CCSK

Key Storage & Encryption Engines

  • 1.  Key Storage & Encryption Engines

    Posted Aug 18, 2021 10:26:00 AM

    Hello,
    In the CCSK self-paced training I ran into, what seems like a contradictory statement. When talking about externally managed encryption for encrypting the whole volume storage, it says to store the key separately from the encryption engine. But in Unit 5 Encrypting PaaS, as it talks about encryption in the application layer, it says the key is integrated into the encryption server/service where the encryption engine is. 

    Why is the key stored away from the encryption engine in the IaaS model but with the encryption engine in the PaaS & SaaS model?



    ------------------------------
    Jenna Morrison
    Training Department Intern
    Cloud Security Alliance
    ------------------------------