Open Telekom Cloud for Business Customers

Key Management Service (KMS)

Data is the core asset of every enterprise, each of which has its sensitive data which needs to be encrypted and protected from a breach. The Key Management Service (KMS) of the Open Telekom Cloud is a secure, reliable, and easy-to-use cloud service that helps users create, manage, and protect keys in a centralized manner.

During implementation, the KMS uses hardware security modules (HSMs) for the professional management of key security. HSMs serve to handle encryption and decryption processes, while a dedicated API is used to access the service. The Open Telekom Cloud allows users a variety of functions, including the ability to deploy their own keys ("bring your own key", BYOK), or "grant customer master key", which allows owners of tenants to issue temporary permissions for access to encrypted data. 

 A computer chip with an imbedded padlock

Reasons for KMS in the Open Telekom Cloud

Icon of a hand pointing with slider toggles in the background

Easy Use

The KMS generates and stores public keys for accessing data in the Open Telekom Cloud and makes them available to the respective user. It combines the essential security requirements placed on a cloud with usability, as users can manage their keys directly via the console.

Icon of a shield protecting cloud servers

Secure Access

Secure access to your data and integration with other Open Telekom Cloud services is ensured. Cloud Trace (CTS) logs operations on keys and thereby helps fulfil audit and compliance requirements.

Icon of a server stack with joined puzzle pieces in the background

Seamless Integration

KMS can be integrated with OBS, EVS, IMS, and more, enabling a secure and easy data encryption. APIs are also supported, meaning you can call APIs to integrate the KMS into your data encryption applications.


Key Features of KMS

Male hands typing on a laptop with a hologram in the foreground displaying many apps.

BYOK

The Open Telekom Cloud allows users to deploy their own keys (bring your own key), giving you greater control over the creation and durability of your keys.

 
 Icon of storage hardware with two clockwise turning arrows

Multiple Backups

The KMS stores customer master keys (CMKs) redundantly online, physically backs up root keys in multiple copies offline, and performs regular backups to ensure key persistence.

Icon of a key surrounded by a circular arrow

Lifecycle Key Management

Supports full management and lifecycle management of your keys (create, enable, disable, delete, import, rotate, and authorize keys).


Use Case: Temporary Data Access

KMS provides central management and control capabilities of keys for storage services (e.g. for Object Storage Service (OBS)), platform services (e.g. for Relational Database Service (RDS)), and user applications. It is perfectly suited for data encryption and decryption scenarios.

  • Temporary access rights to encrypted data for (temporary) external workforce
  • No further administration necessary with "Grant Master Key"
  • Addresses customer demands for higher security (e.g. protection of intellectual property, industry standards, inhouse regimes, etc.)
  • Underlines Open Telekom Cloud's security focus
KMS Use Case: Temporary Data Access
 

New Features

Configure fine grained access rights for Key Management Service via IAMView Details
System-Disk encryption available in EU-NLView Details
KMS supports Sign & VerifyView Details

Find out more


Do you have any questions?

Are you interested in KMS or do you have any questions regarding KMS? I will be happy to answer your questions in a free consultation!

T-Systems International GmbH
Tino Fehnle

Tino Fehnle
Please enter a valid phone number!

* required fields

 
  • Communities

    The Open Telekom Cloud Community

    This is where users, developers and product owners meet to help each other, share knowledge and discuss.

    Discover now

  • Telefon

    Free expert hotline

    Our certified cloud experts provide you with personal service free of charge.

     0800 3304477 (from Germany)

     
    +800 33044770 (from abroad)

     
    24 hours a day, seven days a week

  • E-Mail

    Our customer service is available free of charge via E-Mail

    Write an E-Mail