Oracle Advanced Security


Oracle Advanced Security is an option for Oracle Database Enterprise Edition. Oracle Advanced Security provides three main features:

Transparent Data Encryption
Network encryption
Strong authentication

 Oracle Advanced Security transparent data encryption (TDE) helps address existing and emerging privacy and compliance requirements around the globe, including PCI-DSS and the numerous breach notification laws. TDE greatly simplifies the process of encrypting personally identifiable information, intellectual property and other sensitive information. Oracle Advanced Security TDE has been validated with numerous applications, including Oracle E-Business Suite, Oracle Siebel and Oracle PeopleSoft Applications. Oracle Advanced Security TDE also works seamlessly on Oracle Exadata, taking full advantage of the Oracle Exadata hardware for extreme performance.

Transparent Data Encryption

Transparent Data Encryption is an easy and transparent solution for encrypting sensitive data in the Oracle database. The solution is transparent because it requires no changes to applications, encrypting data before it is written to storage and automatically decrypting when reading from storage. TDE supports standard encryption algorithms including AES (up to 256-bit keys) and Triple DES. It leverages the native performance optimizations of the Oracle database and supports hardware-based cryptographic acceleration (available in select Intel® Xeon® and Oracle SPARC processors). First introduced in Oracle Database 10g Release 2, TDE column encryption protects individual columns in specific application tables within the database. TDE tablespace encryption, introduced in Oracle Database 11g Release 1, protects entire tablespaces, eliminating the need to identify individual columns. Tablespace encryption is the default recommendation for the current database release due to its simplicity and the fact that it has no restrictions on data types, range scans or primary keys. In addition, TDE tablespace encryption is certified on Oracle Exadata.

TDE also provides robust encryption key management using a two-tier key architecture. The master encryption key, stored in an Oracle Wallet or a certified hardware security module, is used to protect the data encryption keys. The data encryption keys, which are used to encrypt the actual database data, are managed by TDE transparently.

Network Encryption

When data travels to and from the Oracle database, Oracle Advanced Security can encrypt the network connections using standard algorithms such as AES (up to 256-bit keys), Triple DES, and RC4. Oracle Advanced Security supports both Secure Sockets Layer (SSL) encryption and an Oracle native encryption capability. The support for SSL/TLS follows industry standards. The Oracle native encryption feature provides distinct benefits including the ability to begin encrypting database network connections immediately, without provisioning X.509 certificates. Click here to see how easy it is to setup.

Strong Authentication

Passwords often are not sufficient to meet stringent security requirements. Strong authentication techniques address this problem by introducing security concepts such as tickets, cards, PIN entry and tokens into the authentication process. Certain strong authentication techniques allow you to combine concepts for "multi-factor" user authentication. Oracle Advanced Security supports a range of strong authentication techniques. Database users can be authenticated using:

Kerberos
PKI (certificate-based authentication and encryption)
RADIUS (Remote Authentication Dial-In User Service)


Oracle Advanced Security Customers


 Columbia University Encrypts PeopleSoft Data With Oracle Advanced Seucrity (Success Cast)
 Montage: Customers Discuss Using Oracle Advanced Security TDE to Encrypt Sensitive Data (Video)
 TransUnion Encrypts Financial and Credit Data (Video | Magazine Article | Success Cast | Webcast)
 Ross Stores Encrypts PCI and PII Data With Oracle Advanced Seucrity (Success Cast)
 Oracle Advanced Security Helps Sabre Comply with PCI-DSS Encryption Requirements (Success Cast | iPhone)
 National Marrow Donor Program Encrypts Healthcare Data (Video)
 Educational Testing Services (ETS) Encrypts Student Data (Video | Success Story | Success Cast | Magazine Article)
 South Korean Travel Firm Hanatour Encrypts Customer Data (Success Story)
 IBI Group Encrypts Road Tolling Data for PCI DSS Compliance (Success Cast)
 Philadelphia College of Osteopathic Medicine Encrypts Healthcare Data (Success Cast)
 More Oracle Advanced Security Customers

Hands-On


 Transparent Data Encryption
 Configuring native network encryption

Security Features


 Data Encryption
 Virtual Private Database
 Database Auditing
 Backup Encryption
 Export file encryption
 Proxy Authentication
 Enterprise User Security
 Secure Application Roles
 Fine Grained Auditing

Technical Information


 Datasheet
 Overview Whitepaper
 Transparent Data Encryption Frequently Asked Questions
 Technical White Paper

Security Options


 Oracle Database Vault
 Oracle Advanced Security
 Oracle Label Security

Related Technologies


 Database Firewall
 Audit Vault
 Data Masking (pdf)
 Secure Backup
 Oracle Database Lifecycle Management
 Identity Management

Discussion Forums


 Security
 Audit Vault
Left Curve
Popular Downloads
Right Curve
Untitled Document
Left Curve
More Database Downloads
Right Curve