Amazon CloudHSM (It is Safenet in the backend), Safenet Luna HSM SaaS version and other cloud HSM providers provide Key Management and encryption services on device in the cloud.
From my research, I understand that they can be used to encrypt some data and get the encrypted blob for storage in DB / disk either on - the CLOUD (Amazon RDS / Amazon S3) or - On Premise behind the firewall (Local Database / Local File System)
(CloudHSM) <===== talking to ====> (On Premise / Behind the Firewall application)
- What are the Security concerns w.r.t this model ?
- Any specific recommendations from Network Security point of view ?
- Is this even a valid model in the first place.
Aucun commentaire:
Enregistrer un commentaire