Bring your own encryption

Bring your own encryption(BYOE), also known asbring your own key(BYOK), is acloud computing securitymodel that allowscloud servicecustomers to use their ownencryption softwareand manage their ownencryption keys.^[1]BYOE enables cloud service customers to utilize a virtual instance of their encryption software alongside their cloud-hosted business applications to encrypt their data.^[2] In this model, hosted business applications are configured to process all data through the encryption software. This software then writes theciphertextversion of the data to the cloud service provider's physicaldata storeand decrypts ciphertext data upon retrieval requests.^[3]This approach provides enterprises with control over their keys and the ability to generate their own master key using internalhardware security modules(HSM), which are then transmitted to the cloud provider's HSM.^[4] When the data is no longer needed, such as when users discontinue the cloud service, the keys can be deleted, rendering the encrypted data permanently inaccessible. This practice is known ascrypto-shredding.

Potential Advantages

Organizations can store data with unique encryption that only they can access.^[5] Multiple organizations can share the same hardwareinfrastructurevia cloud services likeAmazon Web Services(AWS) orGoogle Cloudwhile maintaining encryption to comply with regulations such asHIPAA.

Potential Challenges

Resource utilization may be higher compared to traditional encryption practices when multiple users share the same hardware and use their own encryption. Efforts to minimize resource utilization issues may potentially impact security benefits.^[6]

References

^Rouse, Margaret (22 February 2014)."BYOE(Bring Your Own Encryption)".What Is.Retrieved10 April2015.
^"Control of Your Cloud Data Encryption with Bring Your Own Encryption (BYOE)".parachute.cloud.2021-09-21.Retrieved2023-12-25.
^Steve, Wexier (24 March 2014)."Solving Cloud Security Will Open Adoption Floodgates".IT Trends & Analysis.Archived fromthe originalon 20 April 2015.Retrieved10 April2015.
^Zhang, Hongwen (6 April 2015)."Bring your own encryption: New term in the cloud age".Networks Asia.Archived fromthe originalon 14 August 2017.Retrieved10 April2015.
^"Bring Your Own Encryption to the Public Cloud".Thales Group.Retrieved22 May2024.
^"THE RIGHT WAY TO THINK ABOUT BRING YOUR OWN KEY ENCRYPTION".Antimatter.Retrieved22 May2024.

Thiscomputer securityarticle is astub.You can help Wikipedia byexpanding it.

[1] Rouse, Margaret (22 February 2014)."BYOE(Bring Your Own Encryption)".What Is.Retrieved10 April2015.

[2] "Control of Your Cloud Data Encryption with Bring Your Own Encryption (BYOE)".parachute.cloud.2021-09-21.Retrieved2023-12-25.

[3] Steve, Wexier (24 March 2014)."Solving Cloud Security Will Open Adoption Floodgates".IT Trends & Analysis.Archived fromthe originalon 20 April 2015.Retrieved10 April2015.

[4] Zhang, Hongwen (6 April 2015)."Bring your own encryption: New term in the cloud age".Networks Asia.Archived fromthe originalon 14 August 2017.Retrieved10 April2015.

[5] "Bring Your Own Encryption to the Public Cloud".Thales Group.Retrieved22 May2024.

[6] "THE RIGHT WAY TO THINK ABOUT BRING YOUR OWN KEY ENCRYPTION".Antimatter.Retrieved22 May2024.

[1]

[2]

[3]

[4]

[5]

[6]

Bring your own encryption

Contents

Potential Advantages

Potential Challenges

See also

References