Understanding Key Rings

Cryptography keys may be used to provide a signature to a request so that the system recognizes that the request comes from a trusted party. Keys may also be used to encrypt or decrypt files shared between two parties.

In this release, support for a Signature type of key is provided to be able to access files stored in Oracle Cloud Object Storage.

The product supports the ability for the following:

• Maintaining pairs of keys - public and private. For keys generated in the system, the private key is stored in an appropriate "secret store" and the public key is available to copy and share with a third party.

• Key rotation. For increased security, a new key pair should be generated periodically.

The Key Ring object is provided to reference the key pairs that are used over time for a given business use case. Only one key pair may be active at any given time.

The following sections include information about the functionality provided to support this functionality.

Signature Keys

Parent topic

Cryptography Keys