Loading...

LISA17 - Your Secrets in Cloud-Based Key Management Services

337 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 15, 2017

Dan O'Boyle, Stack Overflow
@selfcommit

Do you encrypt secrets before committing them to a repository?

Are API keys and passwords stored in a local library any team member can decrypt?

Are you forced to re-encrypt all secrets anytime access has changed?

Stop doing those things! Cloud Based Key Management Services (Google KMS, Azure Key Vault, Amazon KMS) provide encryption keys as a service. KMS create a centralized access control list. Using a KMS, you can centralize secrets, removing them from local libraries. Key rotation can be automated, often times making a KMS more secure than local key management practices.

View the full LISA17 program: https://www.usenix.org/lisa17/program

Loading...


to add this to Watch Later

Add to

Loading playlists...