I’ve just posted an article on SecureFiles in Oracle 11g. It looks like Oracle have done a pretty good job of improving LOBs in 11g. Depending on the LOB contents, and provided you can cope with the processing overhead, you can certainly save some serious space using the compression and deduplication options. Anyone who’s used Transparent Data Encryption (TDE) will recognize the encryption options.
I can’t see the old-style (BasicFile) LOBs lasting very long now this is in place. 🙂
I spent yesterday looking at the Tablespace Encryption feature in Oracle 11g. If you’ve used the Transparent Data Encryption (TDE) feature in 10g release 2, you’ll see this is more of the same. The difference here is eveything in the tablespace is encrypted, rather than having to decide on a column-by-column basis. Just create the appropriate tablespace and Bob’s your uncle!
You may notice the article conveniently side-steps the Hardware Security Modules related functionality. I don’t have one so I can’t test it out. 🙂
For most of the stuff I work on, encrypting all the columns in a table is overkill, but I guess there are some areas where this is a big priority. It’s good to know it’s there in case you ever need it. 🙂