Login
March 30, 2013|
Voiced by Amazon Polly |
AWS just released a new service CloudHSM which stands for Cloud Hardware Security Module.
Typically companies that needed their data encrypted before storing into AWS S3, or any other service, needed to manage these encryption keys themselves. Mostly these key were stored on-premise and thus it made hard co-ordinating with application and data in AWS. Also, performance was affected as the application in AWS has to contact on-premise services to use these keys.
Enter, AWS CloudHSM and some of these problems will go away. HSM is a dedicated hardware device that will store cryptography encryption and decryption keys. For any application needing encryption, first a Virtual Private Cloud (VPC) subnet needs to be created, then a HSM is provisioned in that subnet, and the applications in that VPC will then be able to use that HSM device via that ip-address assined to that HSM device. Thus there will be no need to store cryptograpic keys on-premise, making the application fully on cloud, and also decreasing the latency for the cloud applications to access the device.
The device is really expensive at USD 5,000 per device one time cost. Also the per hour rate is $1.88 per hour, making it a costly affair. So its really an enterprise service only suited for medium to large corporations. We would have been thrilled if this service was also provided as a pay per use service, so that at least startups and smaller organisations were able to try it out.
More information on this service: https://aws.amazon.com/cloudhsm/
WRITTEN BY Bhavesh Goswami
Bhavesh Goswami is the Founder & CEO of CloudThat Technologies. He is a leading expert in the Cloud Computing space with over a decade of experience. He was in the initial development team of Amazon Simple Storage Service (S3) at Amazon Web Services (AWS) in Seattle. and has been working in the Cloud Computing and Big Data fields for over 12 years now. He is a public speaker and has been the Keynote Speaker at the ‘International Conference on Computer Communication and Informatics’. He also has authored numerous research papers and patents in various fields.
PREV
Comments