Encryption and key management in a SAN | IEEE Conference Publication | IEEE Xplore

Encryption and key management in a SAN


Abstract:

Many important security properties can be gained by encrypting stored data. However, these properties can be significantly undermined if the encryption keys are not well ...Show More

Abstract:

Many important security properties can be gained by encrypting stored data. However, these properties can be significantly undermined if the encryption keys are not well managed. This paper discusses how encryption strategies can be used to provide stronger segregation of data, remove "back door" access to data, and to reduce the reliance and trust placed in administrators of SAN systems. The focus is on the key management that necessarily forms a part of a secure encryption strategy. The work described is based on the use of a hardware security appliance (HSA) which augments traditional HSMs with additional functionality to control the way keys are used rather than just providing a secure environment for crypto functions. This allows security critical components or services to be pushed into trusted hardware thereby providing wider application or system level security. The paper shows how the HSA can. be applied to securely managing the keys for the encryption strategies needed for SAN security.
Date of Conference: 11-11 December 2002
Date Added to IEEE Xplore: 28 February 2003
Print ISBN:0-7695-1888-5
Conference Location: Greenbelt, MD, USA

References

References is not available for this document.