The ISA's National Institute of Standards and Technology (NIST) – recently accused of collaborating with the NSA to weaken security standards – has put together a paper highlighting the key-management challenge posed by cloud computing platforms. As readers will know, key multiplication (and therefore management) can be headache …
...spreading 1unwanted keys...
Yes, there's a button for that. But since that requires me to have an email application registered I can't be bothered using it.
Sounds like common sense advice
Unfortunately they're also considered a puppet for the alphabet agencies and nobody will ever take them seriously again. They might as well disband now and save the money.
All pretty irrelevant if the servers sit in a country with *no* effective data protection.
Like for example America with THE PATRIOT Act in force.
Some solutions also exist
Well, full disclosure - this is a bit blowing our own horn - but we've built a solution to the cloud key management problem using homomorphic key encryption and split-key encryption. The idea is to give you the full flexibility of Infrastructure and Platform clouds while ensuring high security and - most importantly - leaving control of the keys in your own hands (not any alphabet-soup agency...). Take a look: http://www.porticor.com/technology/
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Boffins say they've got Lithium batteries the wrong way around
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Phones 4u slips into administration after EE cuts ties with Brit mobe retailer