Information Technology News.


Google introduces its Cloud Key Management Service, beta version

Share on Twitter.

Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

January 12, 2017

Yesterday, Google launched its new Cloud Key Management Service, in beta version, to improve its Cloud Platform customers better manage their various encryption keys.

"Cloud KMS offers a cloud-based certificate of trust of some sort that you can monitor and audit," said Google product manager Maya Kaczorowski.

"As an alternative to custom-built or ad-hoc key management systems, which are difficult to scale and maintain, Cloud KMS makes it easy to keep your keys safe," added Kaczorowski.

Following the various disclosures about the scope of online surveillance by former NSA contractor Edward Snowden about 3 1/2 years ago, encryption keys became more important for cloud service providers, particularly encryption services that allows customers to better control their keys.

To be sure, Google began offering customer-supplied encryption keys in June 2015. However, it hasn't exactly led the way with encryption for cloud customers.

Microsoft's Azure platform added CSEK via Key Vault two years ago. Garrett Bekker, an analyst with 451-Research, said in a statement provided that KMS "fills a needed gap by providing customers with the ability to manage their encryption keys in a multi-tenant cloud service, without the need to maintain an on-premise key management system or HSM hardware security module."

GCP customers can now use Cloud KMS to create, use, rotate (at will or scheduled), and also destroy AES-256 symmetric encryption keys if needed.

Cloud KMS provides a REST API that can use a key to encrypt or decrypt data. Cloud KMS integrates with Cloud Identity Access Management and Cloud Audit Logging, two related GCP services.

Kaczorowski asserts that Cloud KMS relies on the Advanced Encryption Standard (AES) in Galois/Counter Mode, a method for high-speed encryption.

Google constantly checks its implementation, residing in its SSL library, using tools like Project Wycheproof, according to Kaczorowski.

While key management offers convenience, as is often the case, the tradeoff is internet security, since service providers can be compelled to turn keys over to authorities when presented with lawful demands.

Source: Google.


Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.