diff --git a/keychain/models/keychain.py b/keychain/models/keychain.py
index 0008adb3c..57f5a6392 100644
--- a/keychain/models/keychain.py
+++ b/keychain/models/keychain.py
@@ -198,3 +198,70 @@ class KeychainAccount(models.Model):
                 "Use a key similar to: %s" % (envs[0], Fernet.generate_key())
             ))
         return MultiFernet(keys)
+
+
+class KeychainBackend(models.AbstractModel):
+    _name = 'keychain.backend'
+    _backend_name = None
+
+    password = fields.Char(
+        compute="_compute_password",
+        inverse="_inverse_password",
+        required=True)
+    data = fields.Serialized(
+        compute="_compute_keychain",
+        inverse="_inverse_keychain")
+
+    def _get_technical_name(self):
+        return '%s,%s' % (self._name, self.id)
+
+    def _get_existing_keychain(self):
+        self.ensure_one()
+        return self.env['keychain.account'].retrieve([
+            ('namespace', '=', self._backend_name),
+            ('technical_name', '=', self._get_technical_name())
+            ])
+
+    def _prepare_keychain(self):
+        env = config.get('running_env')
+        return {
+            'name': "%s %s" % (self.name, env),
+            'technical_name': self._get_technical_name(),
+            'namespace': self._backend_name,
+            'environment': env,
+            }
+
+    def _get_keychain_account(self):
+        self.ensure_one()
+        account = self._get_existing_keychain()
+        if not account:
+            vals = self._prepare_keychain()
+            account = self.env['keychain.account'].create(vals)
+        return account
+
+    def _inverse_password(self):
+        for record in self:
+            account = self._get_keychain_account()
+            if record.password and record.password != '******':
+                account.clear_password = record.password
+
+    def _compute_password(self):
+        for record in self:
+            account = record._get_existing_keychain()
+            if account and account.password:
+                record.password = "******"
+            else:
+                record.password = ""
+
+    def _inverse_keychain(self):
+        for record in self:
+            account = record._get_keychain_account()
+            account.data = account._serialize_data(record.data)
+
+    def _compute_keychain(self):
+        for record in self:
+            account = record._get_existing_keychain()
+            if account:
+                record.data = account.get_data()
+            else:
+                record.data = {}