1. KMIP Cloud Use Cases

ballooncadgeInternet και Εφαρμογές Web

31 Οκτ 2013 (πριν από 3 χρόνια και 9 μήνες)

122 εμφανίσεις

1.

KMIP Cloud
Use Cases

These use cases describe the interactions between KMIP clients and servers in which the client
resides within an enterprise and the server resides within a separate cloud service provider (CSP)
environment. The use cases apply to two
deployment models:

-

The server is specific to a given enterprise and is in a dedicated sub
-
environment within
the CSP infrastructure, dedicated to that tenant.


-

The server is a shared component within the CSP infrastructure, used by multiple
tenants.

The de
ployment
model

in which the server for the tenant in a CSP is de
dicated to that tenant i
s
shown in Figure 1.


Figure 1: Dedicated Key Server in CSP Infrastructure

Use cases applicable to this infrastructure include:

-

Tenant application accessing tenant KM
(both in CSP)

-

CSP admin managing allocation of resources to tenant

-

Tenant admin access to KM at CSP

-

Moving tenant keys to CSP

-

Creating tenant keys at CSP

The deployment model in which the server for the tenant in a CSP is dedicated to that tenant is
shown
in Figure 2.


Figure 2
:
Shared

Key Server in CSP Infrastructure

Use cases application to this deployment model include:

-

Tenant application access to CSP key manager

-

CSP key admin access to CSP key manager (including segregation of duties)

-

Tenant key admin
access to CSP key manager (including segregation of duties)

-

Tenant keys moved to CSP shared infrastructure

-

Tenant keys created in CSP

-

Tenant keys migrated to alternate CSP

Use cases are described for each of these two deployment models. The applicable
model for
each use case is defined in the “Applicable Deployment and Service Models” for each use case.


1.1
Use Case 1:
A
pplication accessing tenant KM

1.1.1

Description / User Story

As described in its specification,
KMIP
exchanges between a client and s
erver support a number
of operations on any of a number of objects with any of a number of attributes.
For the cloud, at a
generic level, the use case is similar to any KMIP client/server exchange. However, the request
for KMIP operations by a CSP have imp
ortant implications in terms of the trust establishment
model

(TLS channel may be proxied by CSP)
, protection of keys
(requirement for key wrapping)
and the key
-
related
context that must be exchanged (tenant information).

1.1.
2
Goal or Desired Outcome

The goal of this use case is to have the server located within a CSP perform an operation on
behalf of the client.

This includes not only the ability of the server to support the message
exchange protocol, but also
to perform the operations, understand th
e objects and interpret the
attributes as expected by the client.

1.1.
3 Notable Categorizations and Aspects


Categories Covered:



Trust establishment



KMIP client request



KMIP server response


Applica
b
le Deployment and Service Models:



Dedicated KMIP server i
n CSP

Actors:



KMIP
Client



KMIP Server


Systems:



KMIP
Software Client Applications (Client)



KMIP Software
Server Application (Server
)



CSP
tenant

proxy

Notable Services:



None

Dependencies:



Servers and clients have X.509 certificates that can be used to
establish a mutually
-
authenticated communication between them.



Client has been configured to identify target server and to accept server credential



Server has been configured to accept client credential and request.



Client and server systems are active and

able to initiate (client) and receive (server)
messages.


Assumptions:



Client and server

credentials contain unique
i
dentifiers

that can be used to authenticate
and authorize communication between them.



1.1.
4
Process Flow

1

Client creates KMIP request m
essage.

1.1

Client

2

Client establish
es

secure channel

with server using mutually authenticated TLS

2.1

Client uses TCP/IP address and port number to contact server.

2.2

CSP proxy accepts client request and
negotiate
s

mutual
ly authenticated secure
channel with client.

2.3

CSP proxy negotiates mutually authenticated secure channel with server.

3

Client requests operation from server

3.1

If performing operation such as register, client wraps object to be sent to server.

3.2

Client creates request message including additional context re
garding their tenancy
at CSP.

3.3

Client records request message according to configured policy.

3.4

Client sends message via established secure channel.

4

Server responds to client request

4.1

Proxy receives message and forwards to server.

4.2

Server accepts client message

across mutually authenticated secure channel.

4.3

Server records client request according to
configured policy.

4.4

Server
processes client request and
creates response message.

4.5

Server records request message according to configured policy.

4.6

Server sends message v
ia established secure channel to proxy.

4.7

Proxy sends message to client.

5

Client receives server response

5.1

Client accepts message across mutually authenticated secure channel.

5.2

Client
records response message according to configured policy.

5.3

Client takes appropr
iate action for the response.

1.2
Use case 2: CSP admin manages

allocation of resources to
tenant

1.3 Use case 3:
Tenant admin access to KM at CSP

1.
4

Use case 4:
Moving tenant keys to CSP

1.5 Use case 5:
Creating tenant keys at CSP

1.6
Tenant application
access to CSP key manager

1.7
CSP key admin access to CSP key manager (including
segregation of duties)

1.8
Tenant key admin access to CSP key manager (including
segregation of duties)

1.9
Tenant keys moved to CSP shared infrastructure

1.10
Tenant keys created in CSP

1.11
Tenant keys migrated to alternate CSP