Chapter 7 Encryption Key Management
Configuring Encryption Key Management on the Library
Scalar i500 User’s Guide 193
• Importing Encryption Certificates on page 198
• Exporting Data Encryption Keys
on page 198
• Importing Data Encryption Keys
on page 200
• Accessing the SKM Server Logs
on page 201
• Using the SKM Encryption Key Import Warning Log
on page 201
Generating Data Encryption Keys
7
Data encryption keys are generated in sets of a specified quantity (see the
Scalar Key Manager User’s Guide for more information).
The library tracks data encryption key usage and reminds you to generate
more keys when needed. If you try to generate data encryption keys on
an SKM server that already has sufficient unused data encryption keys,
then it will not create more. You will receive a message to that effect on
the library remote Web client.
You can generate data encryption keys in the following ways:
• Generating Data Encryption Keys at Initial Setup
• Generating Data Encryption Keys When 80% Depleted
• Generating Data Encryption Keys When 100% Depleted
• Manually Generating Data Encryption Keys
Generating Data Encryption Keys at Initial Setup 7
At initial setup, the library triggers each SKM server to generate a set of
data encryption keys. The process is described in Step 6: Configuring
Partitions for Library Managed Encryption on page 184.
Generating Data Encryption Keys When 80% Depleted
7When an
SKM server has used 80 percent of the data encryption keys assigned to a
Note: Each library that you connect to an SKM server requires its
own set of data encryption keys. Each library only pulls data
encryption keys from the set that “belongs” to it. This means
that an SKM server may contain several distinct sets of data
encryption keys. When the data encryption keys for one
library have all been used, then more keys must be
generated.
To Next Page
Loading...
Need help?
General