+CRY-19 Secure Handling of Customer Managed Keys
---+CRY-19.01B
---+CRY-19 Supplementary Information - Complementary Customer Criteria

1. Übersicht

CRY-19 Secure Handling of Customer Managed Keys

-
CRY-19.01B The cloud service provider implements procedures and technical safeguards to ensure the secure handling of cryptographic keys managed by cloud service customers. In these procedures, the following aspects are considered:

1. Secure integration of customer-generated keys ('Bring-Your-Own-Key'; BYOK) into the cloud environment;
2. Logging of all activities related to customer-managed keys; and
3. Definition of access control mechanisms to enable that only authorised users can gain access to customer-managed keys.
CRY-19 Supplementary Information - Complementary Customer Criteria Cloud service customers ensure with suitable controls that their agreements with the cloud service provider include robust procedures and technical safeguards for the secure handling of customer-managed cryptographic keys. Cloud service customers ensure that these procedures address the secure integration of their keys into the cloud environment, comprehensive logging of all activities related to their keys, and clearly defined access control mechanisms to restrict access solely to authorised users.

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen

3. Related Regulations

Regulations
Impressum