Geek Answers Handbook

What is the recommended encryption method in Oracle?

I need the help of Oracle / Security experts.

I am going to make encryption / decryption functions in our Oracle database. I intend to use dbms_cryptowith AES256. I understand that I have to store the key file in O / S and read it with utl_file.

Is that a good idea? Are there any problems with this approach? For instance. Can utl_file have problems if the key file is read at the same time by 10 calling functions? Instead, another is recommended?

I am sure this is a very common thing. Does anyone know where I can find a good sample that does this?

Since this is related to security, I would prefer to follow some standard that others follow.

+5
source share
2 answers

If you have Oracle Advanced Security in Oracle Database Enterprise Edition, you already have transparent data encryption (TDE) of the data stored in the database. Take a look:

http://download.oracle.com/docs/cd/B19306_01/network.102/b14268/asotrans.htm

You can also check this link:

http://www.oracle-base.com/articles/10g/TransparentDataEncryption_10gR2.php

Summing up the last page:

  • Setup: creating a database file and user.

    CONN sys / password AS SYSDBA

    CREATE TABLESPACE tde_test DATAFILE '/u01/oradata/DB10G/tde_test.dbf' SIZE 128K AUTOEXTEND ON NEXT 64K;

    CREATE USER test IDENTIFIED BY test DEFAULT TABLESPACE tde_test; ALTER USER test QUOTA UNLIMITED ON tde_test; GRANT CONNECT TO test; GRANT CREATE TABLE TO test;

  • . . . sqlnet.ora , .

    ENCRYPTION_WALLET_LOCATION = ( = ( = ) (METHOD_DATA =   (= /u01//Oracle//DB10G/encryption_wallet/)))

:

CONN sys/password AS SYSDBA
ALTER SYSTEM SET ENCRYPTION KEY AUTHENTICATED BY "myPassword";

:

CREATE TABLE tde_test (
  id    NUMBER(10),
  data  VARCHAR2(50) ENCRYPT
)
TABLESPACE tde_test;

, .

+3

/ " ", . .

, , , .

+1

More articles:


All Articles