58696
Crypto U10 (part 2), Key
Management and Lifecycle
- lifecycle (continued)
- key usage
- principle of key separation
- cryptographic keys
must only be used for
their intended purpose
- enforcing
- hardware based
- key tagging
- add information to key to indicate purpose
- add information to key to indicate purpose
- key blocks
- format key to also contain data related to the key
- format key to also contain data related to the key
- hardware based
- cryptographic keys
must only be used for
their intended purpose
- key change
- planned vs. unplanned
- sometimes it's better to withdraw key
- can be expensive
- symmetric keys can be replaced relatively easily
- public key pairs
- private keys can be replaced relatively easily
- public keys are more challenging because
they are distributed to many people potentially
- private keys can be replaced relatively easily
- planned vs. unplanned
- key activation
- process by which keys
are authorized for use at
any given time
- ex. I enter a passphrase and
that activates a key for use
- ex. I enter a passphrase and
that activates a key for use
- process by which keys
are authorized for use at
any given time
- key destruction
- when?
- at key expiration
- when key is withdrawn before expiry
- at the end of a period of key archival
- at key expiration
- deleting is not enough
- use data erasure or
data sanitisation
mechanims
- use data erasure or
data sanitisation
mechanims
- when?
- principle of key separation
- key usage
- governing key managment
- guidance
- policy
- define overall requirements and
strategy for key management
- define overall requirements and
strategy for key management
- practice
- Define tactics that will be used
in order to achieve the key
management policy goals.
- Define tactics that will be used
in order to achieve the key
management policy goals.
- procedure
- Document step-by-step tasks
necessary to implement the key
management practices.
- Document step-by-step tasks
necessary to implement the key
management practices.
- policy
- guidance
¿Quieres crear tus propios Mapas Mentales gratis con GoConqr? Más información.