Introduction

A Primary Key, also known as a Symmetric Master Encryption Key, is used to derive other symmetric encryption keys (e.g., data encryption keys, key wrapping keys, or authentication keys) using symmetric cryptographic methods.

Primary Keys are automatically generated by the Ubiq Dataset Creation Wizard when you create a Dataset and the name is always unique.

As a best practice and by default in the Ubiq Platform, Primary Keys are rotated every twelve (12) months. Regular rotation ensures that your system is resilient to manual rotation, whether due to a security breach or the need to migrate your application to a stronger cryptographic algorithm. You may increase, or decrease, the rotation schedule (every 3, 6, 12, 18, 24 or 36 months) and you may also rotate or disable a Primary Key immediately.

View Primary Keys

1. On the left side menu click Primary Keys.

2. The Primary Keys panel appears showing all Primary Key(s) generated via the Dataset Creation Wizard.

How to Rotate Primary Keys

1. Click on the three dots (...) at the end of the row for the Primary Key that you wish to rotate.

2. Select Rotate Primary Key and you will be presented with an additional Rotate Primary Encryption Key panel.

3. Click the Rotate button to complete the action.

How to Change a Primary Key Rotation Schedule

1. Click on the three dots (...) at the end of the row for the Primary Key that you wish to change the rotation schedule for.

2. Select Change Primary Key Rotation Schedule and you will be presented with an additional panel.

3. Select the New Rotation Schedule and click the Change button to complete the action.

How to Disable a Primary Key

1. Click on the three dots (...) at the end of the row for the Primary Key that you wish to Disable.

2. Select Disable and you will be presented with an additional Disable Primary Key panel.

3. Click the Disable button to complete the action.

4. You are able to reactivate a Primary Key by clicking the Enable button for disabled Primary Keys.