POLICY ENFORCEMENT WITH ASSOCIATED DATA

摘要

Requests submitted to a computer system are evaluated for compliance with policy to ensure data security. Plaintext and associated data are used as inputs into a cipher to produce ciphertext. Whether a result of decrypting the ciphertext can be provided in response to a request is determined based at least in part on evaluation of a policy that itself is based at least in part on the associated data. Other policies include automatic rotation of keys to prevent keys from being used in enough operations to enable cryptographic attacks intended to determine the keys.

主权项

1. A computer-implemented method for enforcing policy, comprising:
under the control of one or more computer systems configured with executable instructions,
using an authenticated encryption mode of a cipher to generate, based at least in part on a key, plaintext and associated data, an authenticated ciphertext;associating a policy with the key, the policy specifying a condition, based at least in part on the associated data, for providing the plaintext;receiving, in connection with a request to decrypt the authenticated ciphertext using the key, purported associated data;verifying, based at least in part on the purported associated data and the authenticated ciphertext, that the purported associated data matches the associated data;as a result of verifying that the purported associated data matches the associated data, determining, based at least in part on the purported associated data, whether the policy allows providing the plaintext; andproviding the plaintext as a result of determining that the policy allows providing the plaintext.