Oracle® Advanced Security Offers Integration with Leading Hardware Security Modules for Data Encryption and Centralized Key Management
Customers Can Transparently Encrypt Sensitive Data without Changing Applications
Redwood Shores, CA - April 21, 2009
Continuing to deliver comprehensive data protection, Oracle® Advanced Security is now certified with leading hardware security modules (HSM) from SafeNet, the nCipher product line from Thales, as well as enterprise key management capability from RSA, Oracle announced today.
By using the Transparent Data Encryption feature of Oracle Advanced Security for Oracle Database 11g Enterprise Edition with a certified HSM product, customers can now secure their Transparent Data Encryption master keys by storing them on high assurance network attached devices.
The open PKCS#11 standard based integration allows organizations to transparently manage their Oracle Transparent Data Encryption master keys centrally, taking advantage of advanced key management features such as secret splitting and key escrow that are typically provided by HSM devices.
In conjunction with Oracle Advanced Security, Oracle Database 11g provides the industry’s most advanced data encryption capabilities with support for centralized key management on FIPS 140-2 Level 2 and Level 3 compliant HSM devices.
Increased Protection for Application Data Stored in the Database
Oracle Advanced Security’s Transparent Data Encryption feature delivers increased protection for application data stored in the database through the use of strong standards-based encryption. Transparent Data Encryption supports Advanced Encryption Standard (AES) and Triple Data Encryption Standard (3DES) algorithms.
Organizations using Oracle Transparent Data Encryption can encrypt all application data (tablespace) or specific fields (columns) containing sensitive information such as credit cards, social security numbers or personally identifiable information (PII).
This helps ensure that sensitive application data stays encrypted when it is backed up to disk or exported, and can be encrypted using a passphrase for secure sharing with other organizations without the need to share encryption keys.
Using Oracle Advanced Security, data is transparently encrypted and decrypted within Oracle Databases. No changes to existing applications are required, deployment is fast, and easily accomplished through a point-and-click interface.
Oracle Advanced Security can also transparently encrypt data over the network and enforce mutual authentication between users and the database, offering the most cost-effective solution for comprehensive data protection.
Part of Oracle's comprehensive portfolio of database security solutions, Oracle Advanced Security helps organizations comply with privacy and regulatory mandates such as Payment Card Industry (PCI) Data Security Standard (DSS), Health Insurance Portability and Accountability Act (HIPAA), and Sarbanes-Oxley as well as numerous breach notification laws.
“By working with our partners such as RSA, SafeNet, and Thales, Oracle Advanced Security offers secure centralized key storage and advanced management capabilities of Transparent Data Encryption master keys,” said Vipin Samar, vice president of Database Security, Oracle. “This facilitates enterprise-wide data encryption and helps organizations comply with internal and external requirements for protecting their encryption master keys on high assurance hardware devices.”
“Protecting and managing encryption keys is the most challenging aspect of enterprise wide encryption initiatives,” said Charles Kolodgy, Research Director, Security Products, IDC. “By partnering with leading HSM vendors such as RSA, SafeNet, and Thales to provide centralized key management and advanced key protection capabilities, Oracle is making large-scale deployment of database encryption significantly easier and more cost-effective for their customers.”
For more than 30 years, Oracle has led the industry in securing sensitive data. Oracle Database 11g addresses today’s data security challenges from data encryption, access control, and data classification, to audit and compliance reporting, as well as secure deployments and data masking. The comprehensive portfolio of security options for Oracle Database 11g, including Oracle Advanced Security, Oracle Database Vault, Oracle Label Security, Oracle Data Masking, and Oracle Audit Vault, helps organizations to transparently safeguard against data breaches and to achieve regulatory compliance without requiring changes to existing applications. To learn more about how to protect data with Oracle Database 11g today, please visit: http://www.oracle.com/database/security.
Oracle (NASDAQ: ORCL) is the world's largest business software company. For more information about Oracle, please visit our Web site at http://www.oracle.com.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.