Comparative analysis of cryptographic key management systems

Levgeniia Kuzminykh*, Bogdan Ghita, Stavros Shiaeles

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Managing cryptographic keys can be a complex task for an enterprise and particularly difficult to scale when an increasing number of users and applications need to be managed. In order to address scalability issues, typical IT infrastructures employ key management systems that are able to handle a large number of encryption keys and associate them with the authorized requests. Given their necessity, recent years have witnessed a variety of key management systems, aligned with the features, quality, price and security needs of specific organisations. While the spectrum of such solutions is welcome and demonstrates the expanding nature of the market, it also makes it time consuming for IT managers to identify the appropriate system for their respective company needs. This paper provides a list of key management tools which include a minimum set of features, such as availability of secure database for managing keys, an authentication, authorization, and access control model for restricting and managing access to keys, effective logging of actions with keys, and the presence of an API for accessing functions directly from the application code. Five systems were comprehensively compared by evaluating the attributes related to complexity of the implementation, its popularity, linked vulnerabilities and technical performance in terms of response time and network usage. These were Pinterest Knox, Hashicorp Vault, Square Keywhiz, OpenStack Barbican, and Cyberark Conjur. Out of these five, Hachicorp Vault was determined to be the most suitable system for small businesses.

Original languageEnglish
Title of host publicationInternet of Things, Smart Spaces, and Next Generation Networks and Systems - 20th International Conference, NEW2AN 2020 and 13th Conference, ruSMART 2020, Proceedings
EditorsOlga Galinina, Sergey Andreev, Sergey Balandin, Yevgeni Koucheryavy
PublisherSpringer
Pages80-94
Number of pages15
ISBN (Electronic)9783030657291
ISBN (Print)9783030657284
DOIs
Publication statusPublished - 22 Dec 2020
Event20th International Conference on Next Generation Teletraffic and Wired/Wireless Advanced Networks and Systems, NEW2AN 2020 and 13th Conference on the Internet of Things and Smart Spaces, ruSMART 2020 - St. Petersburg, Russian Federation
Duration: 26 Aug 202028 Aug 2020

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume12526
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference20th International Conference on Next Generation Teletraffic and Wired/Wireless Advanced Networks and Systems, NEW2AN 2020 and 13th Conference on the Internet of Things and Smart Spaces, ruSMART 2020
Country/TerritoryRussian Federation
CitySt. Petersburg
Period26/08/2028/08/20

Keywords

  • Cryptography
  • Key distribution
  • Key management service
  • Secret handling

Fingerprint

Dive into the research topics of 'Comparative analysis of cryptographic key management systems'. Together they form a unique fingerprint.

Cite this