Cloudera Navigator Key Trustee Server
Cloudera Navigator Key Trustee Server is an enterprise-grade virtual safe-deposit box that stores and manages cryptographic keys and other security artifacts. With Navigator Key Trustee Server, encryption keys are separated from the encrypted data, ensuring that sensitive data is still protected in the event that unauthorized users gain access to the storage media.
Key Trustee Server protects these keys and other critical security objects from unauthorized access while enabling compliance with strict data security regulations. For added security, Key Trustee Server can integrate with a hardware security module (HSM). See Cloudera Navigator Key HSM for more information.
In conjunction with the Key Trustee KMS, Navigator Key Trustee Server can serve as a backing key store for HDFS Data At Rest Encryption, providing enhanced security and scalability over the file-based Java KeyStore used by the default Hadoop Key Management Server.
Cloudera Navigator Encrypt also uses Key Trustee Server for key storage and management.
For instructions on installing Key Trustee Server, see Installing Cloudera Navigator Key Trustee Server.
For instructions on configuring Key Trustee Server, continue reading: