Fileshare on cloud with a rotating private key .. what a mouthful!

Question

So, one of the security architects around me was pulling his hair out (what little of it there was to start with) as he is presented with this scenario&nbsp;
User A creates a file using a well-known office product.
It contains highly sensitive information and he wants it secured and encrypted.
But it must be stored on a disk, in a cloud facility. (Shared/Dedicated options available)
SSL to be used, but the user must control the private key.&nbsp;
He asks me, can the F5 do this?&nbsp;
The questions to be answered
1) How is access control measured? (Who can decyrpt this?)
2) Where is the private key stored (the customer must have control of it)
3) There will be a million and a half keys and will have to be rotated without the file being decrypted first.&nbsp;
Is this something we can do?&nbsp;

taunan_89710 · Answer

Duncan,&nbsp;
The BIGIP can be used for encrypted transport via TLS and we can even encrypt fields in the DOM of a web app using Fraud Protection Services.  However storage encryption is not a current feature in F5's stable of products.  We can certainly be customized to be involved for transport and network access but management of the actual file and it's keys would be best handled by another device.&nbsp;

Forum Discussion

Fileshare on cloud with a rotating private key .. what a mouthful!

1 Reply

Recent Discussions

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

google-visualization-issues

google autenticator broken barcode

Related Content

Writing to and rotating custom log files

Why by default, configured to rotate the log file after 3AM or 4AM?

Add post rotate action to LTM log rotation

F5 Logs Rotates very faster

log rotation configuration