Monday Aug 25, 2014

Oracle Key Vault Option is Here.

Finally, a centralized way to manage all the encryption keys and credential files in the data center.   

Critical credential files such as Oracle wallet files, Java KeyStores, Secure Shell (SSH) key files, and Secure Sockets Layer (SSL) certificate files are often widely distributed across servers and server clusters that use error-prone synchronization and backup mechanisms. As organizations increasingly encrypt data at rest and on the network, securely managing all the encryption keys and credential files in the data center has become a major challenge.

How do you comply with stringent regulatory requirements for managing keys and certificates and ensure that keys are routinely rotated, properly destroyed, and accessed solely by authorized entities?

Oracle Key Vault  a software appliance designed to securely manage encryption keys and credential files in the enterprise data center. It provides secure, centralized management of encryption keys and credential files in the data center, including Oracle wallet files, Java KeyStores, Kerberos keytab files, SSH key files, and SSL certificate files.

Want to get started?  Here's what you need to know:

Q: Where can I download the software for Oracle Key Vault?

A: Oracle Key Vault can be downloaded from Oracle Software Delivery Cloud.

Go to;

Select Product Pack: Oracle Key Vault ( Media Pack v1.

Q: What are the recommended hardware specifications?

A: CPU: Minimum 2x86-64 cores, Recommended: 2+cores with cryptographic acceleration support (IntelĀ® AES-NI) Memory: Minimum 4 GB of RAM Disk: Minimum 500 GB hard disk.

Hardware Compatibility: Refer to the hardware compatibility list (HCL) for Oracle Linux Release 5 Update 10. The HCL is available at

Q: How does the software appliance install work?

A: Oracle Key Vault is packaged as a software appliance, which means it contains everything, including the operating system, needed to install the product on bare hardware.

During installation, the installer completely takes over the hardware. In addition to partitioning and formatting the disks, it installs the base OS, user-space libraries, Oracle Database, Oracle Key Vault software, etc. It configures all of the software (OS, networking, database) automatically and with minimal user involvement. It hardens the operating system, network, database, and more according

to hardening best practices. It removes unnecessary packages and software and disables unused services and ports.

Q: Can I deploy the Oracle Key Vault software appliance on Windows or Solaris?

A: Oracle Key Vault can only be deployed on bare metal. Any existing OS including Windows or Solaris and software will be removed by the install process. Note that this applies only to the Oracle Key Vault appliance and is independent of the OS for the server endpoint.

Q: Can I run Oracle Key Vault on Oracle Virtual Machine?

A: For testing or proof of concept purposes, Oracle Key Vault can be run in Oracle VM or Oracle VirtualBox. However, for production deployment, Oracle Key Vault should be installed on dedicated physical hardware; otherwise VM administrators may be able to gain access to underlying keys and secrets stored inside Oracle Key Vault.

Q: Can I install Oracle Key Vault on Oracle Database Appliance (ODA) or Exadata?

A: No, at this time Oracle Key Vault is not certified with the Oracle Database Appliance or Exadata. Oracle Key Vault can however be used to manage keys used by ODA or Exadata.

Find out more on the Oracle Key Vault page on OTN.

Ciao for Now!


Thursday Aug 14, 2014

Did You Say "JSON Support" in Oracle

Yes, We did.   Here's why:

JSON is practically a subset of the object literal notation of JavaScript, so it can be used to represent JavaScript object literals. This means JSON can serve as a data-interchange language. Although it was defined in the context of JavaScript, JSON is in fact a language-independent data format. A variety of programming languages can parse and generate JSON data.

Additionally, JSON can often be used in JavaScript programs without requiring parsing or serializing. It is a text-based way of representing JavaScript object literals, arrays, and scalar data. JSON is easy for software to parse and generate. It is often used for serializing structured data and exchanging it over a network, typically between a server and web applications.

JSON data has often been stored in NoSQL databases such as Oracle NoSQL Database and Oracle Berkeley DB. These allow for storage and retrieval of data that is not based on any schema, but they do not offer the rigorous consistency models of relational databases. You can get around this by using a relational database in parallel with a NoSQL database, but applications using JSON data stored in the NoSQL database must then ensure data integrity themselves.

So for these reasons (and maybe a few more) Oracle Database 12c supports JSON natively with relational database features, including transactions, indexing, declarative querying, and views. Oracle Database queries are declarative, so you can join JSON data with relational data. And you can project JSON data relationally, making it available for relational processes and tools. You can also query, from within the database, JSON data that is stored outside the database, in an external table.

And, it's good to know you can access JSON data stored in the database the same way you access other database data, including using OCI, .NET, and JDBC.

Get more information about JSON support in Oracle Database 12c. You can start with the XML DB Developer's Guide (I DID!).

Ciao for Now!



The OTN DBA/DEV Watercooler is your official source of news covering Oracle Database technology topics and community activities from throughout the OTN Database and Developer Community. Find tips and in-depth technology information you need to master Oracle Database Administration or Application Development here. This Blog is compiled by @oracledbdev, the Oracle Database Community Manager for OTN, and features insights, tech tips and news from throughout the OTN Database Community.


« November 2015