Re: TDE
Date: Fri, 19 Dec 2008 20:37:39 +0000
Message-ID: <nCT2l.10637$cx7.6623@newsfe21.ams2>
Chuck wrote:
> I just read an oracle white paper on transparent data encryption in
> 10gR2. It states that decryption occurs at the SQL layer. Doesn't that
> mean that the data will be decrypted *before* it's transmitted over the
> network to a client? I would think that defeats part of the goal of
> encryption if it's not done at the client. Am I misunderstanding something?
>
> Quoted from the white paper...
>
> "TDE encrypts data before it's written to disk and decrypts data before
> it is returned to the application. The encryption and decryption process
> is performed at the SQL layer, completely transparent to applications
> and users."
The purpose of TDE is to protect the files on disk. Trying to decrypt at
the client would be a disaster,
To protect your network, you need to address network level issues, not Oracle level.
Palooka Received on Fri Dec 19 2008 - 14:37:39 CST