The Cloud Best Practices Network has just published the second installment of the e-magazine TRANSFORM. This issue, which focuses on various aspects of cloud security, includes my article on “Key Management Strategies for the Hybrid Cloud”, leveraging the use cases that we developed in OASIS KMIP for our work on the next version of KMIP. I presented a version of this information at RSA Conference China and touched on it in an earlier blog.
The intent of the article, as well as the presentations on this topic, is to help architects and designers understand the issues and alternatives for symmetric key management for the cloud. The article presents three deployment models, discussing current implementations as well as benefits and disadvantages of each model. It also touches on the role of standards like KMIP in these models.
I’m looking forward to discussing these models further in my session with Cryptsoft’s Tim Hudson at RSA Conference US in February. I hope you can join us there!