Reputation: 252
AES Key Storage Azure
Ive been looking for few weeks now on the best way to store my encryption keys when i host my application within Azure - although ive read many articles/forums etc. im still completely lost and would just like some clarification. Here is a quick overview of my application.
A user will create a group which many people can be invited to and once in a group you can then upload documents to that group so that people can view them, now what i am wanting is for every document which has been uploaded to be encrypted with AES and stored in my database.
but where do i store the IV and key while in Azure? I was thinking about setting up another database within Azure which will only store my IV/Key and maybe the DocumentId to link back to it.
Is that the best way?
My web app will be created in .NET
Upvotes: 0
Views: 1201
Answers (2)
Reputation: 354
Recently there has been Azure key vault service that is launched that would be a perfect fit for this scenario. Key vault is a HSM-backed service for for managing cryptographic keys and secrets.
Here is a small article that I had written on Getting Started with Azure Key Vault
Upvotes: 0
Reputation: 306
Sounds like a similar goal as keeping sensitive connection string secure - if so, here is a nice blog post series: http://blogs.msdn.com/b/sqlazure/archive/2010/09/09/10059889.aspx?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+SiteHome+(Microsoft+%7C+Blog+%7C+MSDN)
Upvotes: 0
Related Questions
- AES Encryption and key storage?
- Retrieve AES key bytes
- Store Azure Key Vault clientSecret securely
- How can I securly store an AES key in Windows with .Net (C#)?
- C# - Using Azure Key Vault with Azure Storage on Native App
- Azure Storage Client Side Encryption
- Is it possible to create a key vault in Azure via c#
- Sql Azure storage key info
- How to store encryption key .NET
- Cryptographic Key Storage