Re: Transparent Data Encryption

From: Stefan Knecht <>
Date: Thu, 22 Aug 2019 13:37:58 +0700
Message-ID: <>

You can use VPD to restrict access to very specific columns and even rows. The conditions can be anything you can express in PL/SQL - even things such as connection IP addresses (to e.g. prevent certain data from being read remotely) and of course anything like roles or users.


On Thu, Aug 22, 2019 at 1:22 AM Rusnak, George A CTR (US) DeCA HQ LEITC <> wrote:

> Oracle Version:
> We are installing a new system and it contains PII information. TDE was
> suggested to protect the PII information, also a requirement exists that I
> need to limit access to encrypted columns based on roles assigned to users.
> For example, I would create an HR_ROLE and only those users with the
> HR_ROLE can get to HR encrypted data columns.
> I have been researching but have not come across any article that covers
> this so I am not sure if it even can be done.
> Any info or how to document would be greatly appreciated.
> Thanks,
> Al

zztat - The Next-Gen Oracle Performance Monitoring and Reaction Framework!
Visit us at | _at_zztat_oracle | |

Received on Thu Aug 22 2019 - 08:37:58 CEST

Original text of this message