Oracle Key Vault

Enciphering is everywhere recognized by "gold standard" for privacy protection of data. However, reliability of enciphering directly depends on security and efficiency of procedures of key management. The crucial service information, such as wallet-files of Oracle, Java KeyStores storages, key files of Secure Shell (SSH) and files of certificates Secure Sockets Layer (SSL), often is placed on numerous servers and server clusters which use mechanisms of synchronization and backup subject to errors. As the organizations even more often execute data encryption both in a passive standalone mode, and in the active on-line mode, safe management of all encryption keys and other service information in a corporate data processing center becomes a serious problem.

The organizations, at the same time, need to provide also observance of strict requirements of the legislation to safe key management and certificates. Many international regulatory standards and industry standards require audits, confirmatory that access to keys and control of their lifecycle is always exercised of the persons who are exclusively authorized for that.

Oracle Key Vault, complex of the class software appliance and the latest addition in a portfolio of security aids Oracle Database helps to solve these essential problems. It provides safe centralized operation with encryption keys and other service information in a data processing center, including wallet-files of Oracle, Java KeyStores storages, keytab-files of Kerberos, key files of SSH and files of certificates of SSL.

"Enciphering becomes obligatory process at management of corporate data of the enterprise; it is the most important element of end-to-end data protection now — Carl Olofson, the vice president of IDC for researches in the development areas and deployments of applications (Application Development and Deployment) noted. — As the organizations integrate processes of enciphering into the operating systems, databases and a middleware, key management of enciphering becomes harder and harder. Oracle developed the product Oracle Key Vault to provide to clients all advantages of the solution for the centralized operation by their encryption keys based on standards and optimized for a technology stack of Oracle".

The Oracle Key Vault complex optimized for a technology stack of Oracle, including Oracle Database and Oracle Fusion Middleware can be unrolled with ease in the existing environments.

This completely integrated software package is developed for a hardware platform of x86-64. It uses the Oracle Linux operating system included in a distribution kit for installation simplification, and Oracle Database DBMS for providing the high levels of security, availability and scalability.

"The option Oracle Advanced Security with Transparent Data Encryption technology plays an important role in the confidential information protection which is stored in our Oracle databases, however need for data encryption steadily grows – both in the Oracle Database environment, and out of it – and key management of enciphering becomes a serious problem — Brad Peiffer, the director of the Educational Testing Service organization for data management IT services considers. — We with impatience expect release of a new solution of Oracle Key Vault which will allow us to manage on a centralized basis our wallet-files Oracle, encryption keys and certificates. Oracle Key Vault will help us to simplify transactions, to raise our security level and to provide compliance to regulatory requirements".

The software package Oracle Key Vault is the most modern solution for key management of enciphering and metadata in the industry. Among the major functions and opportunities there is Oracle Key Vault:

• Fast and easy archiving and data recovery – the New solution allows to archive wallet-files of Oracle, Java KeyStores storage and other files of credentials in main (master) a repository, supporting fast and easy recovery and file sharing.
• Centralized operation – the management console Implemented in Oracle Key Vault on the basis of the browser offers functions of administration with the point-and-click interface, the simplified registration of servers and preparation of audit reports.
• The optimized possibilities of file sharing — the Organizations can safely use wallet-files of Oracle (the standard ciphered files which safely store the keys and the connected metadata used by components of a technology stack of Oracle) in clusters of databases or environments of disaster recovery. The product perfectly is suitable for work with Oracle Real Application Clusters, Oracle Active Data Guard and Oracle GoldenGate.
• The flexibility — In the Oracle Database environments using the option Oracle Advanced Security with functionality of Transparent Data Encryption (TDE), Oracle Key Vault manages TDE keys through direct network connection – as an alternative to the local Oracle wallet-file.
• Ensuring compliance with standards — Thanks to support of the KMIP protocol (Key Management Interoperability Protocol) developed by the organization OASIS, Oracle Key Vault can manage keys from KMIP compatible clients.

"As the becoming tougher regulatory regulations around the world require enciphering of more and more broad categories of confidential data, the organizations need to have single solution for safe management of all encryption keys and other service information in the data processing centers — Vipin Samar, the vice president of Oracle for security technologies of databases emphasized. — Oracle Key Vault is the modern, based on standards complex which allows the organizations to reduce the costs connected with observance of requirements of the legislation using the solution which reliably protects master keys of enciphering of Oracle Database, wallet-files of Oracle, data of Java KeyStores and other service information".