Product Documentation

A set of Key Custodians is the most important piece to the operations of a SAKA deployment. Without the Key Custodians, it would be impossible to activate a SAKA that had been restarted. And if one or more of the Key Custodian credentials is lost or compromised, that incurs a risk of both data loss and data compromise.

 

The Key Custodian Replacement Tool provides a solution to mitigating those risks, by generating a new set of Key Custodians from the old set. In this way, new Key Custodians can be created when previous ones have been lost. And if a Key Custodian credential is considered compromised, by creating a new set and discarding the old set, the compromise of that credential will no longer be usable towards any attack on the appliance.