Presentation is loading. Please wait.

Presentation is loading. Please wait.

Transparent Data Encryption

Published byAllen Bell Modified over 8 years ago

Similar presentations

Presentation on theme: "Transparent Data Encryption"— Presentation transcript:

1 Transparent Data Encryption
DEMO Transparent Data Encryption

2 Demo For TDE Column Encryption (Oracle 10g, 11g)
TableSpace Encrytion (Oracle 11g)

3 Column Encryption Create a Wallet:
Open sqlnet.ora file in: …\product\11.2.0\dbhome_1\NETWORK\A DMIN Add to sqlnet.ora file this code: ENCRYPTION_WALLET_LOCATION = (SOURCE= (METHOD=file) (METHOD_DATA= (DIRECTORY=C:\oracle\product\10.2.0\db_1\NE TWORK\ADMIN\tde_wallet)))

4 SQLNET.ORA

5 Edit File sqlnet.ora

6 Create A Master Key Create a Master Key: Run script in isqlplus:
alter system set encryption key authenticated by "ImOracle"; This command creates a wallet at the location defined in the sqlnet.ora, sets the password for it. A Master Key will be automatically generated by TDE and store in wallet secured by password. This Master Key is used by TDE to encrypt column key of each table.

7 Set PassWord To Wallet

8 TDE In Oracle 11g In Oracle 11g, after login as DBAs, in tab server, you can click to link Transparent Data Encryption to view wallet status:

9 TDE In Oracle 11g

10 Wallet Status

11 Wallet Manager You can use Wallet Manager to manage Oracle Wallet.

12 Open Wallet Manager

13 Wallet Manger

14 Wallet Manager Set Autologin to Wallet:
You can set auto login to Wallet (after creating password for it) to Oracle open wallet automatically when starting. You must use Wallet Management to do this.

15 Set Auto Login To Wallet

16 Column Encryption Create tablespace for encrypted tables:
CREATE TABLESPACE ts_tde DATAFILE 'C:\ts_tde.dbf' SIZE 20m autoextend ON NEXT 5m Extent management local segment space management auto; CREATE USER tde_test identified by test default tablespace ts_tde quota unlimited on ts_tde; GRANT connect,resource to tde_test; Go to folder specified, you will see created table space

17 Column Encryption

18 Column Encryption Create an unencrypted table and insert data:
CREATE TABLE tde_test ( id NUMBER(10), data VARCHAR2(50) )TABLESPACE ts_tde; INSERT INTO tde_test (id, data) VALUES (1, 'This is a secret!'); COMMIT;

19 Column Encryption Open ts_tde.dbf with notepad and search data

20 Search Data In Clear Text Form

21 Search Data In Clear Text Form
It can be seen that the sensitive data is written in the data files as clear text. Since the data is in clear text format in the datafile so it is in the archived redo log files, backup sets etc. Any one who has access to your backup tapes can easily steal your backups, restore it somewhere and see all of your data.

22 Search Data In Clear Text Form

23 Create An Encrypted Table
Create an encrypted table and insert data: CREATE TABLE tde_test ( id NUMBER(10), data VARCHAR2(50) ENCRYPT )TABLESPACE ts_tde; INSERT INTO tde_test (id, data) VALUES (1, 'This is a secret!'); You can use select command to view what columns encrypted: SELECT table_name, column_name, encryption_alg, salt from user_encrypted_columns;

24 View Encrypted Columns

25 View Encrypted Data You can’t also search data in clear text:

26

27 Tablespace Encryption
Create wallet, set password to wallet like in column encryption. After openning wallet, we create an encrypted tablespace: CREATE TABLESPACE secure_space DATAFILE 'c:/secure_space.dbf' SIZE 150M ENCRYPTION USING '3DES168' DEFAULT STORAGE(ENCRYPT); Algorithm used: '3DES168’

28 Create an Encrypted Tablespace

29 Tablespace Encryption
Create another encrypted tablespace: CREATE TABLESPACE secure_space3 DATAFILE 'c:/secure_space3.dbf' SIZE 150M ENCRYPTION DEFAULT STORAGE(ENCRYPT); Default encryption algorithm is: AES128

30 Create an Encrypted Tablespace

31 Thanks For Your Attention

Download ppt "Transparent Data Encryption"

Similar presentations

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any.

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any.
Creating a Login Process Creating a users table and a login form that denies access to unauthorized users.

Creating a Login Process Creating a users table and a login form that denies access to unauthorized users.
1. 2 Introduction This presentation describes introduction of data encryption into Oracle databases and how “Transparent Data Encryption” in Oracle 11g.

1. 2 Introduction This presentation describes introduction of data encryption into Oracle databases and how “Transparent Data Encryption” in Oracle 11g.
15 Copyright © 2006, Oracle. All rights reserved. Database Security.

15 Copyright © 2006, Oracle. All rights reserved. Database Security.
Advanced Databases Basic Database Administration Guide to Oracle 10g 1.

Advanced Databases Basic Database Administration Guide to Oracle 10g 1.
Database Backup and Recovery

Database Backup and Recovery
Chapter 5 Configuring the RMAN Environment. Objectives Show command to see existing settings Configure command to change settings Backing up the controlfile.

Chapter 5 Configuring the RMAN Environment. Objectives Show command to see existing settings Configure command to change settings Backing up the controlfile.
Agenda  Overview  Configuring the database for basic Backup and Recovery  Backing up your database  Restore and Recovery Operations  Managing your.

Agenda  Overview  Configuring the database for basic Backup and Recovery  Backing up your database  Restore and Recovery Operations  Managing your.
Oracle TDE -11gR2.

Oracle TDE -11gR2.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Oracle Database Administration

Oracle Database Administration
Overview What is SQL Server? Creating databases Administration Security Backup.

Overview What is SQL Server? Creating databases Administration Security Backup.
Getting Started with Oracle11g Abeer bin humaid. Create database user You should create at least one database user that you will use to create database.

Getting Started with Oracle11g Abeer bin humaid. Create database user You should create at least one database user that you will use to create database.
PASSWORD MANAGEMENT MADE EASY A Project Play Date - September 26, 2008 Beth Carpenter, Library Services Manager, Outagamie Waupaca Library System.

PASSWORD MANAGEMENT MADE EASY A Project Play Date - September 26, 2008 Beth Carpenter, Library Services Manager, Outagamie Waupaca Library System.
Oracle Database Administration Database files Logical database structures.

Oracle Database Administration Database files Logical database structures.
13 Copyright © Oracle Corporation, 2001. All rights reserved. RMAN Complete Recovery.

13 Copyright © Oracle Corporation, All rights reserved. RMAN Complete Recovery.
CHAPTER 11 Large Objects. Need for Large Objects Data type to store objects that contain large amount of text, log, image, video, or audio data. Most.

CHAPTER 11 Large Objects. Need for Large Objects Data type to store objects that contain large amount of text, log, image, video, or audio data. Most.
IT 21003 Database Administration Section 03. Tablespaces and the DBA  Important for DBAs – logical units of database storage Made up of physical operating-system.

IT Database Administration Section 03. Tablespaces and the DBA  Important for DBAs – logical units of database storage Made up of physical operating-system.
Session 5: Working with MySQL iNET Academy Open Source Web Development.

Session 5: Working with MySQL iNET Academy Open Source Web Development.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Similar presentations

Ads by Google