Key Access Service (KAS)

The Key Access Management is a dedicated backend component that manages the cryptographic keys used for encryption workflows based on Trusted Data Format (TDF). It acts as a secure intermediary (i.e., key server) that stores, manages, and provides controlled access to symmetric and asymmetric Key Encryption Keys (KEKs).

The Key Access Management is required to use Stormshield SDK.

It provides the following API routes:

• /rewrap: Enables clients to securely retrieve or re-encrypt keys needed to decrypt protected data, while enforcing policies and access controls (i.e., asymmetric cryptography).

• /encrypt and /decrypt: Provides direct data encryption and decryption capabilities using a Key Encryption Key (KEK) for symmetric cryptography.

For more information, refer to the SDK documentation.

NOTE
The use of the solution in any way other than as described in the documentation is not managed. Alternatively, get in touch with Stormshield Support for clarification.