The problem of data privacy and information security is generally solved in modern computers and network systems using encryption. Encryption methods, technologies, and products necessarily involve at least one, if not multiple pieces of “secret” information. This information may take the form of keys, passwords, pass phrases, salts, etc. The management of that secret information is quite complicated, in many cases.
In general, it is difficult to use such information securely in places where automation (such as running regular backups, booting, and rebooting systems) is required. In these cases, the secret information is either stored locally on the system (in which case the secret information, such as a key, is completely vulnerable and insecure to an offline attack), or these “automated” processes require human intervention.
In solutions in which the secret data is just stored locally on the system, the file may be stored in an obscure location on disk, in a hidden file, or readable only by a certain user. However, all of these can be subject to offline attacks (where the attacker has local physical access, or remote root access).
This secret data might also be encrypted using a simpler, symmetric pass phrase, but again, the problem arises as to where that wrapping pass phrase is stored. Many (if not most) programs, scripts, or automations just hard code secret values directly into the source code—which is extremely vulnerable to attack through simple inspection. Perhaps the most sophisticated, specialized (and expensive solution) is a technology known as an HSM (hardware security module). This specialized hardware handles key management on a local basis, but requires (near-) physical connections to the hardware requiring keys. Otherwise, human intervention is required to actively provide the necessary keys to the system in real time. As can be appreciated, having a human system administrator ready to physically log into a console each time a server needs access to some secret information is impractical for large scale systems.