We can create a tablespace in which the entire content will be stored in encrypted format.By default in unencrypted tablespace data is stored in ASCII format and we can see the contents of a tablespace by strings command .
]$strings userdata.dbf
It will show data in ascii format
To perform tablespace encryption we have to create a wallet in sqlnet.ora
WALLET: It has the password which can be called as key .whenever we open the database we will have to open the wallet with key.
when a user uses the encrypted tablespace the inserted data is automatically encrypted and when fetches data then the data is automatically decrypted .
Configure wallet
]$ cp $ORACLE_HOME/network/admin/samples/sqlnet.ora ~
]$cd ~
~]$vi sqlnet.ora
Go to line 755 and edit from 755 to 759
ENCRYPTION_WALLET_LOCATION
=(SOURCE
=(METHOD=FILE)
(METHOD_DATA=(DIRECTORY=/disk1/oradata/dharam/wallet))
)
~]$mkdir /dik1/oradata/dharam/wallet
~]$export TNS_ADMIN=$HOME
SYS>alter system set encryption key authenticated by "mypwd"
CREATING ENCRYPTED TABLESPACE SYS>create tablespace enc1 datafile '/disk1/oradata/dharam/enc1.dbf'
size 20m
encryption using 'AES128'
default storage(encrypt);
dharam]$strings enc1.dbf
data in encrypted format
TO OPEN WALLET
SYS>alter system set wallet open identified by "mypwd";
TO CLOSE WALLET
SYS>alter system set wallet close;
No comments:
Post a Comment