Re: How secure is ASM? any encryption possible?

On 27 Feb, 16:19, "gpd..._at_googlemail.com" <gpd..._at_googlemail.com> wrote:
> My company just spent a bomb on PGP entire disk encryption.
> Ok we do banking software and have several large banks as customers.
> We have systems on laptops for debugging/testing.
> Oracle is setup to use ASM on its own partition on the laptops.
>
> PGP can not encrypt it.!!!
> What I want to know is how secure the database is if the laptop is
> stolen/ disk removed.
>
> The c: drive which can be encrypted has the oracle applications. ini
> and .ora files.
>
> I have bios startup/disk passwords. PGP on windows drives.
> However I am being asked to put oracle data files on a PGP encrypted
> windows system instead of an ASM partition due to security.
>
> Tried google and not a lot shows up for hacking or reading oracle asm
> partitions.
>
> So I am asking how nest to secure ASM partitions. or how secure is
> ASM?
Just seen an article about encypting tablespaces. DOes this work in 10G, anything to be weary of?

http://www.psoug.org/reference/tde.html

onn / as sysdba

CREATE TABLESPACE securespace1
DATAFILE 'c:\temp\secure01.dbf' SIZE 25M ENCRYPTION
DEFAULT STORAGE(ENCRYPT); SELECT tablespace_name, encrypted
FROM dba_tablespaces;

desc gv$encrypted_tablespaces

SELECT et.inst_id, ts.name, et.encryptionalg, et.encryptedts FROM gv$encrypted_tablespaces et, ts$ ts WHERE et.ts# = ts.ts#;

set long 1000000

SELECT dbms_metadata.get_ddl('TABLESPACE', 'SECURESPACE1') FROM dual;

CREATE TABLESPACE securespace
DATAFILE 'c:\temp\secure02.dbf' SIZE 25M ENCRYPTION USING '3DES168'
DEFAULT STORAGE(ENCRYPT); Received on Wed Feb 27 2008 - 10:46:32 CST