Technical Field
Various embodiments described herein relate generally to the field of electronic data security and more particularly to the secure storage and management of credentials and encryption keys.
Related Art
In order for a user to be able to store and retrieve data, there must be a way to identify that user and protect their data from being accessed by any other user. Traditionally, this is performed by “front-end” software where the user is authenticated and authorized through a login process.
The conventional login process is associated with a number of documented weaknesses. For example, in many systems, the login step is commonly considered a part of the user interface (UI) and a separate entity from the security bubble. The problem is magnified in cases where in-house developers, having limited background in security, attempt to build custom login authentication and authorization systems. As such, a malicious user can potentially have access to other users' data once that user is successfully completes the login process.
Thus, what is needed is a system and method for secure storage and management of credentials and encryption keys.