WEBVTT 1 00:00:00.120 --> 00:00:01.530 In this lesson, 2 00:00:01.530 --> 00:00:04.530 we will learn about secrets management. 3 00:00:04.530 --> 00:00:08.340 Secrets management is securely storing, managing, 4 00:00:08.340 --> 00:00:11.790 and controlling access to sensitive information 5 00:00:11.790 --> 00:00:14.790 to prevent unauthorized access. 6 00:00:14.790 --> 00:00:19.560 Secrets management concepts include tokens, certificates, 7 00:00:19.560 --> 00:00:24.210 passwords, keys, rotation, and deletion. 8 00:00:24.210 --> 00:00:27.180 Tokens are temporary digital credentials 9 00:00:27.180 --> 00:00:30.480 used for authentication or authorization. 10 00:00:30.480 --> 00:00:34.920 Certificates are digital documents that verify the identity 11 00:00:34.920 --> 00:00:38.520 of entities and enable secure communication. 12 00:00:38.520 --> 00:00:42.630 Passwords are traditional secret strings of characters 13 00:00:42.630 --> 00:00:44.670 used for authentication. 14 00:00:44.670 --> 00:00:48.840 And keys are cryptographic elements that secure data 15 00:00:48.840 --> 00:00:52.140 through the encryption and decryption process. 16 00:00:52.140 --> 00:00:55.350 Finally, in order to maintain security, 17 00:00:55.350 --> 00:00:58.170 secrets should be regularly rotated, 18 00:00:58.170 --> 00:01:00.210 meaning updated or replaced. 19 00:01:00.210 --> 00:01:03.240 And to prevent unauthorized access, 20 00:01:03.240 --> 00:01:07.710 secrets should be securely deleted when no longer needed. 21 00:01:07.710 --> 00:01:11.910 Let's learn more about tokens, certificates, passwords, 22 00:01:11.910 --> 00:01:15.360 keys, rotation, and deletion. 23 00:01:15.360 --> 00:01:17.820 First, we have tokens. 24 00:01:17.820 --> 00:01:20.850 Tokens are temporary digital credentials 25 00:01:20.850 --> 00:01:24.150 used for authentication or authorization, 26 00:01:24.150 --> 00:01:28.530 acting like digital keys that grant a user or application 27 00:01:28.530 --> 00:01:32.400 access to a system for a set period of time. 28 00:01:32.400 --> 00:01:36.180 They are widely used in modern security architectures, 29 00:01:36.180 --> 00:01:38.850 especially in web applications 30 00:01:38.850 --> 00:01:42.960 and application programming interfaces, or APIs. 31 00:01:42.960 --> 00:01:45.600 Here, they are used to manage access 32 00:01:45.600 --> 00:01:48.030 securely and efficiently. 33 00:01:48.030 --> 00:01:51.930 For example, when you log into an online service, 34 00:01:51.930 --> 00:01:53.880 you receive a session token 35 00:01:53.880 --> 00:01:57.060 that keeps you logged in for a specific duration 36 00:01:57.060 --> 00:02:00.810 without needing to repeatedly enter your credentials. 37 00:02:00.810 --> 00:02:05.040 This token is usually stored in your browser or application, 38 00:02:05.040 --> 00:02:07.260 and it authorizes your actions 39 00:02:07.260 --> 00:02:10.020 while interacting with that service. 40 00:02:10.020 --> 00:02:13.290 Tokens can be classified into different types, 41 00:02:13.290 --> 00:02:18.290 such as JSON web tokens, OAuth access tokens, or API tokens, 42 00:02:19.680 --> 00:02:22.740 each designed for specific purposes. 43 00:02:22.740 --> 00:02:27.740 For example, JavaScript object notation, or JSON web tokens, 44 00:02:28.200 --> 00:02:31.050 are commonly used to securely transmit 45 00:02:31.050 --> 00:02:36.050 information between parties, containing data like user roles 46 00:02:36.090 --> 00:02:40.260 and permissions encoded within the token itself. 