Oracle Transparent Data Encryption (TDE)
#) Oracle Transparent Data Encryption addresses the encryption problem by deeply embedding encryption in the Oracle database.
#) Oracle database automatically encrypts the data before writing the information to disk. Subsequent select operations will have the data transparently decrypted so the application will continue to work normally.
#) Encryption works by passing clear text data along with a secret, known as the key, into an encryption program. The encryption program encrypts the clear text data using the supplied key and returns the data encrypted.
#) Oracle Wallet, uses certificates from a Certificate Authority, by which Administrator initialize DB master key.
#) TDE uses the External Security Module (ESM) to generate encryption keys, to provide functions for encryption and decryption, and to store encryption keys securely inside and outside the database.
->** When a table contains encrypted columns, a single column key is used regardless of the number of encrypted columns in that table. The keys for all tables containing encrypted columns are stored in a single column in a dictionary table in the database. That column is encrypted with the database server’s master key, preventing any use of those keys through unauthorized access. The master key is stored in a wallet outside the database. The wallet is created using Oracle Wallet Manager, and the master key is generated by the ESM.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment