WWW.BOOK.DISLIB.INFO
FREE ELECTRONIC LIBRARY - Books, dissertations, abstract
 
<< HOME
CONTACTS



Pages:     | 1 || 3 |

«Version 1.0 Released: September 13, 2012 Securosis, L.L.C. Securosis, L.L.C. Author’s Note The content in this report was ...»

-- [ Page 2 ] --

Additionally, backup and storage systems themselves might place the encryption engine in any of a wide variety of locations – from individual disk and tape drives, to backup controllers, to server software, to inline proxies.

Some systems store the key with the data – sometimes in special hardware added to the tape or drive – while others place it with the engine, and still others keep it in an external key management server.

Between all this complexity and poor implementations by storage vendors, I tend to see external key management used for backup and storage more than for just about any other data encryption usage.

Application encryption Our last example is application encryption. One of the more secure ways to encrypt application data is to collect it in the application, send it to an encryption server or appliance (or embed it in the application code), and then store the encrypted data in a separate database. The keys themselves might be on the encryption server, or could even be stored in yet another system. The separate key store offers greater security, simplifies management for multiple encryption appliances, and helps keep keys safe for data movement – backup, restore, and migration/synchronization to other data centers.

In each of these examples we see multiple options for where to place the components – with the corresponding tradeoffs in security, manageability, and other aspects. This list isn’t comprehensive but should give you a taste of the different ways these bits and pieces can be mixed and matched for different data encryption systems.

Next we will build on this to define the four major key management strategies, followed by recommendations for how to pick the right options to suit our needs.

–  –  –

The Four Key Management Strategies In the last section we covered the components of data encryption systems and ran through some common examples.

Now it’s time to move on to key management itself, and dig into the four different key management strategies.

We need to start with a discussion of the differences between encryption operations and key management; then we will detail the different enterprise-level strategies.

The differences between key management and encryption operations As we focus on data encryption across the organization rather than isolated applications of basic encryption, it is time to spend a moment on what we mean when we discuss key management vs. encryption operations.

Every data encryption operation involves a key, so there is always a key to manage, but a full-fledged management system is the most important aspect of building a multipart encryption system.

Many data encryption systems don’t bother with “real” key management – they only store keys locally, and users never interact with the keys directly. For example, if you encrypt data with a passphrase using one of the many common command-line tools available, the odds are good that you don’t do anything with the key beyond choosing an encryption algorithm and key length. Super-simple implementations don’t bother to store the key at all – it is generated as needed from the passphrase. In slightly more complex (but still relatively simple) cases the key is actually stored with the data, protected by a series of other keys which are still generated from passphrases.

There is a clear division between this and the enterprise model, where you actively manage keys. Key management involves separating keys from data for increased flexibility and security. It does not require you to move keys to an external system, but that is one of the more important options. You can have multiple keys for the same data, the same key for multiple files, key backup and recovery, and many more choices.

There are four main approaches to managing data encryption keys within an organization. These apply to individual cryptosystems, to various different kinds of applications, and to larger and more complicated cryptography systems.

Many of them also apply to other kinds of encryption operations, such as digital signatures and certificates, but we aren’t concerned with those for this paper.

–  –  –

Local key management This option is the closest to doing nothing at all for key management. Keys are all managed locally (on a single system or a cluster of systems), with all key functions handled within a single application.

Local key management is actually quite common, even though it isn’t always the best idea. Common examples include:

• Full disk encryption managed by a single user (e.g., Bitlocker or FileVault without tying into a key management server)

• Transparent database encryption

• Building encryption into an application server

• Basic backup encryption

• File server or SAN/NAS encryption In each of these cases all keys can be managed locally – in which case any key rotation, backup/restore, or auditing also must be built into the local system, but more often these capabilities are simply nonexistent.

Local key management isn’t necessarily bad, in particular isolated scenarios. For example, if you back up your data unencrypted, or with a system that uses its own keys, there may be no reason to worry about managing local keys. But for anything serious – including anything with compliance requirements – relying on local key management is asking for trouble.





Application stack key management This refers to separating the keys from the local system and managing them within a multi-instance application. Whatever software stack/system you run manages its own keys for its own client software.

Full disk encryption is one of the most common enterprise examples. A central management server handles configuration and keys for all encrypted laptops and desktops that use that vendor’s software. This key management system is never used for anything else, such as databases, but may manage other data encryption features supported by the product

–  –  –

(including file/folder encryption). All important key management functions, including administrative and recovery keys, rotation, backup/restore, and audit, are built into the application stack’s key manager.

Application stacks are closed, proprietary systems that may involve distributed instances. They implement encryption within their own software components, and aren’t designed to manage it externally. That said, many support use of external key management.

