Key Management Framework key life-cycle states
Summarize
Summary of Key Management Framework Key Life-cycle States
The Key Management Framework (KMF) defines various states for cryptographic keys throughout their life-cycle, ensuring that only keys in the appropriate state can perform specific actions. This framework is essential for maintaining security and functionality within cryptographic modules.
Show less
Key Features
- Active: The key is in use for encrypting or signing; only one active key is allowed per cryptographic specification.
- Compromised: The key cannot create new content but can identify existing content; multiple keys can be in this state.
- Deactivated: An active key can be deactivated, and multiple keys may exist in this state; they cannot encrypt or sign but can still verify content.
- Destroyed: Permanently removes key material, making it unusable; caution is advised as associated data is inaccessible.
- Generated: Keys can be in this state before being activated; the first generated key is automatically set as active.
- Renewed: Extends the life of an active key with an expiration date; the new expiration is calculated based on the activation duration.
- Resume: Suspended keys can be reactivated when no other active key exists for that specification.
- Revoked: Similar to compromised keys, they cannot create new content but can verify existing content; both active or suspended keys can be revoked.
- Rotated: Involves deactivating the current active key and assigning a new active key either from generated or existing keys.
- Suspended: Keys in this state can be resumed back to active when appropriate.
Key Outcomes
The key life-cycle states enable customers to manage cryptographic keys effectively, ensuring that only secure and appropriate keys are used for sensitive operations. This management not only safeguards data integrity but also adheres to compliance requirements. Understanding and utilizing these states allow for streamlined key management processes within ServiceNow environments.
KMF supports several cryptographic key life-cycle states through the enforcement of specific allowable actions. For example, only keys that are in the active state can be used fully for their intended cryptographic purpose. The following table provides further detail on the varying key life-cycle states.
| Key life-cycle state or action | Description |
|---|---|
| Active | The active key is used to generate new content, such as encrypting or signing. There can be only one active key for a given cryptographic specification in a cryptographic module. |
| Compromised |
Compromised keys can’t be used to generate new content, such as encrypting or signing, but may still be used to identify the purpose of existing content, such as decryption or verification. Several keys can exist in the compromised state for revocation in a given cryptographic specification in a cryptographic module. Any active or suspended key can be moved to a compromised state. |
| Deactivated | Any active key can be deactivated. There could be several keys in a
deactivated state for a given cryptographic specification in a cryptographic
module. For example, when the key is rotated, the current active key is deactivated. Deactivated keys cannot be used to generate new content, such as encrypting and signing, but may still be used to identify purposes of existing content, such as decryption or verification. Note: Compromised and revoked keys are treated as deactivated keys. |
| Destroyed | When a key is destroyed key material is permanently removed and can no longer be used for any cryptographic purpose. Any deactivated key can be destroyed using lifecycle automation when it hasn’t been used in
the configured designated time frame. There could be several keys in a destroyed state for a given cryptographic specification in a cryptographic module. Warning: Data associated with a destroyed key can no longer be accessed, therefore extreme caution should be exercised when performing a destroy key action. |
| Generated | Multiple keys can exist in the generated state for a given cryptographic specification in a cryptographic module. A generated key can be moved to an active state when no active key exists for the given cryptographic specification. The first key generated is automatically set to active. Note:
If the choice is to generate a new key, then a new key is generated and made active even though there are keys in a generated state for the given cryptographic specification. |
| Renewed | An active key that has an expiration date can be renewed any number of times to extend the life-cycle period of the key. Note: The difference between the activation date and expiration date is calculated and
the expiration date is postponed by that duration from the current day. |
| Resume | The UI action is available on suspended keys to move them back to an active state when no other active key exists for the given cryptographic specification. |
| Revoked | Any active or suspended key can be moved to the revoked state. Revoked keys can’t be used to generate new content, such as encrypting or signing, but may still be used to identify the purpose of existing content, such as for decryption or verification. Several keys in a revoked state may exist for a given cryptographic specification in a cryptographic module. |
| Rotated | Key rotation results in deactivating the current active key and making
another key active. Select the new active key from the following:
|
| Suspended | There could be several keys in the suspended state for a given cryptographic specification in a cryptographic module. When the key is suspended, the key can be resumed and reassigned to an active state when no other active key exists for that cryptographic specification. |