Cloud Key Management

Dear members,

Below you can find the meeting minutes from our working group call on the 24th of January.

Minutes:

• The HSM document, is delayed due to pending action items and the document's publication has been postponed to the end of February. Jim Scardelis agreed to help with the document, particularly the diagrams.
• Working group discussed the 3 parallel work-streams: 
  • Best Practices managing keys when uploading on-prem data to the (public) cloud: The document, targets for completion in the first quarter, of 2024 covering topics such as assessment, planning, data preparation, security, execution, transition, and optimization. The inclusion of a cost-benefit analysis, is to be considred. The issue of potential lock-in to specific cloud providers during migration was also mentioned. The group decided to have a separate section for key management best practices in the document. The goal is to keep the content within five to six pages and the document should be crisp and succinct, focusing on practical bullet point guidelines rather than theoretical aspects.
    The team also discussed the importance of acknowledging assumptions made in the document.
  • Multi-cloud KMS: The document will be paused until the lead author, Sam, returns from his sabbatical.
    
  • Post-Quantum Cryptography Key  Management with procedural steps on crypto-migration:  Iain mentioned that he would be tracking NIST and other sources for key findings. The team agreed to cover any leaps uncovered in the upcoming NIST document and include them in their work, ensuring a unique contribution. The team agreed on the need for organizations to start planning their migration strategies, beginning with the most exposed algorithms.The discussion also touched upon the combination of AI and post-quantum computing as a substantial threat.The team decided to discuss post-quantum updates in the next call.
    
    

Previous action items: 

• Sam to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15. - PENDING
• Best Practices when Uploading On-Prem Data to the Cloud: Partha to expand the scope to include the lifecycle of the data once it is in the cloud. - PENDING
  

New action items:

• Jim ( @Jim Scardelis) to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15, in the HSM document.
  
• Marina to ask the Quantum working group to review the table of content of the Post-Quantum Cryptography Key  Management with procedural steps on crypto-migration
• Best Practices when Uploading On-Prem Data to the Cloud: To expand the scope to include the lifecycle of the data once it is in the cloud.
  • Authors:
    • Data preparation and Security - Sunil Arora ( @Sunil Arora)
    • Migration Execution and Management - Sunil Arora ( @Sunil Arora)
      
    • Transition and Optimisation - Leads: Santosh Bompally and Rajat Dubey

      • A: Cutover Planning and Execution - Santosh Bompally ( @Santosh Bompally)

        • Minimizing business disruption during transition - Santosh ( @Santosh Bompally)

        • Rollback plan and disaster recovery procedures - Yuvaraj ( @Yuvaraj Madheswaran) and Bobie ( @Deligent Bobie-Ansah)
      • B: Performance monitoring and cost optimization - Rajat ( @Rajat Dubey)
        • Continuous improvement and adaptation - Yuvaraj ( @Yuvaraj Madheswaran)
      • C:  Data Security in Cloud Environment - Subho Goswami

Next working group call: 7 February 2024

Time: 09:00 a.m. PT / 12:00 p.m. ET / 17:00 GMT / 19:00 EET

URL: https://zoom.us/j/93617880747  (Meeting ID: 936 1788 0747)

Warm regards,

Marina

------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------