Lead Image © Tsung Lin Wu, 123RF.com
Public key infrastructure in the cloud
Turnkey
Every industry has a need to authenticate and secure digital communications. The topic of how to communicate securely, whether by a virtual private network (VPN) or over Transport Layer Security (TLS), immediately brings public key infrastructure (PKI) into play. This security infrastructure has spread globally as the most trusted technology to identify people and devices, as well as secure digital communications between participants.
PKI is rightly seen as the entity that provides a trust anchor, which conversely means that a compromised PKI could render an entire digital communication system insecure. Therefore, up to now, organizations have implemented their PKI locally for security reasons.
However, the need for scalability and lower investment or operating costs suggests outsourcing PKI to the cloud. IT security administrators do not have to make any security compromises, and they are spared the need to set up everything from scratch, which they would have to do in an on-premises environment. Whether PKI is better suited as a cloud platform or software as a service (SaaS) essentially depends on the use cases. Adaptability to new regulations and new cloud-native features can also influence the choice.
Classic PKI is Expensive
Setting up the PKI security infrastructure from the hardware security module (HSM) to the database and integrating the detailed processes requires technical expertise to regulate the processes of creating, issuing, and exchanging digital identities in the form of certificates. A new implementation of a further use case pending in a local environment requires extensions to the existing infrastructure and even building new hardware systems.
The security admin also faces some challenges in operations, which is easier for admins with skills that go beyond network administration. Potential hurdles in everyday life, such as managing operating system
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Windows security with public key infrastructures
A rarely used feature for improving security in Windows environments relies on certificates issued for various applications, services, and procedures that is based on a public key infrastructure. -
Moving HPC to the Cloud
HPC has a unique set of requirements that might not fit into standard clouds. However, plenty of commercial options, including cloud-like services, provide the advantages of real HPC without the capital expense of buying hardware.
-
Arm yourself against cloud attacks
We present approaches and solutions for protecting yourself against attacks in the cloud. -
Azure Sphere for Internet of Things
Microsoft Azure Sphere links three vital elements of the Internet of Things – microcontrollers, software, and cloud service – with a focus on security. -
Sovereign Cloud Stack – a genuine alternative for Europe
The Sovereign Cloud Stack promises no less than liberation from the shackles of vendor tie-in. Cloud users who rely on this technology are free to choose their provider and switch, without further investment in training or financial penalty.