Transparent Data Encryption
What is TDE?
- A mechanism to encrypt sensitive information in the database.
- Encryption is done by Oracle before writing to the disk.
- Individual applications are not burdened with encryption if TDE facility is used.
What are the advantages of TDE?
- Complexity of application program is reduced.
- Applications can run as is without modification after encryption.
- Encryption management can be done across the enterprise with common policy enforced by Oracle.
How to set up TDE?
- Prepare the Database for encryption by editing the sqlnet.ora file to include an entry
- Connect to the database as SYSDBA and create the master encryption key by executing the command
alter system set key identified by “username”
- For later sessions the wallet needs to be open, This is done by executing the command
alter system set wallet open identified by “username”
What are the applications of TDE?
- Creating Tables with encrypted columns
- Creating Index on encrypted data
- Making changes to the encrypted data