Hacker News new | ask | show | jobs
by yani 2913 days ago
I thought that payment processors are using their own hardware. How is AWS protecting their own customers' privacy? - can uncle Bob insert his fancy flash drive, copy my data, and sell it? Before you say it is encrypted - where does the encryption happen and doesn't AWS employees have access to the keys too?
3 comments
dcosson 2913 days ago
What are you talking about? I have so many questions - who is uncle Bob in this scenario, an AWS employee? Who's uncle is he and why is that important? And what makes his flash drive fancy?

AWS has several encryption products you can easily look up, such as KMS. No, the employees don't have the keys. [1]

[1] https://aws.amazon.com/kms/faqs/

link
yani 2913 days ago
Uncle Bob is AWS employee.

How is the application residing on AWS decrypt private data if it does not have access to the master(private) key?

link
Androider 2913 days ago
KMS is a hardware security module, kind of like the secure enclave on an iPhone. The private key doesn't leave the hardware, your process requests that KMS should encrypt or decrypt something (which is probably another disposable key used for your session to the a DB or whatever, like in a browser TLS session). All of AWS's core services are neatly integrated with KMS: EBS, EFS, RDS, DynamoDB, etc.

I'd trust the AWS datacenter security and processes over your average big-corp datacenter any day, having seen quite a few.

link
M00nF1sh 2913 days ago
I had the same question as you and took a look at their FQA.

#1 You should check what "HSM" is, and will know the answer to your question :D. #2 KMS offers client-side encryptions. So if you don't trust AWS for whatever reason, you can choose to encrypt at client-side too. :D

link
lowpro 2913 days ago
AWS has different options for different companies/data. They even have options for US government data that are certified by DSS I believe, and they have options if you need PCI, HIPAA, and other types of compliance.

See: https://aws.amazon.com/compliance/hipaa-compliance/

https://aws.amazon.com/compliance/pci-dss-level-1-faqs/

link
outworlder 2913 days ago
It's worth noting that none of this is available on 'AWS' China.
link
yani 2913 days ago
Thanks for the links. Good read.
link
jacques_chester 2913 days ago
I'd expect and hope that a Hardware Security Module is in the chain of trust somewhere. For certain cases you just don't want a key to ever be physically accessible except in one heavily-defended location.
link