I am trying to understand the security benefits that Azure Key Vault would offer (or equally AWS KMS)
I understand the benefits of key management, of being able to easily rotate, change, audit key access.
What perplexes me a little though is how it is more secure.
As I understand it, if I develop a web application and want to protect my connection string (for instance) I can create a key pair in Key Vault and save it there. I then create an application in AAD, and use the client ID/Secret/URI to authenticate to Key Vault to obtain my connection string. There is also the possible benefit of restricting that further by Resource Group.
However this now means I have a client ID/Secret/URI to protect.
How is this better?
P.S. I'm not a developer! I just like to poke around in these things to understand them from a devops point of view. So if you could aim your answer at the typical clueless ops guy, that would be appreciated ;)
答案 0 :(得分:7)
Azure Key Vault使用Thales的硬件安全模块(HSM)。关于HSM的特殊之处在于他们没有给你钥匙。您可以在HSM中创建或导入密钥。稍后,您将数据提供给HSM,HSM正在对该数据执行加密操作。例如。加密,解密,散列等。顺便说一下,那些硬件设备真的很贵。使用Azure Key Vault,您可以以较低的价格使用此保护。这是使用Azure Key Vault的一个好处。
问题为何更安全:密钥比受到危害的单个虚拟机更有价值。如果您的某个虚拟机已遭到入侵,并且您的虚拟机上有加密密钥,则攻击者会拥有您的密钥。
如果您的VM上只有您的客户端ID和密码,则攻击者只拥有这些凭据,但不包含您的密钥。正如您所知,即使使用这些凭据,攻击者也无法从HSM获取密钥。这意味着攻击者可以使用您的凭据在一定时间内执行加密操作。一旦您识别出攻击,您就会使凭据失效。
简而言之,差异如此:
没有HSM:攻击者拥有您的密钥,只要他们想要(并且它们有效)就可以使用这些密钥。
使用HSM:攻击者没有您的密钥,只能使用您的凭据执行加密操作,只要它们有效。
答案 1 :(得分:0)
从开发人员的角度来看,要了解azure key Vault的概念,我建议使用此链接 -
https://azure.microsoft.com/en-in/documentation/articles/key-vault-whatis/
它描述了开发人员在3个不同视角中对azure key vault的需求 -
1. Developer for an Azure application
2. Developer for Software as a Service (SaaS)
3. Chief security officer (CSO)
然而,Azure密钥保管库尚未完全由微软发布。完整的密钥保险库将于2015年12月发布,这将是ARM的扩展功能。