Key rotation required in case of it compromising or at the end of crypto period(key validity period).
To implement ability to rotate master encryption key.
New processes:
Master key rotation.
Removal of master key.
New administrator commands:
Master keys view: node -> master key hash
Cache group keys view: node -> group name -> encryption key hash
Administrator initiates key rotation via some kind of user interface(CLI, Visor, Web Console, JMX, etc).
Message is sent by discovery.
Message should contains:
Master cache key encrypted with current master key.
When server node processed message following actions are executed:
Blocks creation of encrypted cache key.
Encrypt cache group keys with new master key.
Unblock creation of encrypted cache key.
New joining node should also change current master key with the new one.
Administrator initiates process completion via interface by using “master key removal” command.
Design assume, administrator will check that all nodes successfully change master key and all required nodes are alive.
Administrator initiates process via some kind of user interface(CLI, Visor, WebConsole, JMX, etc),
Message is sent by discovery.
Message should contain:
New master key hash.
When server node processed message following actions are executed:
Received master key hash compared with known master key hash.
Previous master key removed using configured EncryptionSPI.
Master key hashes.
Input: nothing
Output:
List of Tuples3
Node ID
Current key hash
Previous key hash or null.
Cache key hashes.
Input: cache id.
Output:
List of Tuples3
Node ID
Current key hash
Previous key hash or null.