47 00:02:40.260 --> 00:02:42.600 OAuth tokens are widely used 48 00:02:42.600 --> 00:02:45.810 to delegate access between applications, 49 00:02:45.810 --> 00:02:48.720 such as when you use your Google account 50 00:02:48.720 --> 00:02:51.570 to log into a third-party application 51 00:02:51.570 --> 00:02:54.600 without sharing your Google password. 52 00:02:54.600 --> 00:02:58.920 Tokens are signed and often encrypted to prevent tampering 53 00:02:58.920 --> 00:03:00.990 and ensure they can be trusted 54 00:03:00.990 --> 00:03:04.140 by the systems that issue and validate them. 55 00:03:04.140 --> 00:03:07.440 However, because they grant access, 56 00:03:07.440 --> 00:03:10.170 tokens must also be properly managed 57 00:03:10.170 --> 00:03:12.600 to avoid security risks. 58 00:03:12.600 --> 00:03:14.340 If a token is stolen, 59 00:03:14.340 --> 00:03:18.270 an attacker could potentially access sensitive information 60 00:03:18.270 --> 00:03:20.700 until the token expires. 61 00:03:20.700 --> 00:03:24.990 So, to mitigate these risks, tokens are usually designed 62 00:03:24.990 --> 00:03:28.380 to expire after a short period of time, 63 00:03:28.380 --> 00:03:32.070 limiting the timeframe they can be misused. 64 00:03:32.070 --> 00:03:34.500 For example, a session token 65 00:03:34.500 --> 00:03:38.670 might expire after 15 minutes of inactivity, 66 00:03:38.670 --> 00:03:42.000 requiring the user to re-authenticate. 67 00:03:42.000 --> 00:03:45.810 Proper token management, including secure storage, 68 00:03:45.810 --> 00:03:50.610 timely expiration, and the revocation of compromised tokens 69 00:03:50.610 --> 00:03:53.310 helps maintain a secure environment 70 00:03:53.310 --> 00:03:56.730 and protect against unauthorized access. 71 00:03:56.730 --> 00:03:59.580 Second, we have certificates. 72 00:03:59.580 --> 00:04:02.160 Certificates are digital documents 73 00:04:02.160 --> 00:04:06.270 that verify the identity of entities such as users, 74 00:04:06.270 --> 00:04:08.250 devices, or websites, 75 00:04:08.250 --> 00:04:12.000 and enable secure communication between them. 76 00:04:12.000 --> 00:04:14.880 Certificates use cryptographic methods 77 00:04:14.880 --> 00:04:18.900 like public and private key pairs to create trust, 78 00:04:18.900 --> 00:04:23.550 ensuring that the parties involved are who they claim to be. 79 00:04:23.550 --> 00:04:27.480 For example, when you visit a secure website, 80 00:04:27.480 --> 00:04:30.570 your browser checks the site's certificate 81 00:04:30.570 --> 00:04:33.660 to confirm that it is legitimate and safe, 82 00:04:33.660 --> 00:04:36.330 allowing for encrypted communication 83 00:04:36.330 --> 00:04:39.930 and protecting your data from being intercepted. 84 00:04:39.930 --> 00:04:42.990 There are different types of certificates, 85 00:04:42.990 --> 00:04:45.840 each serving specific purposes. 86 00:04:45.840 --> 00:04:48.990 Secure Sockets Layer, Transport Layer Security, 87 00:04:48.990 --> 00:04:51.750 or SSL/TLS certificates, 88 00:04:51.750 --> 00:04:56.250 are commonly used for websites to ensure secure connections 89 00:04:56.250 --> 00:04:59.460 between web browsers and servers. 90 00:04:59.460 --> 00:05:02.040 Code-signing certificates verify 91 00:05:02.040 --> 00:05:06.300 that software or applications have not been tampered with 92 00:05:06.300 --> 00:05:08.730 and are from a trusted source, 93 00:05:08.730 --> 00:05:13.170 ensuring that downloaded programs are safe to use. 94 00:05:13.170 --> 00:05:16.920 Next, client certificates authenticate users, 95 00:05:16.920 --> 00:05:21.300 proving their identity to servers during secure connections, 96 00:05:21.300 --> 00:05:23.910 often used in corporate environments 97 00:05:23.910 --> 00:05:28.650 where users need to be verified across internal systems. 