AWS KMS 十年发展历程：架构如何演变以赢得客户信任.pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.S E C 2 1 8AWS KMS over the decade:How architecture evolved to earn customer trustKevin LeeSr.Product Manager-TechnicalAmazon Web ServicesSamuel WaymouthSr.Complianc

2、e SpecialistAmazon Web Services 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Agenda1.Look into how AWS Key Management Service(KMS)architecture evolved over the years from the product lens2.Understanding the difference between having control vs.having ownership of encryption key

3、s,and how AWS KMS gives you choices for managing your keys3.See how encryption and authorization works together in solving digital sovereignty use cases4.Learn about our new independent cloud AWS European Sovereign Cloud 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.A W S K M SW

4、hy was it needed?A short look at the state of the world a decade agoGrowing demand from regulated industries(e.g.,financial services,healthcare,government)Desire for more control;need for customer-managed encryption keyTraditional key management strategies conflicted when scaling to the cloud 2025,A

5、mazon Web Services,Inc.or its affiliates.All rights reserved.Three design tenets of AWS KMSSecurityDurabilityAvailabilityCustomers trust us to protect their most sensitive dataCustomers rely on us to safeguard their keys from any eventCustomers depends on us to run their most demanding workload 2025

6、,Amazon Web Services,Inc.or its affiliates.All rights reserved.Three design tenets of AWS KMSSecurityDurabilityAvailabilityCustomers trust us to protect their most sensitive dataCustomers rely on us to safeguard their keys from any eventCustomers depends on us to run their most demanding workloadTra