Labels

.NET Job Questions About Java Absract class Abstract class Abstract Class and Interface Aggregation ajax aop apache ofbiz Apache ofbiz tutrial Association authentication autocad basics batch Binary Tree bootstrap loader in java build Builder design pattern C++ Job Questions caching CallableStatement in java certifications Chain of responsibility Design pattern charts check parentheses in a string Classes classloader in java classloading concept code quality collage level java program Composition concurrency Concurrency Tutorial Converting InputStream to String Core Java core java concept core java interview questions Core Java Interview Questions Core Java Questions core java tutorial CyclicBarrier in Java data structures database Database Job Questions datetime in c# DB Db2 SQL Replication deserialization in java Design Patterns designpatterns Downloads dtd Eclipse ejb example/sample code exception handling in core java file handling injava File I/O vs Memory-Mapped Filter first program in spring flex Garbage Collection Generics concept in java grails groovy and grails Guice Heap hibernate Hibernate Interview Questions how-to IBM DB2 IBM DB2 Tutorial ide immutable Interceptor Interface interview Interview Questions for Advanced JAVA investment bank j2ee java JAVA Code Examples Java 7 java changes java class loading JAVA Classes and Objects Java Classloader concept Java classloading concept java cloning concept java collection Java collection interview questions Java Collections java concurrency Java CountDownLatch java definiton Java design pattern Java EE 5 Java EE 6 Java Exceptions Java file Java Garbage Collection Java generics Java Glossary java hot concept java immutable concept Java Interface Java interview Question java interview question 2012 java interview question answer Java Interview Questions Java Interview Questions and Answers java interview topic java investment bank Java Job Questions java multithreading java multithreading concept java new features Java Packages java proxy object java questions Java Serialization Java serialization concept java serialization interview question java session concept java string Java Swings Questions java synchronization java threading Java Threads Questions java tutorial java util; java collections; java questions java volatile java volatile interview question Java Wrapper Classes java.java1.5 java.lang.ClassCastException JavaNotes javascript JAX-WS jdbc JDBC JDBC Database connection jdk 1.5 features JDK 1.5 new features Concurrent HashMap JMS interview question JMS tutorial job JSESSIONID concept JSESSIONID interview Question JSF jsp JSP Interview Question JSP taglib JSTL with JSP Junit Junit Concept Junit interview question.Best Practices to write JUnit test cases in Java JVM Linux - Unix tutorial Marker Interfaces MD5 encryption and decryption messaging MNC software java interview question musix NCR java interview question Networking Job Questions news Object Serialization Objects ojdbc14.jar OOP Oracle Oracle SQL Query for two timestamp difference orm own JavaScript function call in Apache ofbiz Packages Palm Apps patterns pdf persistence Portal Portlet Spring Integration Prime number test in java programs Rails Reboot remote computers REST Ruby Sample application schema SCJP security Senior java developer interviews servlet3 servlets session tracking singleton design pattern Spring Spring 2.5 Framework spring ebook Spring framework concept spring MVC spring pdf Spring Security Spring Security interview questions SQL SQL performance SQL Query to create xml file Sql Query tuning ssis and ssrs StAX and XML string concept string immutable string in java strings struts Struts2 Struts2 integration synchronization works in java Technical Interview testing tips Tomcat top Tutorial Volatile in deep Volatile working concept web Web Developer Job Questions web services weblogic Weblogic Application Server websphere what is JSESSIONID xml XML parsing in java XML with Java xslt


Monday, 8 July 2013

Oracle: Transparent Data Encryption

Oracle transparent data encryption (available from 10g Release 2) enables you to encrypt database columns and manage encryption keys. Transparent data encryption can be used to protect confidential data such as credit card and social security numbers. An application that processes sensitive data can use this feature to provide strong data encryption with little or no change to the application. Transparent data encryption is a key-based access control system. When a table contains encrypted columns, a single key is used regardless of the number of encrypted columns. The keys for all tables containing encrypted columns are encrypted with the database server master key and stored in a dictionary table in the database. No keys are stored in the clear. Follow these steps to implement encryption on the Database side.
  1. Set the Master Encryption Key by issuing the following command
    ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY password
    2. No database columns can be encrypted wihtout setting the master encryption key first. This command automatically creates an oracle wallet and sets the password for the wallet. The wallet is also opened as a result of this command. Note that there must be a directory $ORACLEBASE/admin/$ORACLESID otherwise you will ge an error
    ORA-28368: cannot auto-create wallet error
  2. Open the wallet: The wallet must be opened explicitly after the database instance starts. When you create the wallet you also open the wallet for operation. After you create the wallet and set the password, every time you open the database, you'll have to open the wallet using the same password as follows:
    alter system set encryption wallet open authenticated by password;
    You can close the wallet like this:
    alter system set encryption wallet close;
    The wallet must be open for Transparent Data Encryption to work. If the wallet is closed, you can access all nonencrypted columns, but not encrypted columns (you will get a "wallet not open" error).
  3. Create a table using CREATE TABLE as shown below
      CREATE TABLE "SCOTT"."ACCOUNT"
      ( "ACCOUNTID" VARCHAR2(40 BYTE),
     "NAME" VARCHAR2(40 BYTE),
     "SSN" VARCHAR2(40 BYTE)
      ) ;
  4. Encrypt the columns: A column can be encrypted by altering the table with the following command
    The default algorithm for encryption is AES with 192-bit key. This can be changed to any other with the "using" clause added after encrypt, as shown below
    alter table accounts modify (ssn encrypt using 'AES128'); 
    Some other encryption algorithms that can be used are AES128, AES192, AES256, or 3DES168.
Do not, use transparent data encryption with these database features:
  • Index types other than B-tree
  • Range scan search through an index
  • Large object datatypes such as BLOB and CLOB
  • Original import/export utilities
  • Other database tools and utilities that directly access data files
 For further information refer to Oracle Advanced security administrator's guide.










Labels:
,
,
















No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)







LinkWithin





Related Posts Plugin for WordPress, Blogger...