98 00:05:28.650 --> 00:05:32.040 Email certificates, like Secure/Multipurpose 99 00:05:32.040 --> 00:05:34.890 Internet Mail Extensions, or S/MIME, 100 00:05:34.890 --> 00:05:38.430 are used to encrypt and digitally sign emails, 101 00:05:38.430 --> 00:05:41.070 ensuring that messages are secure 102 00:05:41.070 --> 00:05:43.890 and sent from verified senders. 103 00:05:43.890 --> 00:05:48.090 Finally, device certificates authenticate devices, 104 00:05:48.090 --> 00:05:51.630 such as printers or servers, within a network, 105 00:05:51.630 --> 00:05:54.600 ensuring that only trusted hardware 106 00:05:54.600 --> 00:05:57.330 can communicate within the environment. 107 00:05:57.330 --> 00:06:01.980 Certificates must be carefully managed, regularly updated, 108 00:06:01.980 --> 00:06:06.270 and securely stored to maintain their trustworthiness. 109 00:06:06.270 --> 00:06:09.600 Expired or misconfigured certificates 110 00:06:09.600 --> 00:06:14.160 can cause security warnings or interruptions in service. 111 00:06:14.160 --> 00:06:19.160 For example, if a website's SSL/TLS certificate expires, 112 00:06:19.890 --> 00:06:23.850 users will see a warning that the site is not secure, 113 00:06:23.850 --> 00:06:28.620 potentially leading to a loss of trust and access issues. 114 00:06:28.620 --> 00:06:32.670 Proper certificate management includes renewing certificates 115 00:06:32.670 --> 00:06:36.450 before expiration, revoking them if compromised, 116 00:06:36.450 --> 00:06:39.120 and ensuring they are correctly configured 117 00:06:39.120 --> 00:06:41.880 to protect communication channels. 118 00:06:41.880 --> 00:06:44.490 Third, we have passwords. 119 00:06:44.490 --> 00:06:48.000 Passwords are traditional credentials made up 120 00:06:48.000 --> 00:06:51.360 of secret strings of characters that users enter 121 00:06:51.360 --> 00:06:55.140 to prove their identity during authentication. 122 00:06:55.140 --> 00:06:58.230 Passwords are commonly used across websites, 123 00:06:58.230 --> 00:07:00.750 applications, and systems, 124 00:07:00.750 --> 00:07:03.930 but they are vulnerable to various attacks, 125 00:07:03.930 --> 00:07:06.990 such as guessing, phishing, brute force, 126 00:07:06.990 --> 00:07:09.150 and credential stuffing. 127 00:07:09.150 --> 00:07:12.990 Passwords should never be stored in plain text. 128 00:07:12.990 --> 00:07:15.750 Instead, they should be stored securely 129 00:07:15.750 --> 00:07:19.170 using cryptographic techniques like hashing. 130 00:07:19.170 --> 00:07:22.500 Hashing converts the password into a fixed-length 131 00:07:22.500 --> 00:07:26.940 string of characters that is unique to the password input. 132 00:07:26.940 --> 00:07:29.310 So, when a user logs in, 133 00:07:29.310 --> 00:07:32.190 the system hashes their entered password 134 00:07:32.190 --> 00:07:35.490 and compares it to the stored password hash, 135 00:07:35.490 --> 00:07:39.180 ensuring the original password is never exposed, 136 00:07:39.180 --> 00:07:41.760 while allowing authentication. 137 00:07:41.760 --> 00:07:44.550 To reduce the risk of password exposure, 138 00:07:44.550 --> 00:07:47.520 passwords should be rotated periodically, 139 00:07:47.520 --> 00:07:50.010 meaning they should be updated or changed 140 00:07:50.010 --> 00:07:51.840 on a regular schedule. 