The keys, as well as other types of secrets stored in Fortanix Data Security Manager (DSM), are held in an encrypted database when not in use. When in use, the keys are only available inside a secure enclave created using IntelĀ® SGX technology, which ensures that the key material is never available in plaintext to any software component on the node other than Fortanix DSM itself. This includes the OS, hypervisor, BIOS, co-tenant VMs, etc. Fortanix DSM-managed key material is also never exposed in plaintext on the system memory bus or on any other physical interface outside the processor package.
Comments
Please sign in to leave a comment.