Secret Vault

Get Started

Issue Token-based Temporary Key and Manage Lifecycle

Secret Vault removes the need for hard coding text-based security information when accessing Samsung Cloud Platform with Open API. A token-based temporary key is generated to provide access to SCP services and resources. In addition, managing the lifecycle of temporary keys helps create a robust security environment when utilizing API.

Overview

  • Enhanced Security Environment

    With Secret Vault, users no longer need to enter hard-coded authentication information to the application source code as it generates a token-based temporary key. This, in turn, helps respond to various security threats.

  • Managing Temporary Key Based on Lifecycle

    Managing the lifecycle of temporary keys for security purposes becomes unnecessary as they are managed and rotated automatically based on the lifecycle rules configured.

  • Access to Various Resources

    Using a token issued on Secret Vault, users can access resources within Samsung Cloud Platform as well as external resources in enhanced security environments (Including that of other cloud service providers and on-premises).

01

04

Service Architecture

    Secret Vault
  • Token Management: Issue token, View token, Encrypt access key
  • Temporary key Management: Issue temporary key, Managing lifecycle of temporary key, Delete temporary key
  • IP-based access control
  • Job history management
    VPC
  • Virtual Server
  • Storage
  • ...
User (Developer) → Request products → Secret Vault → Issue tokens and temporary keys → User (Developer) → Configure token → APP → Use resources → VPC

Key Features

  • Adding token-based authentication and storing encrypted access key
    1. issue tokens using an access key and support a feature that issues a temporary key with tokens
    2. Store securely by encrypting access key information (AES-256)
  • Managing lifecycle of temporary keys
    1. Support automatic rotation and issuance of temporary key based on its lifecycle
    2. Sets the rotation cycle in hours (up to 36 hours)
    3. Immediately rotate temporary key (Manually)
  • Access Control
    1. Enable IP-based access control of resources where user applications are running
    2. Control single IP and variable CIDR (Classless Inter-domain Routing) of container environment
      (192.168.0.0/16, 192.168.11.0/24)

Let’s talk

Whether you’re looking for a specific business solution or just need some questions answered, we’re here to help

Get in Touch