|Tablespace Encryption in Oracle 11g Database Release 1 - Simplify the administration of transparent data encryption (TDE) using tablespace encryption.|
Thomas said...Great article. All your articles are great.
Are You Robot :O) ?
prabha govind said...this is execellent article....
Frodi said...couldn't be any more clear.
thanks a bunch
Benjamin said...Excellent article as always. Thanks
Vimal said...I have a little doubt in this article. You mentioned that Wallets must be reopened after an instance restart and can be closed to prevent access to encrypted data.
Does it mean that to continue protecting the encrypted files it is mandatory that the instance should be on?
Please explain me what you mean by that sentence.
Tim... said...No. The data is safe because it is encrypted on disk. The point is, the wallet must be open for the instance to be able to decrypt the data. If the instance is down, the data can't be read. If the instance is open, but the wallet is closed, the data can't be read.
Laurent Schneider said...Hi Tim,
This seems to be an old and obscure syntax... that still work.
I would prefer the IDENTIFIED BY as AUTHENTICATED BY syntax, because it is supported.
Kindest regards from rainy Switzerland
It's a throw-back to 10g days, which is why they've left it working for backwards compatibility. I've amended it.
Thanks for the heads-up.
Laurent Schneider said...Probably some 10gR2 beta or alpha or early days, because in the latest 10.2 doc it is documented as an example but not as a valid syntax ;)
Don Seiler said...Tim, regarding the default wallet location, Oracle uses the db_unique_name, not the $ORACLE_SID. I found this out when I changed the db_unique_name, but not the SID in one of my databases.
Thanks for the heads-up. I've sorted it in both encryption articles. There's actually a couple of locations based on the DB_UNIQUE_NAME, depending on whether the ORACLE_BASE is set.