How to manage encryption keys


This article can also be found in the Premium Editorial Download "Storage magazine: What you need to know about data storage provisioning."

Download it now to read this article plus other related content.

NeoScale CryptoStor KeyVault
The NeoScale Systems CryptoStor KeyVault is a secure, automated and open enterprise-class appliance for storage encryption-key management. It offers the features required by FIPS 140-2 Level 3 such as tamper-proof seals and two-part authentication, and provides open APIs to allow for third-party vendor integration. Multiple redundant KeyVaults allow for scalability, fault tolerance, key protection and support for up to 200 million keys per appliance.

CryptoStor KeyVault provides hardware and software random-number generators to ensure keys are truly random, and provides for secure long-term archiving of keys. Encrypted data and keys can be recovered at any site, using either a distributed local appliance or a software-only product.

The system provides for role-based security and authentication, and up to AES-256 levels of encryption. All communications between the appliance and the key consumer (the system using the key) are encrypted and never move as cleartext. Audit logs are cryptographically signed to ensure they haven't been tampered with, and can be exported as encrypted and signed files for forensic purposes.

Appliances can be deployed in a distributed, clustered environment, which allows for automatic key replication among multiple appliances. To maintain the highest security level, keys aren't accessed until they're actually needed. In addition to key management, KeyVault can manage the enforcement of data

Requires Free Membership to View

destruction to meet compliance requirements. The complete KeyVault appliance, including hardware and software, is priced from $25,000.

This was first published in October 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: