Tips for Cryptographic Key Management

NIST Guidance Offers a Framework for Designers
Tips for Cryptographic Key Management

The National Institute of Standards and Technology has issued new guidance for designing cryptographic key management systems.

See Also: Going Selectively Active for Comprehensive OT Visibility

NIST Special Publication 800-130, A Framework for Designing Cryptographic Key Management Systems, describes topics that designers should consider when developing specifications.

NIST says the goal of the framework is to guide designers in creating a complete, uniform specification that can be used to build, procure and evaluate the desired cryptographic key management system. The framework:

  • Helps define the design task by requiring the specification of significant capabilities;
  • Encourages designers to consider the factors needed in a comprehensive cryptographic key management system;
  • Spurs designers to consider factors and mechanisms that, if properly addressed, can provide security to the system;
  • Compares different compliant cryptographic key management system systems and their capabilities;
  • Aids in performing a security assessment by requiring the specification of implemented and supported cryptographic key management system capabilities; and
  • Forms the basis for a federal cryptographic key management system profile.

"For each topic, there are one or more documentation requirements that need to be addressed by the design specification," the guidance says. "Thus, any CKMS that addresses each of these requirements would have a design specification that is compliant with this framework."


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.