Re: TDE

From: joel garry <joel-garry_at_home.com>
Date: Fri, 19 Dec 2008 10:58:53 -0800 (PST)
Message-ID: <cc635148-0ddc-4a38-b105-dce7bbf4e8b1@d36g2000prf.googlegroups.com>

On Dec 19, 8:54�am, Chuck <chuckh1958_nos..._at_gmail.com> wrote:
> I just read an oracle white paper on transparent data encryption in
> 10gR2. It states that decryption occurs at the SQL layer. Doesn't that
> mean that the data will be decrypted *before* it's transmitted over the
> network to a client? I would think that defeats part of the goal of
> encryption if it's not done at the client. Am I misunderstanding something?
>
> Quoted from the white paper...
>
> "TDE encrypts data before it's written to disk and decrypts data before
> it is returned to the application. The encryption and decryption process
> is performed at the SQL layer, completely transparent to applications
> and users."

Yeah, encryption so transparent no one knows it is there - even the bad guys! :-D

The purpose is so people can't easily grab a backup and look at the data.

For sqlnet, search docs for ENCRYPTION_CLIENT and see http://www.psoug.org/reference/net_services.html

--
@home.com is bogus.
Because people really are that stupid with backups:
http://catless.ncl.ac.uk/Risks/25.31.html#subj11

Received on Fri Dec 19 2008 - 12:58:53 CST

This message: [ Message body ]
Next message: joel garry: "Re: performance of updates"
Previous message: Chuck: "TDE"
In reply to: Chuck: "TDE"
Next in thread: Christian: "Re: TDE"
Reply: Christian: "Re: TDE"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message