摘要 |
The present invention discloses methods and devices for key management in an as-a- service (aaS) context. Methods include the steps of: upon receiving a creation request in a provider computing-environment, creating a specific key in at least one location in the provider computing-environment by repetitively computing respective specific-key contributions: in a set of N computing resources in the provider computing-environment; and in a set of M customer locations in a customer computing-environment; and applying the respective specific-key contributions to change a specific-key value in the computing resources, wherein the respective specific-key contributions are never revealed to any computing resources, and to any customer locations, other than respective contributors; wherein at least one location is a region of memory located in a computing resource operationally connected to the provider computing-environment, wherein the customer locations are regions of memory located in a computing resource operationally connected to the customer computing-environment. |