Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager.

Published byHannah Higgins Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager."— Presentation transcript:

1 © 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager

2 © 2009 PGP Corporation Confidential Challenges Regulation and security concerns drive the need for encryption everywhere –Tight deadlines place emphasis on the goal, and not best practice Each new encryption technology introduces new key management challenges –Yet another system to manage –Building consistent policy enforcement gets harder and harder eDiscovery is the opposite of regulation –Data is being encrypted without consideration of how fast it must be recovered Each operations group handles key management differently Many different trust models, many different types of keys 2

3 © 2009 PGP Corporation Confidential How key management problems affect businesses Administrative costs Major online retailer takes 4 weeks to perform manual key audit for compliance. Audit required twice a year. Accountability CIO/CSO held accountable for data protection but lacks visibility GAO report on federal deployment Business Continuity Major bank – Retail branches could not open for 4 hours Numerous sites – Customers locked out from online services 3

4 © 2009 PGP Corporation Confidential Different Trust Models for Different Uses 4 Company ACompany B User Company ACompany B User1 User2 User1 User2 Point to Point Trust Secure File Transfer One to One, One to Many Cross Certification S/MIME Email Many to Many Company ACompany B Hierarchy SSL Certificates Anyone 3 rd Party CA

5 © 2009 PGP Corporation Confidential Reality Check 5 Company BCompany CCompany A Point to Point Cross Certify Businesses use mixed trust models today No easy way to migrate from one model to another Can’t force an architecture onto another company Internal Hierarchy 3 rd Party CA

6 © 2009 PGP Corporation Confidential The Growing Need Compliance! Data Breaches! Security Encryption Problem Solved?

7 © 2009 PGP Corporation Confidential The Growing Need Compliance! Data Breaches! Security Encryption Key Management

8 © 2009 PGP Corporation Confidential 8 Common Problems with Keys NetworksBackend Applications Clients Hardware Banking and Retail Hardware ATM PoS EMV Databases Application Servers Web Servers Mail Servers CRM WiFiVPN Wireless Keys SSL / TLS Keys Disk Encryption Keys Authentication Keys TPM Keys Encryption Keys Authentication Keys Data Encryption Keys Application Keys SSL / TLS Keys Transport Keys Authentication Keys Transaction Keys Manual Management Help Desk and Recovery Policy Requirements Key Rotation/ Key Archiving Validation and Rotation

9 © 2009 PGP Corporation Confidential 9 NetworksBackend Applications Clients Hardware Banking and Retail Hardware Addressing the Problem ATM PoS EMV Provisioning Storage Auditing and Reporting Lifecycle Management Policy Enforcement Discovery Key Management WiFiVPN Wireless Keys SSL / TLS Keys Disk Encryption Keys Authentication Keys TPM Keys Encryption Keys Authentication Keys Data Encryption Keys Application Keys SSL / TLS Keys Transport Keys Authentication Keys Transaction Keys Databases Application Servers Web Servers Mail Servers CRM

10 © 2009 PGP Corporation Confidential With PGP Key Management User 1 Keys User 2 Keys User 3 Keys User 4 Keys Key Management Services User 1User 2User 3User 4 FileEmailDisk Before and After Without Key Management User 1User 2User 3User 4 FileEmailDisk 10

11 © 2009 PGP Corporation Confidential What’s Needed in a Key Management System What’s needed Open standards support Support for APIs, Protocols and Agents Support for multiple key types Support for multiple trust models Highly Scalable Highly Secure Proven 11

12 © 2009 PGP Corporation Confidential 12 Q&A Thank You

Download ppt "© 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
© 2007 IBM Corporation Enterprise Content Management Integrating Content, Process, and Connectivity for Competitive Advantage Malcolm Holden October 2007.

© 2007 IBM Corporation Enterprise Content Management Integrating Content, Process, and Connectivity for Competitive Advantage Malcolm Holden October 2007.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.

 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.
Privileged Identity Management Enterprise Password Vault

Privileged Identity Management Enterprise Password Vault
Www.tectia.com COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.

COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 2003-2004 B. C. Neuman, - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Fall 2003 1 Security Systems Lecture notes Dr.

Copyright © B. C. Neuman, - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Fall Security Systems Lecture notes Dr.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Email Security Jonathan Calazan December 12, 2005.

Security Jonathan Calazan December 12, 2005.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

Similar presentations

Ads by Google