From the course: Cloud Data, Platform, and Applications Security by Pearson
Join today to access over 25,200 courses taught by industry experts.
Keys, secrets, and certificate management
From the course: Cloud Data, Platform, and Applications Security by Pearson
Keys, secrets, and certificate management
All right, so keys, secrets, and certificates, oh my. Now we talked earlier in the little cryptography section that we have symmetric keys, which is used to protect bulk data at rest, and asymmetric keys, or key pairs, that we use to protect data for confidentiality, but also we can use it for an integrity authentication mechanism, or digitally signing. Now, at a cloud provider, they're going to use access keys and key pairs to protect and digitally sign all external API requests that are going through the metastructure, for example, whether it's done in a command line interface, or a PowerShell client, or maybe through some other software development kit connections. But it has to be digitally signed, and it has to have perfect forward secrecy. In other words, you're using a key derived from the original key. We'll use RSA key pairs, which are the commercially most popular ones that go way back to the 70s. You'll also see elliptic curve DSA key pairs, because those work better with…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Learning objectives29s
-
(Locked)
Concepts of cloud data security6m 12s
-
(Locked)
Data obfuscation4m 4s
-
(Locked)
Information rights management3m 10s
-
(Locked)
Keys, secrets, and certificate management3m 17s
-
(Locked)
Data discovery4m 22s
-
(Locked)
Data classification and policy5m 22s
-
(Locked)
Auditability, traceability, and accountability4m 43s
-
(Locked)
-
-
-
-
-
-
-