Key Vault

Oracle Key Vault securely stores encryption keys, Oracle Wallets, Java KeyStores, SSH key pairs, and other secrets in a scalable, fault-tolerant cluster that supports the OASIS KMIP standard and deploys in Oracle Cloud Infrastructure (OCI), Microsoft Azure, Amazon AWS, and Google GCP as well as on-premises on dedicated hardware or virtual machines.

Key Vault 21.10 Oracle Key Vault 21.10 introduces new capabilities and features that improve security, simplify operations, and increase the value you get from your investment in Key Vault:

  • Simplified key management for DBMS_CRYPTO
  • Expanded Secure Socket Shell (SSH) key governance that includes Microsoft Windows clients
  • Added Transparent Data Encryption (TDE) key management for Oracle Autonomous Database Serverless
  • Added configurable network ports for Key Vault
  • Added support for endpoints running Linux on ARM64 and IBM Z mainframes

Explore Oracle Key Vault

Secure key storage, management, and distribution

We engineered Oracle Key Vault to deliver performant, fault-tolerant, and flexible encryption key management for TDE, part of Oracle Advanced Security. Key Vault has been purpose-built to support all database deployment options, including Oracle Real Application Clusters (Oracle RAC); Oracle Data Guard, including Oracle Data Guard per pluggable database; globally distributed (sharded) databases; and Oracle Multitenant pluggable databases.

Key Vault scales to support highly consolidated workloads on engineered systems, such as Oracle Exadata, Oracle Exadata Database Service on Dedicated Infrastructure, Oracle Exadata Database Service in Azure, Oracle Exadata Database Service in AWS, and Oracle Exadata Database Service in Google Cloud Platform.

Key Vault has been fully integrated into the database provisioning workflow of the following:


Oracle Key Vault use cases

  • Online storage and distribution of keys

    Embrace a more secure alternative to using local wallets. Remove encryption keys from the database server and reduce the risk of compromise.

  • Secure Socket Shell (SSH) key management

    Gain control over public key authentication by implementing centralized remote server access control and private key governance.

  • Key management for Oracle Zero Data Loss Recovery Appliance

    Leverage Oracle Key Vault to secure long-term retention backups stored in Oracle Cloud using the Zero Data Loss Recovery Appliance archive to cloud solution.

  • Key management for Oracle Automatic Storage Management Cluster File System

    Key Vault supports key storage and distribution for Automatic Storage Management Cluster File System.

  • Accelerate compliance

    Manage keys for Transparent Data Encryption to accelerate compliance with regulations such as GDPR, CCPA, PCI-DSS, HIPAA, and more.

Resources

Documentation

Oracle Key Vault documentation

Review the Oracle Key Vault documentation. Topics include installation, upgrading, clustering, integration with HSMs, maintenance and management, and much more.

March 18, 2024

Simplify SSH key management, enhance manageability and improve operational security with Oracle Key Vault 21.8

Peter Wahl, Senior Principal Product Manager, Oracle Key Vault and Oracle Transparent Data Encryption

Oracle Key Vault provides highly available, scalable, centralized key and secrets management for Oracle Database, MySQL, MongoDB, GoldenGate, the Zero Data Loss Recovery Appliance (ZDLRA), ZFS Storage Appliance, and custom applications. Oracle Key Vault can be deployed in Oracle Cloud Infrastructure (OCI), Microsoft Azure, and Amazon AWS, as well as on-premises on dedicated hardware or as virtual machines. This release of Oracle Key Vault 21.8 includes a number of essential security and stability improvements along with several functional improvements.

Read the complete post

You may also be interested in

Blog post

Deploy Key Vault in minutes

Datasheet

Benefits, features, and more

Frequently asked questions

Get the answers

Oracle Database security

Learn about more security solutions

Get started with Oracle Key Vault

Buy Key Vault today

Download the Key Vault software appliance from the Oracle Cloud Marketplace to start using the scalable, highly-available key management system.

Try the Key Vault LiveLabs Workshop

Learn how to set up the environment and generate SSH keys. Run the workshop on your own tenancy or reserve a time to run the workshop on LiveLabs, free of charge.

Run the Database Security Assessment Tool

Quickly identify your database security posture and get recommendations to mitigate risks.

Contact sales

Talk to a team member about Oracle database security.