141 00:07:51.840 --> 00:07:55.410 In high security environments, additional measures, 142 00:07:55.410 --> 00:07:57.570 such as salting passwords, 143 00:07:57.570 --> 00:08:00.690 enforcing domain-wide password policies, 144 00:08:00.690 --> 00:08:03.210 using two-factor authentication, 145 00:08:03.210 --> 00:08:06.060 and monitoring for compromised credentials, 146 00:08:06.060 --> 00:08:10.230 can further protect against unauthorized access. 147 00:08:10.230 --> 00:08:13.500 In all cases, proper password management 148 00:08:13.500 --> 00:08:16.320 and secure storage are essential. 149 00:08:16.320 --> 00:08:18.750 Fourth, we have keys. 150 00:08:18.750 --> 00:08:23.220 Keys are cryptographic elements used to secure data 151 00:08:23.220 --> 00:08:26.670 through the encryption and decryption process. 152 00:08:26.670 --> 00:08:29.520 They include public and private keys 153 00:08:29.520 --> 00:08:32.970 in the public key infrastructure, or PKI, 154 00:08:32.970 --> 00:08:36.900 and symmetric keys used for data encryption. 155 00:08:36.900 --> 00:08:40.920 Keys must be handled carefully because improper management, 156 00:08:40.920 --> 00:08:44.130 such as storing them in insecure locations 157 00:08:44.130 --> 00:08:45.900 or embedding them in code, 158 00:08:45.900 --> 00:08:48.900 can lead to exposure and compromise. 159 00:08:48.900 --> 00:08:53.160 When keys are compromised, they must be immediately revoked, 160 00:08:53.160 --> 00:08:56.730 replaced, and the systems that relied on those keys 161 00:08:56.730 --> 00:09:01.110 must be re-secured to maintain data protection. 162 00:09:01.110 --> 00:09:04.740 There are several common issues with cryptographic keys 163 00:09:04.740 --> 00:09:08.910 that you should consider, including mismatched keys, 164 00:09:08.910 --> 00:09:12.180 improper key handling, embedded keys, 165 00:09:12.180 --> 00:09:16.560 rekeying, and compromised or exposed keys. 166 00:09:16.560 --> 00:09:20.040 Mismatched keys occur when the wrong public 167 00:09:20.040 --> 00:09:23.880 or private key pair is used to decrypt data, 168 00:09:23.880 --> 00:09:26.730 resulting in errors like "key mismatch" 169 00:09:26.730 --> 00:09:30.090 or "X509_check_private_key." 170 00:09:30.090 --> 00:09:33.660 These errors indicate that the correct key pair 171 00:09:33.660 --> 00:09:37.590 needs to be used to successfully access the data. 172 00:09:37.590 --> 00:09:42.450 Next, improper key handling involves failing to maintain 173 00:09:42.450 --> 00:09:46.950 the secrecy and protection of private or symmetric keys. 174 00:09:46.950 --> 00:09:51.060 If these keys are not properly secured during storage, 175 00:09:51.060 --> 00:09:55.380 they can become exposed, leading to data compromise. 176 00:09:55.380 --> 00:09:58.170 Keys stored in insecure locations 177 00:09:58.170 --> 00:10:00.300 should be assumed compromised, 178 00:10:00.300 --> 00:10:02.400 and must be immediately revoked 179 00:10:02.400 --> 00:10:07.170 and replaced with new keys to restore system security. 180 00:10:07.170 --> 00:10:09.930 Embedded keys are stored on special 181 00:10:09.930 --> 00:10:12.690 read-only cryptographic storage chips 182 00:10:12.690 --> 00:10:17.250 and cannot be easily revoked or replaced if compromised. 183 00:10:17.250 --> 00:10:20.610 These keys, along with the devices that use them, 184 00:10:20.610 --> 00:10:23.100 are part of the encryption solution, 185 00:10:23.100 --> 00:10:25.980 and so they must be carefully protected 186 00:10:25.980 --> 00:10:29.970 from tampering to prevent unauthorized access. 