Compliance requirements often mandate the use of encryption to protect data written on disks. In ObjectScale encryption can be enabled at the bucket levels. Key features of ObjectScale D@RE include:
- ObjectScale supports FIPS 140-2 mode by default only for the DARE module. It is Level 1 compliant using an AES 256-bit encryption algorithm.
- ObjectScale uses RSA BSAFE Crypto-J JSAFE and JCE software module version 6.2.5 for data encryption that is based on the AES256 algorithm.
- Enabled through the ObjectScale Portal or ObjectScale REST Management APIs
- Can be enabled when an account is added to an object store. Users can enable at the account level and at the bucket level with transitivity.
- Not all buckets or objects must be encrypted within a specific object store
- Supports Amazon S3 Server-Side Encryption (SSE) constructs that enable object encryption and user-supplied keys
- Each object store with an added IAM account, bucket, and object have an associated key that is auto generated at creation
- Keys are separated between object stores with an IAM account
- All user data are encrypted inline before being stored on ObjectScale commodity drives
- There is no limit on the number of accounts and buckets that can be encrypted
See the Dell ObjectScale 1.3.x Security Configuration Guide for further information about D@RE.