Product News, Security
October 23, 2018

Announcing Oracle Cloud Infrastructure Key Management

Tina Liu
Director, Product Marketing

Customers of Oracle Cloud Infrastructure moved their workloads to the cloud knowing that their data would be protected by encryption keys that are securely stored and controlled by Oracle. However, some customers, especially those operating in regulated industries, asked Oracle to help them verify their security governance, regulatory compliance, and homogeneous encryption of their data where it is stored.

Effective immediately, Oracle Cloud Infrastructure Key Management is available to customers in all Oracle Cloud Infrastructure regions. Key Management is a managed service that enables you to encrypt your data using keys that you control.

Key Management durably stores your keys in key vaults that use FIPS 140-2 Level 3 certified hardware security modules (HSMs) to protect the security of your keys. You can use the Key Management service through the Console, API, or CLI to create, use, rotate, enable, and disable Advanced Encryption Standard (AES) symmetric keys. As a managed service, Key Management lets you focus on your data encryption needs without requiring you to worry about procuring, provisioning, configuring, updating, and maintaining HSMs and key management software or appliances.

Integration with Oracle Cloud Infrastructure Block Volumes, Oracle Cloud Infrastructure Compute boot volumes, and Oracle Cloud Infrastructure Object Storage means that encrypting your data with keys that you control is as straightforward as selecting a key from the Key Management service when you create or update a block volume or bucket.

Example: Creating a Block Volume using keys from Key Management

Example: Edit or unassign a previously assigned key from a Block Volume

Integration with Oracle Cloud Infrastructure Identity & Access Management (IAM) and Oracle Cloud Infrastructure Audit lets you control the permissions on individual keys and key vaults, and monitor their life cycles.