Privacera Platform master publication

Data Encryption Key (DEK)

The Data Encryption Key (DEK) is the key that encrypts and decrypts the data.

Each encryption scheme created in the Privacera Portal is mapped to a unique DEK. The user must have key access privileges by way of a scheme policy to encrypt or decrypt data with the DEK.

The DEK is stored in an encrypted format as an Encrypted Data Encryption Key (EDEK). The key used to encrypt the DEK is managed by Apache Ranger KMS.