Other typical uses include email encryption, some backup encryption tools, and even enterprise Digital Rights Management – DRM is implemented through cryptography.

Application stack key management is totally suitable when it meets the particular requirements of the situation. When encryption is the key function of a product, as with full disk encryption, this approach often works perfectly – with no need for additional key management. On the other hand, when encryption is merely a feature of an existing product, key management is often minimal at best – typified by encryption products bolted onto existing backup systems.

–  –  –

We call this “silo” key management since a key manager is typically used for one or more applications managed within a single organizational silo. For example, you might have one silo to manage full disk encryption keys, another for database and application keys, and another for storage keys. Each of these silos is managed independently, on different hardware/ software.

A variety of dedicated key management options are available – including hardened hardware appliances (Hardware Security Modules, HSMs), software, virtual appliances, and even Software as a Service (SaaS). We are focusing on key management strategies rather than products, so we won’t go into all the various features and functions, but suffice it to say they tend to have far more robust capabilities (and often stronger security) than all but the best application stack tools. Aside from all the added functionality of an external service, the external service can manage keys for multiple different application stacks. This can be important for unifying auditing/reporting and meeting other compliance requirements.

Key management tools also reduce the overhead and complexity of encryption operations – especially for application and database encryption, where application stack management often isn’t available. Using APIs and plugins, your developers and DBAs don’t need to reinvent the wheel; something very few people – including crypto experts – manage to do securely. This approach also removes keys from the systems involved when they aren’t needed, further benefiting security. Hardened encryption engines that link up with external key managers offer high-security modes, where they do things like pull the key down for a single operation, use it, and then overwrite the key’s memory addresses to completely eliminate it from the system.

Pragmatic Key Management for Encryption 10 Securosis, L.L.C.

Not to give away the next section, but if a data encryption feature or software doesn’t include centralized key management, or your application stack key management software doesn’t provide all the functions you need, it’s time to move up to a dedicated key management service. The most common places we see these are backup and storage encryption, application and database encryption, and data encryption for cloud services. But at this level we are still dealing with a somewhat-isolated silo versus an enterprise strategy.

Enterprise key management Building on silo key management, enterprise key management adds a “manager of managers” to centralize most or all key management within the organization. We are focused on data encryption key management, but this may also encompass keys for other operations such as certificate management. The manager adds features to broaden its scope;

such as improved separation of duties; integration and management of other dedicated key managers; the ability to segregate keys and users based on role, use, etc.

While an organization might have a collection of different key management services in different silos, enterprise key management ties them all together with central administration and management. Practically speaking there will probably still be some silos, but this strategy embraces and manages keys for at least most encrypted data.

Although enterprise key management has been discussed for years, it is more of a vision organizations strive towards and used by relatively few enterprises. We predominantly see it within financial services, retail, and other companies with need for distributed encryption operations across application silos. In some cases, we even see it used to exchange keys between organizations.

Enterprise key management can also play a key role in use cases beyond data encryption- especially certificate, identification, and signing functions where keys and certificates need to work across different systems, applications, or even functions. We’ll go into more selection details in the next section, but organizations should take a look at enterprise key management if they anticipate ever needing cross-domain/silo keys, such as those used to encrypt data in an application, but then decrypt or use it in other applications, databases, or analysis tools.

To recap, the four key management strategies are:

• Manage keys locally

• Manage keys within an single application stack with a built-in key management feature

• Manage keys for a silo using an external key management service/server/appliance, separate from the data and application stacks

• Coordinate management of (most or all) keys across the enterprise with a centralized key management tool Next we will talk about how to choose your strategy, and when to switch between these options.

–  –  –

Choosing Your Key Management Strategy In our last section we covered the four enterprise key management strategies. Here’s how to pick the right strategy for your organization.

To recap, there are four key management strategies:

• Local management

• Application stack management

• Silo management

• Enterprise key management

As much as I would like to drag this out into a long and complex assessment process, it’s actually fairly simple:



Pages:     | 1 || 3 |


Similar works:

«UK Standards for Microbiology Investigations Investigation of intravascular cannulae and associated specimens Issued by the Standards Unit, Microbiology Services, PHE Bacteriology | B 20 | Issue no: 6 | Issue date: 30.11.15 | Page: 1 of 24 © Crown copyright 2015 Investigation of intravascular cannulae and associated specimens Acknowledgments UK Standards for Microbiology Investigations (SMIs) are developed under the auspices of Public Health England (PHE) working in partnership with the...»

«The Assist Report CREATING POSITIVE HEALTH ALTERNATIVES www.drhuggins.com 1-866-948-4638 Dental Toxicity Can Be Overcome! The Assist Report is designed to be followed along side your dental revision when using an Protocol Trained Dentist in your area. If your body and immune system have been affected by dental toxins then utilizing this program is beneficial for your recovery. Balanced Chemistry For Better Health The Assist Report The truth of the matter. Doctors are taught in school that if a...»

