Fortanix does not have access to customer keys. The keys, including the key material and the related metadata, are encrypted both in use and at rest using an encryption key which is derived by the Self-Defending KMS process and the Intel® SGX processor, and is unknown to Fortanix.
- Can I use a proxy with Self-Defending KMS?
- Does Self-Defending KMS include a Web Application Firewall (WAF)? Should I configure a WAF with Self-Defending KMS?
- How does Self-Defending KMS compare with other KMS?
- Can I import keys into Self-Defending KMS?
- Where is encryption and decryption done if I use Self-Defending KMS?
- Can Fortanix employees access my keys?
- Where do my keys live if I use Self-Defending KMS?
- How does Self-Defending KMS work?
- What cryptographic operations are available in Self-Defending KMS?
- What key management features are available in Self-Defending KMS?