Cloud Key Management Service—Deep Dive2 Table of contents 1. Introduction 3 2. Encryption concepts and key management at Google 5 2.1. Keys, key versions, and key rings 5 2.2. Key hierarchy 6 2.3. Operations 7 3. Cloud KMS platform overview 7 3.1. Environment and dependencies 9 3.1.1. Cloud KMS Borg jobs 9 3.1.1.1. Cloud KMS API serving jobs 9 3.1.1.2. Cloud KMS batch jobs 9 3 . 1 . 1 . 3 . C loud KM S k e y sna psho tt er 1 0 3 . 1 . 2 . C li e n t - se r v e r c o mm u ni c a t i o ns 1 0 4. Cloud KMS platform architectural details 11 4.1. Security of key materials 11 4.2. Datastore protection 12 4.2.1. Master Keys 12 4.2.2. Rotation policy 12 4.2.3. Data residency 13 4. 3 . K e y a vailabili t y a ft er cr ea t ion 12 4.4. C lo

Join for free to read