Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Ramaswamy Chandramouli; Michaela Iorga; Santosh Chokhani;|
|Title:||Cryptographic Key Management Issues & Challenges in Cloud Services|
|Published:||September 18, 2013|
|Abstract:||To interact with various services in the cloud and to store the data generated/processed by those services, several security capabilities are required. Based on a core set of features in the three common cloud services - Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), we identify a set of security capabilities needed to exercise those features and the cryptographic operations they entail. An analysis of the common state of practice of the cryptographic operations that provide those security capabilities reveals that the management of cryptographic keys takes on an additional complexity in cloud environments compared to enterprise IT environments due to: (a) difference in ownership (between cloud Consumers and cloud Providers) and (b) control of infrastructures on which both the Key Management System (KMS) and protected resources are located. This document identifies the cryptographic key management challenges in the context of architectural solutions that are commonly deployed to perform those cryptographic operations.|
|Citation:||NIST Interagency/Internal Report (NISTIR) - 7956|
|Keywords:||Authentication, Cloud Services, Data Protection, Encryption, Key Management System (KMS), Secure Shell (SSH), Transport Layer Security (TLS)|
|Research Areas:||Cloud Computing, Computer Security, Cybersecurity|
|PDF version:||Click here to retrieve PDF version of paper (1MB)|