Oracle Key Vault enables customers to quickly deploy encryption and other security solutions by centrally managing encryption keys, Oracle Wallets, Java Keystores, and credential files. It is optimized for managing Oracle Advanced Security Transparent Data Encryption (TDE) master keys. The full-stack, security-hardened software appliance uses Oracle Linux and Oracle Database technology for security, availability, and scalability.
Oracle Database and Oracle MySQL both offer Transparent Database Encryption – which means that both need some place to store their encryption keys. Oracle Key Vault is specifically designed to meet the demanding performance requirements of a busy database, providing secure, centralized storage and management of keys in a highly available cluster of Key Management servers. Oracle Key Vault provides a secure alternative to using local wallets, allowing you to safely remove the encryption keys from servers where encrypted databases are operated. This improves security and reduces the risk of compromise.
Oracle Wallets, Java Keystores, SSH keys, and other critical infrastructure “secrets” are often widely distributed across servers and server clusters, with backup and distribution of these files performed manually and usually haphazardly. The impact of losing one of these secrets can be anywhere from merely annoying to catastrophic. Oracle Key Vault itemizes and stores contents of these files in a master repository while allowing server endpoints to continue operating disconnected from Key Vault using their local copies. In the event of a file’s loss or corruption, Key Vault allows you to easily retrieve and replace the lost file.
High-availability cluster deployment supporting up to 16 nodes in each cluster, with all nodes fully replicated and capable of read/write operation. Scale the cluster without downtime, support geographically distributed systems, and enable high levels of resource use with no idle standby servers.
Oracle Key Vault provides RESTful APIs for database enrollment and automation, allowing management of large numbers of database and reducing the cost of administration by eliminating the repetitive tasks of manual database registration.
Oracle Key Vault is packaged as an ISO image and is delivered as a pre-configured, security-hardened software appliance. The appliance is easy to install and configure and can be deployed on certified x86-64 hardware.