Table of Contents
Advertisement
2.1.1 Oracle Key Manager
The ETD is intended to be used in conjunction with the Oracle Key Manager
(OKM), which provides centralized key management. The OKM, an external
system component, creates, stores, and manages the keys used for encryption and
decryption of data stored in the tape cartridge used by the ETD. An Oracle Key
Manager (formerly called the Key Management System or KMS) cluster consists
of two or more Key Management Appliances (KMAs), providing policy-based
Lifecycle Key Management, authentication, access control, and key provisioning
services. Connections to the ETD from the OKM are secured through the use of
5
TLS
1.0.
2.1.2 Virtual Operator Panel
The Virtual Operator Panel (VOP) is an external software application running on
a General Purpose Computer (GPC) that facilitates operator communication with
the StorageTek T10000D Tape Drive through the use of an intuitive and user-
friendly Graphical User Interface (GUI).
configure the drive for FIPS-Approved operation, perform operator services, and
display drive-related status information. An operator of the StorageTek T10000D
Tape Drive will use the VOP, in addition to the OKM, during the initial FIPS
configuration and any time the operator chooses to switch between modes of
operation. Connections to the ETD from the VOP are provided through the
Telnet and SSH network protocols.
2.1.3 StorageTek T10000D Tape Drive Deployment
A sample deployment scenario for the StorageTek T10000D Tape Drive with
encryption enabled is provided in Figure 2 below. The ETD is shown with a red,
dotted line surrounding it, representing its cryptographic boundary.
5
TLS – Transport Layer Security
This document may be freely reproduced and distributed whole and intact including this Copyright notice.
Figure 1 – StorageTek T10000D Tape Drive
© Copyright 2017 Oracle Corporation
The VOP allows an operator to
Page 9 of 51
Advertisement
Table of Contents
