Chapter 7 · Data storage, procurement, distribution logistics
This chapter concentrates on operational implementation. First, it discusses role-based data encryption for storage systems, arguing that cryptographic access control must reflect organizational roles and long retention periods. It then introduces LISA as a concrete MKD-oriented solution for files, databases, and multi-security-level workstations.
A second major focus is procurement. The chapter argues that physical cryptography always involves hardware and software, so purchasing decisions must account for certification, transparency, complexity, maintainability, and supply-chain risks. Simpler systems are presented as easier to verify and govern, while highly complex systems, especially in QKD, create more opportunities for hidden weaknesses and opaque dependencies.
The third focus is distribution logistics for MKD. Since key material is physically moved, secure creation, transport, timing, and documentation become central. The chapter emphasizes documented chain of custody, secure handling of storage media and chip cards, third-party selection rules, synchronized replacement of role keys, and electronic support systems for tracking and governance.
- Applies cryptography to role-based data storage
- Defines procurement criteria for high-security buyers
- Highlights supply-chain and certification concerns
- Treats logistics as a security function in MKD
- Emphasizes documented chain of custody