Using Transparent Data Encryption for column encryption
Transparent Data Encryption (TDE) relays on the database kernel mechanism and does not require additional programming. The key management is performed automatically by the database. From an architectural point of view, it was designed to protect the data from physical theft and it does not provide data access protection. The encryption is performed at storage level, and the column decryption occurs at data access. Therefore, the data will be visible for anyone with select privileges on tables containing encrypted columns with TDE. Being a feature provided by Oracle Advanced Security (OAS), you must purchase the OAS pack license to use this capability.
In this recipe, we will encrypt the employees table's columns, salary and commission_pct, using various options available for TDE column encryption.
Getting ready
All steps will be performed on the HACKDB database.
How to do it...
As the
oracleuser, create a directory for the encryption wallet...
