Abstract

http://ssrn.com/abstract=1051481
 


 



Key Management for Enterprise Data Encryption


Ulf T. Mattsson


Protegrity Corp.

December 3, 2007


Abstract:     
One of the essential components of encryption that is often overlooked is key management - the way cryptographic keys are generated and managed throughout their life. Since cryptography is based on keys which encrypt and decrypt data, your database protection solution is only as good as the protection of those keys. Security depends on several factors including where the keys are stored and who has access to them. When evaluating a data privacy solution, it is essential to include the ability to securely generate and manage keys. This can be achieved by centralizing all key management tasks on a single platform, and effectively automating administrative key management tasks, providing both operational efficiency and reduced management costs. Data privacy solutions should also include an automated and secure mechanism for key rotation, replication, and backup. The difficulty of key distribution, storage, and disposal has limited the wide-scale usability of many cryptographic products in the past. Automated key distribution is challenging because it is difficult to keep the keys secure while they are distributed, but this approach is finally becoming secure and more widely used. Standards for key-management have been developed by the government and by organizations such as ISO, ANSI, and the American Banking Organization (ABA). The key management process should be based on a policy. This paper will exemplify different elements of a suggested policy for a Key Management System used for managing the encryption keys that protect secret and confidential data in an organization.

Number of Pages in PDF File: 7

Keywords: Key management, Database encryption, Security, Privacy, PCI, VISA CISP, GLBA, HIPAA

JEL Classification: 031

working papers series


Download This Paper

Date posted: December 4, 2007  

Suggested Citation

Mattsson, Ulf T., Key Management for Enterprise Data Encryption (December 3, 2007). Available at SSRN: http://ssrn.com/abstract=1051481 or http://dx.doi.org/10.2139/ssrn.1051481

Contact Information

Ulf T. Mattsson (Contact Author)
Protegrity Corp. ( email )
One Cantebury Green
Stamford, CT 06901
United States
HOME PAGE: http://www.ulfmattsson.com
Feedback to SSRN


Paper statistics
Abstract Views: 1,047
Downloads: 206
Download Rank: 85,025

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo8 in 0.234 seconds