Bring your own encryption
Bring your own encryption (BYOE), also known as bring your own key (BYOK), is a cloud computing security marketing model that aims to help cloud service customers to use their own encryption software and manage their own encryption keys.[1] BYOE allows cloud service customers to use a virtualized example of their own encryption software together with the business applications they are hosting in the cloud, in order to encrypt their data.[2] The business applications hosted are then set up such that all its data will be processed by the encryption software, which then writes the ciphertext version of the data to the cloud service provider's physical data store, and readily decrypts ciphertext data upon retrieval requests.[3] This gives the enterprise the perceived control of its own keys, and producing its own master key by relying on its own internal hardware security modules (HSM) that is then transmitted to the HSM within the cloud. Data owners may believe their data is secured because the master key lies in the enterprise's HSM and not that of the cloud service provider.[4] When the data is no longer needed (i.e. when cloud users choose to abandon the cloud service), the keys can simply be deleted. That practice is called crypto-shredding.
See also
References
- ↑ Rouse, Margaret (22 February 2014). "BYOE(Bring Your Own Encryption)". http://whatis.techtarget.com/definition/BYOE-bring-your-own-encryption. Retrieved 10 April 2015.
- ↑ "Control of Your Cloud Data Encryption with Bring Your Own Encryption (BYOE)" (in en-US). 2021-09-21. https://parachute.cloud/.
- ↑ Steve, Wexier (24 March 2014). "Solving Cloud Security Will Open Adoption Floodgates". http://it-tna.com/2014/03/24/solving-cloud-security-will-open-adoption-floodgates/. Retrieved 10 April 2015.
- ↑ Zhang, Hongwen (6 April 2015). "Bring your own encryption: New term in the cloud age". http://www.networksasia.net/article/bring-your-own-encryption-new-term-cloud-age.1428310233. Retrieved 10 April 2015.
 |  |
