Oracle ZFS Storage Appliance 提供了项目级别以及单个共享资源(文件系统和 LUN)级别的透明数据加密。该设备包括一个内置的本地密钥库,并且还可连接到 Oracle Key Manager (OKM) 系统。每个加密的项目或共享资源都需要一个来自本地或 OKM 密钥库的包装密钥。数据加密密钥由存储设备管理,并使用本地或 OKM 密钥库提供的包装密钥永久加密存储。
下表介绍了可用于管理本地和 OKM 加密的 RESTful API 请求。
|
|
输出:
{ "keys": [{ "cipher": "AES", "keyname": "key-1", "href": "/api/storage/v1/encryption/local/keys/key-000" },{ "cipher": "AES", "keyname": "key-2", "href": "/api/storage/v1/encryption/local/keys/key-001" },{ "cipher": "AES", "keyname": "key-3", "href": "/api/storage/v1/encryption/local/keys/key-002" }] }
输出:
{ "key": { "href": "/api/storage/v1/encryption/local/keys/key-000", "cipher": "AES", "keyname": "key-1" } }
输出:
{ "keys": [{ "cipher": "AES", "keyname": "okm-key-1", "href": "/api/storage/v1/encryption/local/keys/key-000" },{ "cipher": "AES", "keyname": "okm-key-2", "href": "/api/storage/v1/encryption/local/keys/key-001" },{ "cipher": "AES", "keyname": "okm-key-3", "href": "/api/storage/v1/encryption/local/keys/key-002" }] }