Keys in the Cloud

Categories: IT Security

The Cloud Best Practices Network has just published the second installment of the e-magazine TRANSFORM. This issue, which focuses on various aspects of cloud security, includes my article on “Key Management Strategies for the Hybrid Cloud”, leveraging the use cases that we developed in OASIS KMIP for our work on the next version of KMIP. I presented a version of this information at RSA Conference China and touched on it in an earlier blog.

The intent of the article, as well as the presentations on this topic, is to help architects and designers understand the issues and alternatives for symmetric key management for the cloud. The article presents three deployment models, discussing current implementations as well as benefits and disadvantages of each model. It also touches on the role of standards like KMIP in these models.

kmip

 

 

 

 

 

 

 

 

 

I’m looking forward to discussing these models further in my session with Cryptsoft’s Tim Hudson at RSA Conference US in February. I hope you can join us there!

Bob Griffin
Author:

Bob Griffin is Chief Security Architect at RSA, the Security Division of EMC, where he is responsible for technical architecture, standards and strategy, particularly for RSA’s data security products. He represents EMC to several standards organization, including as co-chair of the OASIS Key Management Interoperability Protocol (KMIP) technical committee. Bob has extensive experience in security strategy, corporate governance, business process transformation and software development. He has had the primary architectural responsibility for a number of production systems environments and for major software engineering projects at RSA, Entrust and Digital Equipment Corporation,. He is a frequently requested speaker for professional and industry conferences and has instructed courses within both professional and university settings.