Login
      Contents x
      Key Management Service glossary
        • Print
        • PDF
        Contents

        Key Management Service glossary

          • Print
          • PDF
          Article Summary

          Available in Classic and VPC

          Some terminology is crucial in using Key Management Service. The glossary and its description are as follows.

          Key Management Service administrator

          A sub account granted managed policy NCP_KMS_MANAGER through Sub Account

          Symmetric Key-based Encryption

          Encryption method that uses the same keys for encryption and decryption. Create ciphertext and plaintext by repeating substitution and transposition on data bits, and encryption generally uses the symmetric-key method to guarantee data confidentiality.

          Data Key (or data encryption key)

          A key that is directly applied to data encryption. This refers to a key that you store yourself, and is referred to in this guide as a data key, data encryption key, DEK, etc.

          Root key

          Top-level key that protects that KMS system. All key data of KMS are encrypted using the root key and stored in the storage.

          Decryption

          The process of converting a ciphertext that has been converted through an encryption back into the original data (plaintext)

          Seal

          Behavior of encrypting data keys or credentials

          Asymmetric Key-based Encryption

          Cryptography that uses different keys for encryption and decryption upon data en/decryption (public key encryption method). Create ciphertext/plaintext by calculating data and keys mathematically. The keys used are composed of a pair of key values that can be made public and key values that must remain secure.

          User-managed key

          Key that a customer creates and manages on KMS. The key value cannot be explicitly viewed no matter the circumstance (even if it is the system operator) and is not exposed outside the KMS system. The key is generally recommended to be used to seal data keys or credentials, and is referred to as the 'key' or 'master key' in the KMS usage guide.

          Encryption

          Processing of converting plaintext data by random manipulation, into ciphertext information that cannot be read

          Credentials

          All data used for credentials, not only the data key, but also passwords, private keys for certificates, and others

          Key Store

          A key store per customer using the Key Management Service. All keys created by a customer are stored in their own key store, and each key store is logically isolated and managed. Key stores can be accessed and managed through the Key Management Service console.

          Rotation

          Task of renewing keys in preparation against various cryptographic threats

          Note

          To see a full list of terms and definitions, go to Glossary from the NAVER Cloud Platform portal.

          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout