我对Windows Azure中如何存储密钥(用于数据加密)感到有些困惑.
根据以下两个链接(#1,#2),建议将密钥/密钥库存储在Windows Azure存储中:
Storing your own key library within the Windows Azure Storage services is a good way to persist some secret information since you can rely on this data being secure in the multi-tenant environment and secured by your own storage keys.
但是“开发Windows Azure应用程序的安全最佳实践”(#3)建议不要在Windows Azure中存储任何与密钥相关的材料:
Also,developers should not upload
the key or any keying material to Windows Azure Storage,regardless of how careful they are about hiding it. If
any computer or storage services were compromised,it could lead to encryption keys being exposed.
在Windows Azure中存储密钥的最佳方法是什么?
