Key Management:
- Another consideration is protecting your keys and certificates.
- If someone stole your keys and/or your certificates, this would be a serious risk to the entire security cycle.
- Having your private keys and certificates/public keys stolen allows thieves to impersonate you and thus, compromising your data integrity, authentication and possibly even authorization.
- Key management can be done by many different methods:
- Keep keys and certificates in a secure resource such as LDAP or security software.
- Keep keys on physical devices such as smart cards.
- Use programmatic management.