Encryption of Media
Data on media can be encrypted. Internal encryption operations use keys that are integrated in yuuvis® RAD. Project-specific keys use keys from the keystore on the application server. The keystore must be integrated in yuuvis® RAD management-studio.
Internal Keys
Internal encryption keys for media are integrated and managed in the media management of yuuvis® RAD management-studio via Actions > General > Internal encryption keys.
The dialog shows internal keys that have been created. Double-click an entry to open the configuration dialog.
A new internal key can be created with the 
Plus icon. A name and the encryption algorithm are entered.
Keys can be created based on the data of existing keys. The configuration dialog of existing keys also provides an Apply as copy function for this purpose.
Custom Encryption Keys
Custom encryption keys for media are integrated and managed in the media management of yuuvis® RAD management-studio via Actions > General > Custom encryption keys.
The dialog shows project keys that have already been created. Double-click an entry to open the configuration dialog.
A new project key can be integrated with the Plus icon.
| Name | Project key name |
| Provider |
|
|
Algorithm |
Selection via the list of encryption algorithms |
| Key | Selection via the list of integrated keys |
The data can no longer be decrypted if the keystore is deleted.
Integrating a Keystore
The keystore for custom keys must be saved in the following directory:
…<host-core-service>\standalone\configuration\
The keystore is opened from yuuvis® RAD management-studio via Navigation > System > Settings > Core service > Cluster > Depository on the Keystore tab.
Parameters:
| Filename of keystore |
Designation of the keystore |
| Password for keys | Key password |
| Name of the provider | Provider designation |
| Keystore type | Type of the keystore |
| Keystore password | Keystore password |
| Use key password | Active: Use key password |
| Use keystore password | Active: Use keystore password |
Example: Creating a Keystore
You can use the following example to create a keystore with a key.
-
Open the command prompt.
-
Enter the following:
SET PATH=%PATH%;%CORE-SERVICE%\jdk\bin
-
Change to the \standalone\configuration\ directory of the yuuvis® RAD core-service installation directory.
-
Enter the following:
keytool -genseckey -alias DpsAESKey -keystore my.keystore -keyalg AES -keysize 256
Follow the instructions and enter the keystore password and key password.
See the Oracle documentation for more information on Keytool.
-
Integrate the keystore in yuuvis® RAD management-studio with the following parameters:
Filename of keystore my.keystore
Password for keys Key password Name of the provider SUN Keystore type PKCS12 Keystore password Keystore password Use key password Active Use keystore password Active
Assigning Keys
The Encryption key parameter is displayed in the configuration of the media for encryption. Use it to assign a key to a medium. The list shows all keys, both internal and project-specific keys.
on the right.
areas. Use the toolbar to show all hidden areas at once:
