If you develop SaaS applications you know that large enterprises want to create their own security keys and control encryption of their data stored in your application. This capability is known as Customer Managed Keys (CMK) or Enterprise Key Management (EKM).
In this detailed technical whitepaper, we give cloud, enterprise and software architects:
* the technical context behind CMK,
* presents a reference architecture,
* and discusses implementation patterns and tradeoffs.