MarketplaceCommunityDEENDEENProductsCore ServicesRoadmapRelease NotesService descriptionCertifications and attestationsPrivate CloudManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorMarketplaceSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesMarketplaceCommunity

0800 3304477 24 hours a day, seven days a week

Write an E-mail 

Book now and claim starting credit of EUR 250
ProductsCore ServicesPrivate CloudManaged ServicesBenefitsPricesPricing modelsPrice calculatorSolutionsIndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsCommunityLibraryBusiness NavigatorMarketplaceSupportSupport from expertsHelp toolsTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiries
  • 0800 330447724 hours a day, seven days a week
  • Write an E-mail 
Book now and claim starting credit of EUR 250

Key Management Service (KMS)

Data is the core asset of every enterprise, each of which has its sensitive data which needs to be encrypted and protected from a breach. The Key Management Service (KMS) of the Open Telekom Cloud is a secure, reliable, and easy-to-use cloud service that helps users create, manage, and protect keys in a centralized manner.

During implementation, the KMS uses hardware security modules (HSMs) for the professional management of key security. HSMs serve to handle encryption and decryption processes, while a dedicated API is used to access the service. The Open Telekom Cloud allows users a variety of functions, including the ability to deploy their own keys ("bring your own key", BYOK), or "grant customer master key", which allows owners of tenants to issue temporary permissions for access to encrypted data. 

 A computer chip with an imbedded padlock

Reasons for KMS in the Open Telekom Cloud

Icon of a hand pointing with slider toggles in the background

Easy Use

The KMS generates and stores public keys for accessing data in the Open Telekom Cloud and makes them available to the respective user. It combines the essential security requirements placed on a cloud with usability, as users can manage their keys directly via the console.

Icon of a shield protecting cloud servers

Secure Access

Secure access to your data and integration with other Open Telekom Cloud services is ensured. Cloud Trace (CTS) logs operations on keys and thereby helps fulfil audit and compliance requirements.

Icon of a server stack with joined puzzle pieces in the background

Seamless Integration

KMS can be integrated with OBS, EVS, IMS, and more, enabling a secure and easy data encryption. APIs are also supported, meaning you can call APIs to integrate the KMS into your data encryption applications.


Key Features of KMS

Male hands typing on a laptop with a hologram in the foreground displaying many apps.

BYOK

The Open Telekom Cloud allows users to deploy their own keys (bring your own key), giving you greater control over the creation and durability of your keys.

 
 Icon of storage hardware with two clockwise turning arrows

Multiple Backups

The KMS stores customer master keys (CMKs) redundantly online, physically backs up root keys in multiple copies offline, and performs regular backups to ensure key persistence.

Icon of a key surrounded by a circular arrow

Lifecycle Key Management

Supports full management and lifecycle management of your keys (create, enable, disable, delete, import, rotate, and authorize keys).


Use Case: Temporary Data Access

KMS provides central management and control capabilities of keys for storage services (e.g. for Object Storage Service (OBS)), platform services (e.g. for Relational Database Service (RDS)), and user applications. It is perfectly suited for data encryption and decryption scenarios.

  • Temporary access rights to encrypted data for (temporary) external workforce
  • No further administration necessary with "Grant Master Key"
  • Addresses customer demands for higher security (e.g. protection of intellectual property, industry standards, inhouse regimes, etc.)
  • Underlines Open Telekom Cloud's security focus
KMS Use Case: Temporary Data Access
 

New Features

Configure fine grained access rights for Key Management Service via IAMView Details
System-Disk encryption available in EU-NLView Details
KMS supports Sign & VerifyView Details
Don't want to miss any updates?Visit our portfolio roadmap and discover new services and updates.
Learn more

Find out more


Do you have any questions?

Are you interested in KMS or do you have any questions regarding KMS? I will be happy to answer your questions in a free consultation!

T-Systems International GmbH
Tino Fehnle

Tino Fehnle
Your phone number seems to be incorrect. Please note it must contain at least four digits. Zeros at the beginning are not considered.
Your phone number seems to be incorrect. Please note that it must have a maximum of 26 characters.
Your phone number appears to be incorrect. Please note that only numbers from 0 to 9 can be used.

* required fields

 

The Open Telekom Cloud Community

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant Cloudia

Our AI-powered search helps with your cloud needs.