Cloud Key Management

Dear members,

Below you can find the minutes from the working group call on the 15th of May.

Minutes:

The group discussed the progress of its 2 papers.

Sunil provided an update on the 'Best practices for managing keys when uploading data from on-prem to the public cloud' document, which is currently in the internal review phase. Phani, who is new to the group, expressed his intent to review and provide feedback on the document.

The group also discussed the progress of the multi-cloud KMS project, which aims to address the need for sharing keys or workloads that require cryptographic protection between multiple cloud providers. The document will focus on identifying used cases for multi-cloud scenarios and how cloud service providers work in these situations. Sam encouraged team members to contribute. 

Defining Multi-Cloud Architectures and Risks
Sam outlined the plan to define various architectures for multi-cloud implementations and the associated risks and impacts. The goal is to clarify the potential problems and solutions for key management in multi-cloud environments. The team will continue to refine this in future discussions.

Cloud Managed Key and Multi-Cloud Discussion
Sam proposed the idea of a cloud manage key with directed management, which could be shared by parties in a federated or hybrid cloud scenario. The concept of a third-party KMS in a multi-cloud environment was also discussed. Vani emphasized the need to include all use cases, including private clouds, in the definition of multi-cloud. Sam agreed, suggesting the addition of a definitions section to the document.

Previous Action Items:

Best Practices for Managing Keys when uploading Data from on-prem to Cloud' document:

• Sections 1 and 2 update by Partha - PENDING
• Section 3: Sunil to concise section and include bullet points in order to avoid repetition with other sections as well- DONE
• Section 4: Concise section 4.1 and 4.2 on key points. Too many examples: perhaps using less is possible. - PENDING
• Sunil to update on section 4.4 for Preparation and from Migration. - PENDING
  
• Iain offered to summarize relevant parts of DORA and NIS2 aiming to maintain brevity, for Rollback Planning.- DONE
  
• Sam to update 'Multi-Cloud KMS' structure. - DONE
  • Assign sections among Adeeb, Simon, Rajat, Vani, Prathibha and Chandra. - In Progress
• Iain to update Table of Content for 'Post-Quantum Cryptography Key Mgmt with procedural steps on crypto-migration'. PENDING
  

New Action Items:

• Best Practices for Managing Keys when uploading Data from on-prem to Cloud' document
  • Sunil ( @Sunil Arora) to connect with Yuvaraj ( @Yuvaraj Madheswaran) and identify the updated sections of 2 and 3 and 4.4
  • Sections 1 and 2 update by Partha.
  • Michael ( @Michael Roza) Section 4: Concise section 4.1 and 4.2 on key points. Too many examples: perhaps using less is possible.
• The group of contributors of the 'Multi-Cloud' document to attend call on Friday 24 May 
• Phani ( @Phanikumar Kancharla) to review and provide feedback/comments at the 'Best Practices for Key Mgmt when migrating data' paper's content.

Next Working group Call:
Date: Wednesday, 29 May
Time: 09:00 a.m. PDT / 12:00 p.m. EDT / 16:00 GMT
URL: https://zoom.us/j/93617880747
Meeting ID: 936 1788 0747
Passcode: 536522

Kind regards,
Marina

------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------