Secure Key Management in the Cloud

Presented at BSidesDC 2017, Oct. 7, 2017, 3:30 p.m. (50 minutes)

As workflows scale out to the cloud, key management strategies are also being updated to take advantage of cloud based key management services such as Azure KeyVault, Cloud KMS and AWS Key Management Service (KMS). Using cloud based key managed service allows corporate to create and control the encryption keys used to encrypt your data, and uses Hardware Security Modules (HSMs) to protect the their keys all in a centralized cloud environment. This is a radical shift from on premise model where key manager were locked and device level HSM were employed. This talk discusses the pros/cons, use-cases from the industry (e.g. media and entertainment), reference architectures, and strategic/tactical recommendations on how to secure cloud based key management implementation.

Presenters:

• Omer Farooq - Senior Software and Security Engineer at Independent Security Evaluators
  Senior Software and Security engineer at Independent Security Evaluators in Baltimore MD, also Computer Engineering PhD candidate at University of Maryland at Baltimore Count (UMBC).

Links:

• https://bsidesdc2017.busyconf.com/schedule#activity_5954fb066fd78629b300026f
• https://www.youtube.com/watch?v=1_Cy0BdcP_Q

Similar Presentations:

• Diana Initiative 2020 Virtual / Guardians of the cloud: the sysadmin's guide to cloud security
• ToorCon San Diego 16 (2014) / How to establish trust in the Cloud and keep your secres secrets
• ToorCon: Seattle (Beta) (2007) / Anycast Cloud Bursting