1. Field of the Invention
The present invention relates to computer security. More specifically, the present invention relates to a method and apparatus for managing cryptographic keys in a computing environment.
2. Related Art
In an effort to protect information from getting into the wrong hands, users often employ cryptographic techniques when storing and/or transmitting confidential information. For example, common cryptographic techniques typically involve using a decryption key to decrypt information that has been encrypted with a corresponding encryption key. Note that the decryption key and the encryption key can be the same key in some instances. By using these cryptographic techniques, the problem of protecting information is transformed into the problem of protecting cryptographic keys.
Each client or system that uses cryptographic techniques typically employs some type of strategy or mechanism to protect the corresponding cryptographic keys from unwanted distribution. However, management of cryptographic keys can be burdensome, especially for a client that rarely has need for a cryptographic key. Organizations that have many clients who require cryptographic keys often provide many different systems for protecting these cryptographic keys. This can result in a large amount of time and resources being used to manage cryptographic keys. Additionally, a key management system may need to manage keys for many different clients, each of whom may have different requirements. These different requirements can greatly increase the complexity of a key management system.
Hence, what is needed is a method for managing cryptographic keys without the problems listed above.