KMS - KMS Key Policy for Different Applications - Can They be Shared?

(Doc ID 1309492.1)

Last updated on NOVEMBER 02, 2011

Applies to:

Oracle Key Manager - Version: 1.2.0 and later   [Release: 1.0 and later ]
Sun StorageTek Crypto Key Management System - Version: Not Applicable and later    [Release: N/A and later]
Information in this document applies to any platform.


I am reading the KMS System Administration Guide and understand that ...

1. First create Key Policies.
2. Then Create Key Groups (which mapped to a particular Key Policy).
3. Finally assign a Key Group to a list of Agents -or- assign a Agent to a list of Key Groups.

Now the question is:

1.    Suppose the Tape Library is shared for two applications.
2.    Application #1 is Solaris platform Netbackup.
3.    Application #2 is Windows platform Backup.
4.    They both use the same pool of tape drives (i.e. a tape drive serves both platforms).

How can one configure the Data Units such that they have different retention policy? Say, Data Units for Solaris/Netbackup require one year encryption period while Data Units for Windows/Backup require three months encryption period.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms