Back to Oracle Database Security homepage

Encrypt Database export files

For years Oracle customers have found the import / export utilities a convenient way to move small amounts of data from one database to another. Oracle Data Pump 11g provides the ability to encrypt data as it is written to the export file, providing additional protection for credit card numbers and other sensitive business data.

Oracle Data Pump can easily encrypt an entire export file using one of these three methods:

 Local TDE master encryption key
 Passphrase
 Hybrid: Passphrase and local TDE master encryption key

Using Oracle Transparent Data Encryption, Oracle Data Pump uses the TDE master encryption key either from the Oracle Wallet or a Hardware Security Module (HSM).

Using a passphrase, Oracle Data Pump uses the passphrase supplied on the command line as the key for the encryption algorithm. This is beneficial if the export file is to be imported into another database, where the matching master encryption key is not available, but the temporary passphrase can be shared with the receiving site.

If using both passphrase and TDE master encryption key, the export file can be decrypted transparently if the TDE master encryption key is available, or by providing a passphrase. This is convenient when export files are to be imported back into the source database, and shipped off to other locations where the matching TDE master encryption key is not available, but the temporary passphrase can be shared with the receiving site.

Oracle Data Pump supports the AES encryption standard with 256, 192 or 128 bit key lenght.

Oracle Data Pump command line parameters can be used to specify the granularity of data encryption in the export file. For example, Data Pump can be instructed to encrypt all information or only those columns currently encrypted using Oracle Transparent Data Encryption.

For more information on Oracle Data Pump encryption, please refer to the Oracle Database Utilities documentation.


Security Features


Data Encryption
Virtual Private Database
Database Auditing
Backup Encryption
Export file encryption
Proxy Authentication
Enterprise User Security
Secure Application Roles
Fine Grained Auditing

Discussion Forums


Security
Audit Vault

Customer Successes


Industry leading organizations globally rely on Oracle Database Security Solutions to protect data privacy, address insider threats, and meet regulatory compliance - without changes to their existing applications, saving time and money.
Database Security Customers

Security Options


Oracle Database Vault
Oracle Advanced Security
Oracle Label Security

Related Technologies


Database Firewall
Audit Vault
Data Masking (pdf)
Secure Backup
Oracle Database Lifecycle Management Pack
Identity Management

In-Memory Replay Banner