Public key infrastructure in the cloud

Turnkey

Every industry has a need to authenticate and secure digital communications. The topic of how to communicate securely, whether by a virtual private network (VPN) or over Transport Layer Security (TLS), immediately brings public key infrastructure (PKI) into play. This security infrastructure has spread globally as the most trusted technology to identify people and devices, as well as secure digital communications between participants.

PKI is rightly seen as the entity that provides a trust anchor, which conversely means that a compromised PKI could render an entire digital communication system insecure. Therefore, up to now, organizations have implemented their PKI locally for security reasons.

However, the need for scalability and lower investment or operating costs suggests outsourcing PKI to the cloud. IT security administrators do not have to make any security compromises, and they are spared the need to set up everything from scratch, which they would have to do in an on-premises environment. Whether PKI is better suited as a cloud platform or software as a service (SaaS) essentially depends on the use cases. Adaptability to new regulations and new cloud-native features can also influence the choice.

Classic PKI is Expensive

Setting up the PKI security infrastructure from the hardware security module (HSM) to the database and integrating the detailed processes requires technical expertise to regulate the processes of creating, issuing, and exchanging digital identities in the form of certificates. A new implementation of a further use case pending in a local environment requires extensions to the existing infrastructure and even building new hardware systems.

The security admin also faces some challenges in operations, which is easier for admins with skills that go beyond network administration. Potential hurdles in everyday life, such as managing operating system

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Windows security with public key infrastructures
    A rarely used feature for improving security in Windows environments relies on certificates issued for various applications, services, and procedures that is based on a public key infrastructure.
  • Moving HPC to the Cloud

    HPC has a unique set of requirements that might not fit into standard clouds. However, plenty of commercial options, including cloud-like services, provide the advantages of real HPC without the capital expense of buying hardware.

  • Arm yourself against cloud attacks
    We present approaches and solutions for protecting yourself against attacks in the cloud.
  • Azure Sphere for Internet of Things
    Microsoft Azure Sphere links three vital elements of the Internet of Things – microcontrollers, software, and cloud service – with a focus on security.
  • Hardening network services with DNS
    The Domain Name System, in addition to assigning IP addresses, lets you protect the network communication of servers in a domain. DNS offers further hardening of network protocols – in particular, SSH fingerprinting and CAA records.
comments powered by Disqus