logo

Security - Versus

HSM vs TPM vs KMS

  • TPM: Trusted Platform Module
    • a chip on a system board on a computer.
    • stores special encoding information and holds the keys that your system needs to encrypt certain data relating to your system.
    • e.g. used for FDE, or Full-Disk Encryption: if your hard drive is cloned and connected to another machine, it will not be readable without the cryptographic data contained on the TPM, making the data useless to anyone but you.
  • HSM: Hardware Security Module
    • a standalone piece of hardware: not soldered directly to motherboard, but as a USB device or be mounted to the rack.
  • KMS: Key Management System
    • a newer technology than both TPM and HSM.
    • can operate across multiple platforms like cloud and hybrid environments.

SIEM vs SOAR

  • SIEM: Security Information and Event Management: provides real-time analysis of security alerts generated by applications and network hardware. Focuses on log management and threat detection.
  • SOAR: Security Orchestration, Automation, and Response: Focuses on automating incident response processes. SOAR takes alerts from SIEM and automates the steps to address them. SOAR uses AI and automation to prioritize and respond to security incidents.

SIEM examples:

  • use Splunk to collect and analyze logs to detect security issues.
  • GCP provides Google Security Operations, formerly Chronicle.

LUKS vs dm-crypt

  • LUKS has a header, dm-crypt does not.
    • The header allows multiple different passphrases to be used, with the ability to change and remove them.
    • If the header is lost or corrupted, the device will no longer be decryptable.
    • There are two versions of LUKS, with LUKS2 featuring resilience to header corruption
  • The reference implementation for LUKS operates on Linux and is based on an enhanced version of cryptsetup, using dm-crypt as the disk encryption backend.

A common usage of LUKS is to provide full disk encryption, which involves encrypting the root partition of an operating system installation, which protects the operating system files from being tampered with or read by unauthorized parties

logo
PRIVACY POLICYABOUT中文