A Framework for Designing Cryptographic Key Management Systems (2013) by Elaine Barker, Miles Smid, Dennis Branstad, and Santosh Chokhani http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-130.pdf
Recommendation for Key Management – Part2: Best Practices for Key Management
Organization (2002) by Elaine Barker, William Barker, William Burr, William Polk, and Miles Smid http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part2.pdf
Key Management for Enterprise Data Encryption by Ulf T. Mattsson http://xml.coverpages.org/Mattsson-SSRN-id1051481.pdf
Security Policies as the Foundation for Cryptographic Key Management by Elaine Barker, Miles Smid, and Dennis Branstad http://csrc.nist.gov/groups/ST/key_mgmt/documents/Sept2012_Presentations/Branstad_Security_Policy.pdf
Purpose of a Key Management Policy
A key management policy (KMP) is a high-level set of rules that are established by an organization to describe the goals, responsibilities, and overall requirements for the management of cryptographic keying material used to protect private or critical facilities, processes, or information. These statements include authorization and protection objectives, and constraints that apply to the generation, distribution, accounting, storage, use, and destruction of keys. Key Management Policies are implemented by systems administrators through a combination of security mechanisms and procedures.
Varieties of security policies
There are several types of policies that are needed before a cryptographic key management system (CKMS) can be implemented and put into use. Different organizations may have different policies related to the security levels needed for their particular product or service. Policies can also vary within an organization for different applications and types of data. The CKMS must be designed to handle and support the requirements of each individual organization. The various types of policies can be very difficult to sort through and understand unless some form of simplification can be made.
Organizing policies in layers
To address the requirements, organizations often use a hierarchy of policies, in a layered fashion. The more important functions that oversee and control the actions of the lower level policies are placed in the top level (or top layer). The top layer is usually the information-management level that provides the basic requirements and desired control actions for the lower levels. The lower and intermediate levels provide the details of the actual implementation and enforcement procedures for a particular type of security protection defined in an upper layer. So each layer in this hierarchy handles a particular subset of CKMS functions and tasks related to security, and passes other specific requirements down to the next lower level, which is designed to handle them.
Assigning tasks for each policy layer
Each layer performs its set of functions and tasks in the form of “outputs” based on certain “inputs” related to the type of security provided. Each layer also interacts with the next higher policy level to make sure policy is in accordance with the overall requirements. Although this can vary between organizations, the layers (in terms of the tasks they handle) are typically arranged from highest to lowest as: information management, data security, physical security, computer security, communications security, and cryptographic key security. Sometimes these multiple layers can be reduced to just three layers, as described below:
Functions of the top policy layer (Information Management)