Cloud Key Management

Back to discussions
Expand all | Collapse all

Meeting Minutes 6 December 2023.

  • 1.  Meeting Minutes 6 December 2023.

    Posted Dec 18, 2023 03:45:00 AM

    Dear members,

    Below you can find the meeting minutes from our working group call on the 6th of December.

    Minutes:

    • The Key Mgmt Lifecycle Best Practices document will be published on 19th of December 2023.
    • The HSM document, concluded peer review on the 9th of December and comments are being addressed.
    • Working group discussed next steps for 2024. Discussion involved the voted topics of priority from the survey conducted in 2023: https://docs.google.com/spreadsheets/d/1oVQAQj89Od_zMWGpGJqn3iANQhI85rLA/edit#gid=1586630742
    • Due to time overlap with the AI groups, working group decided to have our bi-weekly Key Mgmt WG call an hour later on 09:00 a.m. PT / 12:00 p.m. ET.
    • New topics suggested for 2024 and parallel work-streams: 
      • Best Practices when uploading on-prem data to the cloud.
      • Multi-cloud and multi-regional KMS
      • Secrets Management
      • Post-Quantum Cryptography Key  Management with procedural steps on crypto-migration.

    Previous action items: 

    Document: HSM-as-a-Service:

    • Sam to update the Purpose or Scope section with some bullet points that prove WHY chose HSM and what are the benefits (versus something else for example). - DONE
    • Sam to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15. - PENDING

    New action items:

    • Sam ( @Sam Pfanstiel) to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15, in the HSM document.
    • Partha to provide a "skeleton" for the 'Best Practices when uploading on-prem data to the cloud' paper. A potential table of contents.
    • Sam ( @Sam Pfanstiel) to provide a "skeleton" / Table of Contents for the 'Multi-Cloud and Multi-Regional KMS' document.
    • Iain ( @Iain Beveridge) to provide a "skeleton" / Table of Contents for the 'Post-Quantum Cryptography Key  Management with procedural steps on crypto-migration' document.
    • Sunil ( @Sunil Arora) to provide a 'Lesson Learned' list for what to avoid and what to manage more efficiently.
    • Members of the group to discuss the structure of the 4 documents proposed and divide in parallel work-streams, after scoping the level of effort involved.

    Next working group call: 20 December

    Time: 09:00 a.m. PT / 12:00 p.m. ET / 17:00 GMT / 19:00 EET

    URL: https://zoom.us/j/93617880747  (Meeting ID: 936 1788 0747)

    Kind regards,

    Marina



    ------------------------------
    Marina Bregkou,
    Senior Research Analyst,
    CSA
    ------------------------------