{"title":"使用企业密钥管理基础设施(EKMI)保护核心","authors":"Arshad Noor","doi":"10.1145/1373290.1373303","DOIUrl":null,"url":null,"abstract":"The last twenty-five years has witnessed an emphasis on protecting the network and computing host as a proxy for protecting data from unauthorized access. While this was a reasonable strategy at the dawn of network-based computing, given the state of the internet today with its security issues, this strategy is proving to be hopeless.\n This paper advances the notion that the time has finally come to begin what we should have done initially -- protect the core of our computing infrastructure: the data -- in addition to protecting the network and computing host.\n The paper describes an architecture - and a specific implementation of that architecture - to enable the encryption of data across the enterprise in a platform and application-independent manner. The architecture describes the use of a Public Key Infrastructure (PKI) and a Symmetric Key Management System (SKMS) within an Enterprise Key Management Infrastructure (EKMI), to securely - and centrally - manage the life-cycle of the symmetric encryption keys used for data encryption.","PeriodicalId":269454,"journal":{"name":"Symposium on Identity and Trust on the Internet","volume":"485 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Securing the core with an Enterprise Key Management Infrastructure (EKMI)\",\"authors\":\"Arshad Noor\",\"doi\":\"10.1145/1373290.1373303\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The last twenty-five years has witnessed an emphasis on protecting the network and computing host as a proxy for protecting data from unauthorized access. While this was a reasonable strategy at the dawn of network-based computing, given the state of the internet today with its security issues, this strategy is proving to be hopeless.\\n This paper advances the notion that the time has finally come to begin what we should have done initially -- protect the core of our computing infrastructure: the data -- in addition to protecting the network and computing host.\\n The paper describes an architecture - and a specific implementation of that architecture - to enable the encryption of data across the enterprise in a platform and application-independent manner. The architecture describes the use of a Public Key Infrastructure (PKI) and a Symmetric Key Management System (SKMS) within an Enterprise Key Management Infrastructure (EKMI), to securely - and centrally - manage the life-cycle of the symmetric encryption keys used for data encryption.\",\"PeriodicalId\":269454,\"journal\":{\"name\":\"Symposium on Identity and Trust on the Internet\",\"volume\":\"485 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Symposium on Identity and Trust on the Internet\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1373290.1373303\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Symposium on Identity and Trust on the Internet","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1373290.1373303","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Securing the core with an Enterprise Key Management Infrastructure (EKMI)
The last twenty-five years has witnessed an emphasis on protecting the network and computing host as a proxy for protecting data from unauthorized access. While this was a reasonable strategy at the dawn of network-based computing, given the state of the internet today with its security issues, this strategy is proving to be hopeless.
This paper advances the notion that the time has finally come to begin what we should have done initially -- protect the core of our computing infrastructure: the data -- in addition to protecting the network and computing host.
The paper describes an architecture - and a specific implementation of that architecture - to enable the encryption of data across the enterprise in a platform and application-independent manner. The architecture describes the use of a Public Key Infrastructure (PKI) and a Symmetric Key Management System (SKMS) within an Enterprise Key Management Infrastructure (EKMI), to securely - and centrally - manage the life-cycle of the symmetric encryption keys used for data encryption.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