«Aus dem Institut für Vegetative Physiologie der Medizinischen Fakultät Charité – Universitätsmedizin Berlin DISSERTATION Investigation of the therapeutic effect of External Pneumatic Counterpulsation on the myocardial and cerebrovascular arterial circulation zur Erlangung des akademischen Grades Doctor medicinae (Dr. med.) vorgelegt der Medizinischen Fakultät Charité – Universitätsmedizin Berlin von Eva Buschmann aus Graz, Österreich Datum der Promotion: 11. Dezember 2015 Contents...»

«PAN AMERICAN HEALTH ORGANIZATION WORLD HEALTH ORGANIZATION 130th SESSION OF THE EXECUTIVE COMMITTEE Washington, D.C., USA, 24-28 June 2002 Provisional Agenda Item 7.1 CE130/28 (Eng.) 31 May 2002 ORIGINAL: ENGLISH RESOLUTIONS AND OTHER ACTIONS OF THE FIFTY-FIFTH WORLD HEALTH ASSEMBLY OF INTEREST TO THE PAHO EXECUTIVE COMMITTEE The Fifty-fifth World Health Assembly took place in Geneva, Switzerland, from 13 to 18 May 2002. The Assembly adopted twenty-five resolutions, three more than in 2001....»

«Strukturelle und biochemische Charakterisierung des cytosolischen C-Terminus von Polycystin-2 und seine Interaktion mit dem Zytoskelett-assoziierten Protein mammalian diaphanous homolog 1 DISSERTATION ZUR ERLANGUNG DES DOKTORGRADES DER NATURWISSENSCHAFTEN (DR. RER. NAT.) DER FAKULTÄT FÜR BIOLOGIE UND VORKLINISCHE MEDIZIN DER UNIVERSITÄT REGENSBURG vorgelegt von Maren Eberhardt, geb. Schmidt aus Berlin-Kreuzberg November 2011 Das Promotionsgesuch wurde eingereicht am: 21.11.2011 Das...»

«Artificial Sweeteners: Gut Microflora, Metabolism, and Diabetes: Potential for significant and unexpected health effects Stephen Buxser, Ph.D, Nerac Analyst Executive Summary A recent article about the effects of non-caloric artificial sweeteners (NASs) on gut microflora and on gut and nutritional physiology has profound implications for the current epidemic of obesity and diabetes. NAS use appears to alter gut microbiota in a substantial way that has direct effects on glucose tolerance and the...»

«Draft Information Governance and Management Standards for the Health Identifiers Operator in Ireland Consultation Feedback Form DATE: March 2015 Your views are very important to us. We would like to hear what you think about the draft standards. Your comments will be considered and will inform the development of the final Standards. The Draft information governance and management standards for the health identifiers operator in Ireland contain standard statements and examples of how each...»

«TECHNISCHE UNIVERSITÄT MÜNCHEN Urologische Klinik und Poliklinik am Klinikum rechts der Isar Interstitielle Zystitis eigene Erfahrungen in der Behandlung mit Electromotive-Drug Administration (EMDA) am Klinikum rechts der Isar, München Sven Michels Vollständiger Abdruck der von der Fakultät für Medizin der Technischen Universität München zur Erlangung des akademischen Grades eines Doktors der Medizin genehmigten Dissertation. Vorsitzender: Univ.-Prof. Dr. E.J. Rummeny Prüfer der...»

«Appendix 1 Health Committee – 25 November 2014 Transcript of Item 5: London Health Commission Dr Onkar Sahota AM (Chair): That brings us to today’s main item, the London Health Commission and its recent report, Better Health for London. Can I welcome today’s guests? Professor Yvonne Doyle is the Regional Director of London, Public Health England. Dr Anne Rainsberry is Regional Director of London, NHS England. We are waiting for Dr Marc Rowland, who is the Clinical Leads Chair of the...»

«University of Veterinary Medicine Hannover Institute for Animal Hygiene, Animal Welfare and Farm Animal Behaviour Reducing aggressive behaviour among young piglets by an electronic feed reward system THESIS Submitted in partial fulfilment of the requirements for the degree DOCTOR OF PHILOSOPHY (PhD) awarded by the University of Veterinary Medicine Hannover by Lília Thays Sonoda Londrina – Paraná – Brazil Hannover, Germany 2014 Supervisor: Prof. Dr. med. vet. Dr. h. c. Jörg Hartung / Dr....»





 
<<  HOME   |    CONTACTS
2016 www.book.dislib.info - Free e-library - Books, dissertations, abstract

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.