The XQ Key store can support multiple policies such as IP location, time, and tokens, thus the XQ Key store can be configured in any network only to communicate with approved IP addresses.
XQ is different than standard envelope encryption, as it uses a Zero Trust security model. For example, with AWS envelope encryption, users need to “trust” AWS to store their master key. In contrast, with XQ, users can have Zero Trust in AWS as they have their own key distribution server, which they can operate in AWS, Azure, or even a physical server.
While XQ seems similar to existing HSM or KMS-based key management solutions, it is optimized for scale and simplicity while utilizing a true Zero Trust Architecture.
With XQ, edge-based key distribution “distributes” the computational load while the ability to deploy an array of XQ Key stores ensures scale and no single point of failure. When combined with a ZTA identity-based authorization model, XQ is far more elegant for Smart Energy and Transportation systems.
The XQ Key store is a fully self-contained key distribution and logging solution but can be combined with HMS/KMS solutions for hybrid solutions. XQ can be used to support frontend IoT sensors and data lakes while KMS would be used only for long-term archiving of keys, thus the use of KMS and cost would be reduced.