Key-Management Infrastructure for Protecting Stored Data

Any secure use of encryption requires good key management. Historically, it has been hard to do key management well and there has been almost no interoperability between key-management products from different vendors. But help is on the way, at least for some of the most important cases. A new standard from the IEEE P1619 Security in Storage Working Group (SISWG) will make it easier to manage the keys used to encrypt data in storage. This standard will greatly simplify key management and finally make interoperable key management possible. Products that implement the standard should be available by next year. Encryption has traditionally been both expensive and difficult to use. This limited its widespread use to little more than SSL, the protocol that´s used to authenticate Web servers and encrypt connections to them. The recent proliferation of data security and privacy laws, however, has made the use of encryption attractive in many other cases. On the one hand, it´s fairly easy to convince auditors that sensitive data is being protected adequately when it´s encrypted. On the other hand, because encryption is actually one of the best ways to protect sensitive data, it´s much more than just a check box that will keep auditors happy.