Show simple item record

dc.contributor.authorKuzminykh, I
dc.contributor.authorGhita, B
dc.contributor.authorShiaeles, S
dc.contributor.editorGalinina O
dc.contributor.editorAndreev S
dc.contributor.editorBalandin SI
dc.contributor.editorKoucheryavy Y
dc.date.accessioned2021-05-18T12:10:01Z
dc.date.available2021-05-18T12:10:01Z
dc.date.issued2020-12-22
dc.identifier.isbn9783030657284
dc.identifier.issn0302-9743
dc.identifier.issn1611-3349
dc.identifier.urihttp://hdl.handle.net/10026.1/17141
dc.description.abstract

Managing cryptographic keys can be a complex task for an enterprise and particularly difficult to scale when an increasing number of users and applications need to be managed. In order to address scalability issues, typical IT infrastructures employ key management systems that are able to handle a large number of encryption keys and associate them with the authorized requests. Given their necessity, recent years have witnessed a variety of key management systems, aligned with the features, quality, price and security needs of specific organisations. While the spectrum of such solutions is welcome and demonstrates the expanding nature of the market, it also makes it time consuming for IT managers to identify the appropriate system for their respective company needs. This paper provides a list of key management tools which include a minimum set of features, such as availability of secure database for managing keys, an authentication, authorization, and access control model for restricting and managing access to keys, effective logging of actions with keys, and the presence of an API for accessing functions directly from the application code. Five systems were comprehensively compared by evaluating the attributes related to complexity of the implementation, its popularity, linked vulnerabilities and technical performance in terms of response time and network usage. These were Pinterest Knox, Hashicorp Vault, Square Keywhiz, OpenStack Barbican, and Cyberark Conjur. Out of these five, Hachicorp Vault was determined to be the most suitable system for small businesses.

dc.format.extent80-94
dc.language.isoen
dc.publisherSpringer International Publishing
dc.titleComparative Analysis of Cryptographic Key Management Systems
dc.typeconference
dc.typeConference Proceeding
plymouth.volume12526 LNCS
plymouth.publisher-urlhttps://doi.org/10.1007/978-3-030-65729-1
plymouth.publication-statusPublished
plymouth.journalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
dc.identifier.doi10.1007/978-3-030-65729-1_8
plymouth.organisational-group/Plymouth
plymouth.organisational-group/Plymouth/Faculty of Science and Engineering
plymouth.organisational-group/Plymouth/Faculty of Science and Engineering/School of Engineering, Computing and Mathematics
plymouth.organisational-group/Plymouth/REF 2021 Researchers by UoA
plymouth.organisational-group/Plymouth/REF 2021 Researchers by UoA/UoA11 Computer Science and Informatics
plymouth.organisational-group/Plymouth/Users by role
plymouth.organisational-group/Plymouth/Users by role/Academics
dcterms.dateAccepted2020-01-01
dc.rights.embargodate2022-1-21
dc.identifier.eissn1611-3349
dc.rights.embargoperiodNot known
rioxxterms.versionofrecord10.1007/978-3-030-65729-1_8
rioxxterms.licenseref.urihttp://www.rioxx.net/licenses/all-rights-reserved
rioxxterms.licenseref.startdate2020-12-22
rioxxterms.typeConference Paper/Proceeding/Abstract


Files in this item

Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record


All items in PEARL are protected by copyright law.
Author manuscripts deposited to comply with open access mandates are made available in accordance with publisher policies. Please cite only the published version using the details provided on the item record or document. In the absence of an open licence (e.g. Creative Commons), permissions for further reuse of content should be sought from the publisher or author.
Theme by 
Atmire NV