Skip to main navigation menu Skip to main content Skip to site footer
Logo

Articles

Vol. 2 No. 2 (2022): Cybersecurity and Network Defense Research (CNDR)

Data Encryption and IAM Policies: Best Practices for AWS Ecosystems

Published
16-08-2022

Abstract

Securing sensitive data in AWS ecosystem remains a critical concern for enterprises as cloud adoption increases. The aim of this paper is to explore the best practises for data encryption Identity and Access Management (IAM) policies in AWS To ensure robust security postures against new evolving threats. As we provide an in-depth analysis of AWS-native encryption mechanism which includes AWS Key Management Service (KMS), envelope encryption, and hardware security modules (HSMs), and also examines the effectiveness in securing data confidentiality and integrity.

References

  1. N. Kamble, S. Choudhari, and A. Gupta, "Security and Privacy of AWS S3," International Journal of Innovative Research in Science, Engineering and Technology (IJIRSET), vol. 10, no. 12, pp. 15090–15095, Dec. 2021.
  2. A. Sharma and S. K. Sahay, "IAM Identity Access Management—Importance in Maintaining Security Systems within Organizations," European Journal of Engineering Research and Science, vol. 6, no. 5, pp. 307–312, May 2021.
  3. M. Luttrell, "Validate IAM Policies in CloudFormation Templates Using IAM Access Analyzer," AWS Security Blog, Sep. 2021.
  4. F. Angabini, "Extend AWS IAM Roles to Workloads Outside of AWS with IAM Roles Anywhere," AWS Security Blog, Jul. 2022.
  5. J. Greenwood, B. Behera, and K. Higgins, "Managing Temporary Elevated Access to Your AWS Environment," AWS Security Blog, Nov. 2021.
  6. F. Angabini, "Extend AWS IAM Roles to Workloads Outside of AWS with IAM Roles Anywhere," AWS Security Blog, Jul. 2022.
  7. J. Greenwood, B. Behera, and K. Higgins, "Managing Temporary Elevated Access to Your AWS Environment," AWS Security Blog, Nov. 2021.
  8. Martin, Luther. "Identity-based encryption: From identity and access management to enterprise privacy management." Information Systems Security 16.1 (2007): 9-14.
  9. Al-Khouri, Ali M. "Optimizing identity and access management (IAM) frameworks." International Journal of Engineering Research and Applications 1.3 (2011): 461-477.
  10. Anilkumar, Chunduru, and S. Sumathy. "Security strategies for cloud identity management—A study." International Journal of Engineering & Technology 7, no. 2 (2018): 732-741.
  11. Mohammed, Ishaq Azhar. "Systematic review of identity access management in information security." International Journal of Innovations in Engineering Research and Technology 4.7 (2017): 1-7.
  12. Beiter, M., Mont, M. C., Chen, L., & Pearson, S. (2014). End-to-end policy based encryption techniques for multi-party data management. Computer Standards & Interfaces, 36(4), 689-703.