire enterprise � including other enterprises for which it provides PKI services. |
||
Is supported by (integral to) AC-17: Remote Access |
The enterprise PKI has access to private keys, usually for multiple systems. Privileged remote access to the key management agent can result in unauthorized access to the keys and information protected under the keys. |
||
Is supported by (integral to) PE-2: Physical Access Authorization |
The enterprise PKI has access to private keys, usually for multiple systems. Physical access to the enterprise PKI must be authorized to only those trusted individuals exercising appropriate roles and possessing need-to-know. |
||
Is supported by (integral to) PE-3: Physical Access Control |
The enterprise PKI has access to private keys, usually for multiple systems. Physical access to the enterprise PKI must be controlled because unauthorized individuals can result in unauthorized access to the keys and information protected under the keys. |
||
Supports (integral to) SC-8: Transmission Confidentiality and Integrity |
Provides keying material for protection of data-in-transit within the data center. Only cryptographically protected private and symmetric keys are distributed by the enterprise PKI. |
||
Supports (integral to) SC-12: Cryptographic Key Establishment and Management |
Provides keying material for protection of data-in-transit within the data center. |
||
Supports (integral to) SC-28: Protection of Information at Rest |
Provides keying material for protection of decrypted TLS 1.3 traffic sent to storage in post facto analytics platforms within the data center. Keys are stored in the enterprise PKI only in encrypted form. |