Below is the architecture for a data protection service. It provides a Hold Your Own Key (
Fantastic news! We've Found the answer you've been seeking!
Question:
Below is the architecture for a data protection service. It provides a Hold Your Own Key HYOK solution to enable customers who require additional datacentric protection measures to address more stringent privacy regulations, such as not storing encryption keys in AWS.
Endofday pointofsale POS data is downloaded from wholesaleretail partner systems and saved onpremises. Data ingestion layer uses the encryption key held onpremises with FormatPreserving Encryption FPE mechanism to tokenize, anonymize, and map data flow for both structured and unstructured data, when additional protection is needed, before the data is sent to AWS. Data consumption layer uses the decryption key held onpremises to decrypt, detokenize, and map data flow back to its cleartext form before it is used by the onpremises applications or users.
Related Book For
Posted Date: