3287 - 企业级密钥库：密钥管理成熟度之旅.pdf

《3287 - 企业级密钥库：密钥管理成熟度之旅.pdf》由会员分享，可在线阅读，更多相关《3287 - 企业级密钥库：密钥管理成熟度之旅.pdf（43页珍藏版）》请在三个皮匠报告上搜索。

1、Orlando,FLOctober 69IBM TechXchange 2025Session code 3287Vault for the Enterprise:Secrets Management Maturity JourneyFraser PollockHashiCorp(an IBM Company),Principle Solutions EngineerAgenda010203040506Platform Maturity JourneyConsumer Maturity JourneyVault InternalsIn The EngineSecure Introduction

2、SummaryIBM TechXchange|2025 IBM CorporationPlatform Maturity Journey IBM TechXchange|2025 IBM Corporation3Platform Maturity Journey Static SecretsDynamic SecretsCustom Secret EnginesPost Quantum CryptographyCustom Identity FrameworkKMIPIBM TechXchange|2025 IBM Corporation4Consumer Maturity Journey I

3、BM TechXchange|2025 IBM Corporation5Consumer Maturity Journey Secret StorageCopy and PasteProvisioners Orchestrators PlatformsNative Client LirbariesVault AgentConfiguration ManagementIBM TechXchange|2025 IBM Corporation6Vault InternalsIBM TechXchange|2025 IBM Corporation7How Vault WorksIBM TechXcha

4、nge|2025 IBM Corporation8Authentication WorkflowIBM TechXchange|2025 IBM Corporation9Vault+AuthenticatingBefore a client/user can interact with Vault,it must authenticate against an authentication backend.Once authenticated,a token is returned to the user/client with any defined and/or appropriate p

5、olicies.Authentication Workflow(detail)IBM TechXchange|2025 IBM Corporation10Secrets WorkflowIBM TechXchange|2025 IBM Corporation11Vault+SecretsAuthentication Token RequiredSecrets can be stored and generated.Some secrets can generated dynamically,while others are verbatim.Secrets are returned to th

6、e user/client with any defined and/or appropriate policies.Secrets Workflow(detail)IBM TechXchange|2025 IBM Corporation12Vault+Security PoliciesIBM TechXchange|2025 IBM Corporation13Policies with VaultVault uses policies to manage and safeguard access and secret distribution to applications and infr