Login
      Contents x
      Key Management Service glossary
        • Print
        • PDF
        Contents

        Key Management Service glossary

          • Print
          • PDF
          Article summary

          Available in Classic and VPC

          Some terminology is crucial in using Key Management Service. The glossary and its description are as follows:

          Key Management Service Administrator

          Sub account that has been granted the managed policy NCP_KMS_MANAGER through Sub Account

          Symmetric Key-based Encryption

          An encryption type that uses the same key for encryption and decryption. Creates ciphertext and plaintext by repeatedly performing substitution and transposition on data bits; encryption generally uses symmetric key method for ensuring data confidentiality

          Data Key (or data encryption key)

          The key directly applied to data encryption. This refers to a key that you store yourself, and is referred to in this guide as a data key, data encryption key, DEK, etc.

          Root key

          The system's highest-level key that protects the KMS system. All key data in KMS is encrypted with the root key and stored in storage

          Raw key

          Key data used for actual encryption/decryption. For example, when using AES 256 encryption, a 256-bit raw key is input into the encryption algorithm

          Decryption

          The process of converting ciphertext transformed through encryption back to original data (plaintext)

          Seal

          The act of encrypting data keys or credentials

          Asymmetric Key-based Encryption

          An encryption type that uses different keys for encryption and decryption of data (public key encryption method). Creates ciphertext/plaintext by calculating data and keys using mathematical principles, and the keys used consist of a pair of values: one key value that can be made public and another key value that must be kept secure

          User managed key (or key)

          A key that customers create and manage in KMS. Under no circumstances (even for system operators) can the key value be directly viewed or exposed outside the KMS system, and it is generally recommended to use it for sealing data keys or credentials. Referred to as "key" or "master key" in the KMS guide

          Encryption

          The process of converting data (plaintext) into meaningless information (ciphertext) by randomly manipulating it using a key

          Credentials

          All data used for authentication, including not only data keys but also passwords and private keys of certificates

          Key Store

          Key storage space created one per Key Management Service customer. All keys created by customers are generated in their own key store, and each key store is logically isolated and managed. Key stores can be accessed and managed through Key Management Service console

          Rotation

          The process of renewing keys to protect against various cryptographic threats

          Note

          For more information on terms, see Glossary on the NAVER Cloud Platform portal.

          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout