Yet another security issue: key management
What with one thing and another, I forgot about this piece until just now, when I went to update the Web page for that column series (www.pelicancrossing.net/hpkcols.htm - it’s the interviews column I do for the Inquirer). In it, Nicko van Someren, founder and CTO of nCipher, talks about the problem of key management: as crypto systems proliferate, dealing with keys is becoming a major issue.Natiurally, nCipher has a solution it would be happy to sell people, but that’s not the point: the point is more that every new security system we adopt comes with a complex management cost. This is true at all levels, from the major corporation that has a server tied up for a day just changing keys at all its sites throughout the world to the individual at home who locked down their Airport so tightly they now can’t remember how to open a connection for a guest who wants to use the Internet. These costs are part of why humans, who prefer easy lives, bypass security or turn it off rather than be hassled…
wg
September 24th, 2007 at 1:15 pm
It’s generally-accepted wisdom that, if the deployment of a crypto system fails, 90% of the time the issues which cause the failure are down to key management. Here at Sun, we’ve just incorporated a key management framework into the current (08/07) release of Solaris 10; as I know Nicko from way back and know that he talks a lot of good sense, I’d be interested to know what he makes of it.