187 00:10:29.970 --> 00:10:34.970 Next, rekeying is the process of renegotiating session keys 188 00:10:35.310 --> 00:10:38.550 during a communication session, often based 189 00:10:38.550 --> 00:10:42.930 on the volume of traffic processed rather than time. 190 00:10:42.930 --> 00:10:45.900 This process ensures that encryption 191 00:10:45.900 --> 00:10:48.360 remains strong over time. 192 00:10:48.360 --> 00:10:51.480 For example, in WPA3, 193 00:10:51.480 --> 00:10:55.080 with the simultaneous authentication of equals, 194 00:10:55.080 --> 00:11:00.000 session keys are frequently renegotiated, or rekeyed, 195 00:11:00.000 --> 00:11:03.690 to maintain the security of the data in transit. 196 00:11:03.690 --> 00:11:07.080 Finally, compromised or exposed keys 197 00:11:07.080 --> 00:11:09.960 present a significant security risk, 198 00:11:09.960 --> 00:11:13.350 as they indicate that unauthorized access 199 00:11:13.350 --> 00:11:16.650 to a private or symmetric key has occurred. 200 00:11:16.650 --> 00:11:19.440 If a private key is exposed, 201 00:11:19.440 --> 00:11:23.100 it and any associated digital certificates 202 00:11:23.100 --> 00:11:25.410 must be immediately revoked, 203 00:11:25.410 --> 00:11:28.380 replaced, and securely destroyed. 204 00:11:28.380 --> 00:11:32.310 Any data previously protected by the compromised key 205 00:11:32.310 --> 00:11:35.790 should be identified, and remediation actions 206 00:11:35.790 --> 00:11:40.790 should be taken to ensure that that data remains secure. 207 00:11:40.950 --> 00:11:43.680 Fifth, we have rotation. 208 00:11:43.680 --> 00:11:47.700 Key rotation is the process of regularly updating 209 00:11:47.700 --> 00:11:52.050 or replacing cryptographic keys, passwords, tokens, 210 00:11:52.050 --> 00:11:56.310 and other sensitive credentials to maintain security. 211 00:11:56.310 --> 00:11:58.350 This practice is essential, 212 00:11:58.350 --> 00:12:02.520 because it reduces the risk of unauthorized access 213 00:12:02.520 --> 00:12:04.980 by limiting the time an attacker 214 00:12:04.980 --> 00:12:08.610 has to exploit compromised credentials. 215 00:12:08.610 --> 00:12:11.730 For example, in a secure system, 216 00:12:11.730 --> 00:12:15.900 cryptographic keys might be rotated every few months 217 00:12:15.900 --> 00:12:18.960 to ensure that even if a key is exposed, 218 00:12:18.960 --> 00:12:20.940 it can't be used for long. 219 00:12:20.940 --> 00:12:22.530 During key rotation, 220 00:12:22.530 --> 00:12:25.920 all active keys are replaced with new ones, 221 00:12:25.920 --> 00:12:28.320 and the old keys are revoked 222 00:12:28.320 --> 00:12:32.730 and securely destroyed to prevent their reuse. 223 00:12:32.730 --> 00:12:36.300 This ensures that any potential vulnerabilities 224 00:12:36.300 --> 00:12:39.930 associated with older keys are eliminated. 225 00:12:39.930 --> 00:12:42.360 By frequently rotating keys, 226 00:12:42.360 --> 00:12:46.770 the window of opportunity for attack is minimized. 227 00:12:46.770 --> 00:12:50.850 Finally, key rotation involves re-encrypting data 228 00:12:50.850 --> 00:12:54.390 with the new keys, updating access controls, 229 00:12:54.390 --> 00:12:57.510 and ensuring all systems using the keys 230 00:12:57.510 --> 00:13:00.690 are synchronized with the latest versions. 231 00:13:00.690 --> 00:13:04.200 For example, in a system using encryption, 232 00:13:04.200 --> 00:13:08.670 key rotation might mean generating a new encryption key 233 00:13:08.670 --> 00:13:13.440 and re-encrypting stored data to match this new key. 234 00:13:13.440 --> 00:13:17.040 Sixth and last, we have deletion. 