![]() The default rekeyfrequency policy for a client is inherited from the global rekeyfrequency policy. Oracle Secure Backup provides an interwoven encryption security model that mainly controls user-level access, host authentication, and key management. Once backup encryption is enabled, all data is encrypted using the defined encryption algorithm. The data is encrypted before it leaves the client. The encryption keys are stored in a mechanism that is protected by the Oracle Secure Backup wallet. The administrative server is considered a secure host. All keys and wallet-protected key stores for all clients are stored on this protected computer. When a backup or restore job is started, the encryption key is passed over a SSL connection to the client that is encrypting or decrypting data. The encryption keys are retained in memory only so long as needed to perform the encryption or decryption. The encrypted key stores are extremely valuable, because they enable encryption and decryption of all tapes. If the key stores are lost, then all data would also be lost. ![]() Best practise is to schedule frequent catalog backups of your Oracle Secure Backup administrative server using the OSB-CATALOG-DS dataset provided as this includes a backup of you key stores. The encrypted key store format is platform independent.īackups of Oracle Secure Backup administrative data must not be encrypted with an automatically generated key. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |