|By Gilad Parann-Nissany||
|December 12, 2012 09:45 AM EST||
As a company focusing on cloud security, we’re often asked about regulations, and how to achieve cloud encryption while maintaining regulatory compliance. In this post, I’d like to review some of these issues and provide a high level guide to best practice.
But first – a brief background on issues around cloud encryption: unlike on-premise data encryption, cloud encryption highlights a significant trust issue involving encryption keys and key management. For example, an enterprise can easily encrypt a virtual cloud disk, but who’s managing the encryption keys? If the encryption keys are managed by the cloud provider or the security vendor, the enterprise will not achieve compliance (and more importantly – true security). How about field- level encryption? Oracle for example provides a Transparent Data Encryption (TDE) mechanism, while storing the encryption keys in a “wallet”. If the wallet is stored on-cloud, the encryption keys are far from safe, and compliance cannot be achieved. With that in mind, let’s dive into some of the issues.
Issue: Generation of strong encryption keys
PCI requires that the encryption keys are generated with sufficient length, but more importantly – the data used to generate the key must be sufficiently random.
To avoid doubt, make sure that your encryption provider generates strong encryption keys, using random data and true entropy. Here’s a discussion of true in-cloud entropy with a flavor of real life issues.
Issue: Secure Key Distribution and secure key storage
PCI (as well as other regulations, and a healthy common sense…) requires that encryption keys will be distributed over a secured channel. But in a cloud scenario, the main question becomes “to where are the encryption keys distributed?” In other words – if the distribution channel is secure, but the encryption keys are stored in cloud – the risk significantly increases. Rich Mogul wrote a great article about this risk: How to Tell If Your Cloud Provider Can Read Your Data (Hint: They Can).
Issue: Split knowledge and establishment of dual control of cryptographic keys
The requirement for split knowledge is crucial in cloud deployments involving sensitive data. In a cloud scenario, split knowledge is needed first and foremost to split the (encryption keys) knowledge between the cloud provider/security vendor, and the enterprise. The meaning is that an enterprise would need to either implement the key management system back in the enterprise data center, dismissing many of the cloud advantages while doing so, or move to a secure cloud key management system which utilizes techniques such as split-key management and homomorphic key encryption. An example for such system is Porticor’s Virtual Private Data system. For an additional review of split-key and homomorphic key management, read this white paper.
Oh and just in case: This blog is not intended to constitute legal advice…
Aug. 2, 2015 05:45 PM EDT Reads: 516
Aug. 2, 2015 11:15 AM EDT Reads: 360
Aug. 1, 2015 10:00 AM EDT Reads: 341
Jul. 30, 2015 07:30 PM EDT Reads: 1,424
Jul. 30, 2015 02:30 PM EDT Reads: 145
Jul. 30, 2015 12:00 PM EDT Reads: 2,086
Jul. 30, 2015 09:00 AM EDT Reads: 2,175
Jul. 29, 2015 03:00 PM EDT Reads: 1,300
Jul. 29, 2015 02:00 PM EDT Reads: 1,207
Jul. 28, 2015 04:30 PM EDT Reads: 1,776
Jul. 28, 2015 11:00 AM EDT Reads: 2,050
Jul. 27, 2015 10:00 AM EDT Reads: 2,047
Jul. 27, 2015 09:00 AM EDT Reads: 336
Jul. 27, 2015 08:00 AM EDT Reads: 1,914
Jul. 26, 2015 09:00 PM EDT Reads: 1,590
Jul. 25, 2015 02:00 PM EDT Reads: 405
Jul. 25, 2015 01:00 PM EDT Reads: 1,976
Jul. 25, 2015 12:15 PM EDT Reads: 488
Jul. 25, 2015 12:00 PM EDT Reads: 1,557
Jul. 25, 2015 09:00 AM EDT Reads: 1,504