Microsoft Codename "Trust Services"

Protect your data

We have reached the maximum capacity for this lab and are currently not signing up new participants. Please check back with us in early 2013!

Microsoft Codename "Trust Services" is an application-level encryption framework that can be used by developers to protect sensitive data stored inside their cloud applications on the Windows Azure Platform. Data encrypted with Trust Services can only be decrypted by authorized data consumers. This empowers data publishers to freely distribute and share data by first encrypting the data using Trust Services. Consumers of sensitive data encrypted with Trust Services can have full confidence that the data cannot be viewed by anyone who is not authorized.

The basic scenario involves 2 steps:

Data publishers use Trust Services to encrypt sensitive data and store it in Windows Azure storage or SQL Azure
Authorized data consumers can decrypt data after it is read from storage

On July 3rd, 2012, we published a lab refresh that includes support for:

Search on encrypted data
Encryption of streams
Separation of roles for data policy administration, publishing and consumption

Your feedback will shape the future direction of this service. We look forward to hearing from you!

Feedback?E-mail Us

Trust Services

Video

Microsoft Codename "Trust Services"

Encryption is one of the fundamental required tools for protecting data in the cloud. This service provides a unique combination of application level encryption and the power of cloud services to roam encryption keys in a secure way. It enables data driven applications to work with sensitive data securely from different cloud-based locations while continuing to maintain access control over the data.

For more details, watch Part 1 and Part 2 of the technical overview for Trust Services.

Features

Cloud data flow using Trust Services, showing different roles.

Define data policy, publish and consume sensitive data.

Create Trust Services servers and add certificates.