235 00:13:17.040 --> 00:13:20.970 Deletion is the secure process of destroying secrets 236 00:13:20.970 --> 00:13:24.660 such as passwords, tokens, or cryptographic keys 237 00:13:24.660 --> 00:13:29.160 that are no longer needed to prevent unauthorized access. 238 00:13:29.160 --> 00:13:32.190 One effective method of secure deletion 239 00:13:32.190 --> 00:13:34.020 is cryptographic shredding, 240 00:13:34.020 --> 00:13:36.810 which involves destroying the decryption keys 241 00:13:36.810 --> 00:13:38.610 that protect the data. 242 00:13:38.610 --> 00:13:41.280 When the key is destroyed, the encrypted data 243 00:13:41.280 --> 00:13:45.240 becomes permanently unreadable and essentially deleted 244 00:13:45.240 --> 00:13:48.150 because it can no longer be decrypted. 245 00:13:48.150 --> 00:13:51.480 For example, if a hard drive is encrypted 246 00:13:51.480 --> 00:13:54.720 with the Advanced Encryption Standard, or AES, 247 00:13:54.720 --> 00:13:57.690 which is a strong key, and that key is shredded, 248 00:13:57.690 --> 00:14:01.500 the data on the drive becomes inaccessible. 249 00:14:01.500 --> 00:14:02.910 Without the key, 250 00:14:02.910 --> 00:14:06.210 even if someone gains access to the encrypted data, 251 00:14:06.210 --> 00:14:09.390 it remains secure and unreadable. 252 00:14:09.390 --> 00:14:13.440 This approach is commonly used in cloud storage environments 253 00:14:13.440 --> 00:14:16.830 where simply deleting files is not enough 254 00:14:16.830 --> 00:14:19.050 to ensure data privacy. 255 00:14:19.050 --> 00:14:21.420 By destroying the encryption keys, 256 00:14:21.420 --> 00:14:23.670 organizations can be confident 257 00:14:23.670 --> 00:14:26.190 that the data is permanently secured 258 00:14:26.190 --> 00:14:29.070 and cannot be recovered by anyone. 259 00:14:29.070 --> 00:14:33.360 So, remember, secrets management is the practice 260 00:14:33.360 --> 00:14:37.740 of securely storing, managing, and controlling access 261 00:14:37.740 --> 00:14:42.570 to sensitive information to prevent unauthorized access. 262 00:14:42.570 --> 00:14:45.150 Secrets management includes managing 263 00:14:45.150 --> 00:14:48.240 various types of secrets, like tokens, 264 00:14:48.240 --> 00:14:52.110 certificates, passwords, and cryptographic keys, 265 00:14:52.110 --> 00:14:56.520 as well as processes like rotation and deletion. 266 00:14:56.520 --> 00:15:00.660 Tokens are temporary credentials used for access. 267 00:15:00.660 --> 00:15:04.680 Certificates verify the identity of entities. 268 00:15:04.680 --> 00:15:07.470 Passwords authenticate users. 269 00:15:07.470 --> 00:15:11.550 And keys are used to encrypt and decrypt data. 270 00:15:11.550 --> 00:15:14.460 Regular rotation of these secrets 271 00:15:14.460 --> 00:15:16.860 ensures they are updated frequently, 272 00:15:16.860 --> 00:15:20.340 reducing the risk of unauthorized access 273 00:15:20.340 --> 00:15:24.930 by limiting the time a compromised secret can be exploited. 274 00:15:24.930 --> 00:15:28.560 Secure deletion is used to completely remove secrets 275 00:15:28.560 --> 00:15:32.460 that are no longer needed, ensuring sensitive information 276 00:15:32.460 --> 00:15:35.460 cannot be recovered or misused. 277 00:15:35.460 --> 00:15:39.690 So, proper secrets management helps protect systems, 278 00:15:39.690 --> 00:15:41.520 maintains data integrity, 279 00:15:41.520 --> 00:15:43.680 and supports the secure operation 280 00:15:43.680 --> 00:15:46.353 of applications and networks.