After completing this lesson, you should be able to do the following: • Implement Transparent Data Encryption (TDE) • Use TDE with encrypted columns • Describe Data Pump (DP) encryption • Identify components of Recovery Manager (RMAN)– encrypted backups • Define basic concepts of a Virtual Private Database (VPD) • Apply a column-level VPD policy | Database Security Objectives After completing this lesson, you should be able to do the following: Implement Transparent Data Encryption (TDE) Use TDE with encrypted columns Describe Data Pump (DP) encryption Identify components of Recovery Manager (RMAN)–encrypted backups Define basic concepts of a Virtual Private Database (VPD) Apply a column-level VPD policy TDE DP RMAN VPD Additional Resources Oracle by Example (OBE) for the Oracle Database 10g: “Using Transparent Data Encryption” “Restricting Data Access using Virtual Private Database” Documentation: Oracle Database Security Guide Oracle Database Advanced Security Administrator’s Guide Oracle Transparent Data Encryption (TDE): Overview Need for secure information Automatic encryption of sensitive information: Embedded in the Oracle database No need to change application logic Encrypts data and index values Using an encryption key: Master key for the entire database . | Database Security Objectives After completing this lesson, you should be able to do the following: Implement Transparent Data Encryption (TDE) Use TDE with encrypted columns Describe Data Pump (DP) encryption Identify components of Recovery Manager (RMAN)–encrypted backups Define basic concepts of a Virtual Private Database (VPD) Apply a column-level VPD policy TDE DP RMAN VPD Additional Resources Oracle by Example (OBE) for the Oracle Database 10g: “Using Transparent Data Encryption” “Restricting Data Access using Virtual Private Database” Documentation: Oracle Database Security Guide Oracle Database Advanced Security Administrator’s Guide Oracle Transparent Data Encryption (TDE): Overview Need for secure information Automatic encryption of sensitive information: Embedded in the Oracle database No need to change application logic Encrypts data and index values Using an encryption key: Master key for the entire database Stored in Oracle Wallet Encryption/Decryption Column and index data Wallet Oracle Transparent Data Encryption (TDE): Overview Need for Secure Information Oracle Database 10g Release 2 Transparent Database Encryption simplifies encryption of sensitive personal information such as credit card numbers and social security numbers. Transparent Data Encryption eliminates the need to embed encryption routines in existing applications and dramatically lowers the cost and complexity of encryption. With a few simple commands, sensitive application data can be encrypted. Automatic Encryption of Sensitive Information Most encryption solutions require specific calls to encryption functions within the application code. This is expensive because it typically requires extensive understanding of an application as well as the ability to write and maintain software. In general, most organizations do not have the time or expertise to modify existing applications to make calls to encryption routines. Oracle