Cloud Key Management

Dear members,

Below you can find the meeting minutes from our working group call on the 21st of February.

Minutes:

• The HSM document, is delayed due to the last pending action items and the document's publication has been moved now to April. Sam will wrap up the HSM document and send it for design and publication.
• The team discussed the Best Practices managing keys when uploading on-prem data to the (public) cloud and assigned tasks to address pending sections and comments. They also discussed data cleansing and transformation, tying it to reducing information size and considering separate on-prem and cloud sets.
  Santosh was assigned to review the document for data migration and preparation, while Michael suggested reorganizing the paper sections for a clearer flow.
  Yuvaraj agreed to work on ensuring data integrity and functionality in the cloud. Santosh was assigned to coordinate content gathering for post-migration operational activities. Concerns were raised about separate keys for indexing in NoSQL databases and the need for dedicated keys if there is a lack of trust in the cloud provider.
  The progress of the document and timeline for updates and review were discussed, with the decision to remove the data security section in the cloud environment.
  Santosh was assigned to look into performance, monitoring, and cost optimization for post-migration activities. Michael took the lead on migration step four and was tasked with reaching out to Sunil for input.
• The team discussed the status of the post-quantum cryptography project and the table of contents for the related document. Sam expressed readiness to work on the multi-cloud document next.

Previous action items: 

• Sam to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15, in the HSM document. - PENDING
• Best Practices when Uploading On-Prem Data to the Cloud: To expand the scope to include the lifecycle of the data once it is in the cloud. - PENDING
• Marina to share the Post-Quantum online document with the Quantum-Safe CSA working group for their feedback and help. - DONE

New action items:

• Sam ( @Sam Pfanstiel) to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15, in the HSM document
• Best Practices when Uploading On-Prem Data to the Cloud document:
  • Partha to expand the scope to include the lifecycle of the data once it is in the cloud.
  • Authors to finalize their sections: 
    
    • 3. Data preparation and Security - Lead: Santosh ( @Santosh Bompally) instead of Sunil 
      • 3.2 Network and Bandwith Optimization - Santosh ( @Santosh Bompally)
      • 3.3 data migration security best practices- Santosh ( @Santosh Bompally)
      • 3.4 Data Security and Key management - Rajat ( @Rajat Dubey)
    • 4. Migration Execution and Management - Lead: Michael ( @Michael Roza) instead of Sunil 
      • 4.2 Testing and Validation - Yuvaraj ( @Yuvaraj Madheswaran)
        
    • 5. Transition and Optimization - Lead: Santosh ( @Santosh Bompally) 

      • 5.2.1 Post-Migration monitoring and optimization - Rajat ( @Rajat Dubey)

      • 5.3 Post-Migration and Optimization Best Practices - Author wanted.

Next working group call: 6 March 2024

Time: 09:00 a.m. PT / 12:00 p.m. ET / 17:00 GMT / 19:00 EET

URL: https://zoom.us/j/93617880747  (Meeting ID: 936 1788 0747)

Warm regards,

Marina

------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------