Cryptographic Card for KMA

Pre-install or add a cryptographic card to the KMA to provide a FIPS 140-2 Level 3 certified cryptographic device.

The cryptographic card may sometimes be referred to as the Hardware Security Module (HSM). See the Oracle Key Manager Security Guide for more information.

  • SPARC KMAs running OKM 3.3.3 may use the Entrust nShield Solo XC PCIe card.
  • SPARC KMAs running OKM 3.3 or later may use the nCipher nShield Solo+ PCIe card.

nShield Smart Card and Smart Card Reader

A smart card reader and smart card come with the Solo XC or Solo+ installation kit. Retain the smart card and reader for installing and servicing the nShield card.

The customer should retain the smart card reader device and associated smart cards in the event the nShield card requires service. The nShield card operates securely without the smart cards once OKM has been configured to use the cryptographic card. Therefore, there is no security risk is an unauthorized individual acquires access to the smart cards.