1.1 MB | 3 files | DOC, PDF
The management of cryptographic keys is a critical and challenging security management function, especially in the case of a cloud environment.
Encryption and access control are the two primary means for ensuring data confidentiality in any IT environment. In situations where encryption is used as a data confidentiality assurance measure, the management of cryptographic keys is a critical and challenging security management function, especially in large enterprise data centers, due to sheer volume and data distribution (in different physical and logical storage media), and the consequent number of cryptographic keys. This function becomes more complex in the case of a cloud environment, where the physical and logical control of resources (both computing and networking) is split between cloud actors (e.g., consumers, providers, and brokers).
The objectives of this document are to identify:
(a) The cryptographic key management issues that arise due to the distributed nature of IT resources, as well the distributed nature of their control, the latter split among multiple cloud actors. Furthermore, the pattern of distribution varies with the type of service offering - infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS).
(b) The special challenges involved in deploying cryptographic key management functions that meet the security requirements of the cloud consumers, depending upon the nature of the service and the type of data generated/processed/stored by the service features.
The attached zip file includes:
This table outlines the top needs of each stakeholder group that can help guide your conversations on priorities and needs for the GRC program. ... More >>
This publication provides guidelines for establishing and participating in cyber threat information sharing relationships. ... More >>
This document provides recommendations and guidelines for enhancing trust in email, including transmission and content security recommendations. ... More >>