Transparent Data Encryption

Column Encryption: Four easy steps

Setup Wallet and Master Key	Identify columns with sensitive data	Review constraints	Encrypt existing and new data

Change the definitions of the columns found in step two with this simple command:

  SQL> alter table <table_name> modify (<column_name> encrypt);

All existing data in the column specified will now be encrypted. During the update of the table, read access is still possible; in case DML commands are necessary, online redefinition can be used. From now on, all data that is added to the encrypted column is automatically encrypted when it is written to the database file, and decrypted when it is selected by an authorized user who passed all access control mechanisms in place: System and object privileges granted directly, through database roles or secure application roles, access control policies implemented with Virtual Private Database or Oracle Label Security, and finally Oracle Database Vault.