[英]How to retain private control over the encryption keys while using Cloud services?
All cloud service providers have their own Key management systems and customer keys can be imported when desired.所有云服务提供商都有自己的密钥管理系统,并且可以在需要时导入客户密钥。 However i want to have private control over keys such that keys are provided externally and never imported into the KMS.So the cloud provider should be able to access the external key without importing.
但是我想对密钥进行私人控制,这样密钥是在外部提供的,并且永远不会导入到 KMS 中。因此云提供商应该能够在不导入的情况下访问外部密钥。 Or another case could be where public keys are at the cloud provider but only client has access to private keys externally.
或者另一种情况可能是公钥位于云提供商处,但只有客户端可以从外部访问私钥。 Any help or ideas will be appreciated
任何帮助或想法将不胜感激
On Google Cloud, you can do this with External Key Manager (EKM) https://cloud.google.com/kms/docs/ekm在 Google Cloud 上,您可以使用外部密钥管理器 (EKM) https://cloud.google.com/kms/docs/ekm执行此操作
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.