Privacera Platform master publication

Graphical view of types of encryption keys

To prevent compromise of encryption keys, key management is critical for encryption of data-at-rest and data-in-transit. The encryption keys must be secured by externalizing them into a separate Key Management System (KMS). Apache Ranger KMS is the key storage system to manage keys across Privacera services. Keys are stored in an encrypted format in the Apache Ranger KMS database.

The key hierarchy includes the following types of keys.

img src"assets/key_hierarchy.png" style"width:100%;height:auto" /