Security :: Data Encryption From Transaction To Backup Level?
Apr 26, 2013
Our client is having requirements that data should be encrypted through-out the process (from transaction level to backup level).
Requirements are as below -
1) Data should be encrypted and can be access only through application (through front end).
2) Even if pl/sql, sql installed, developer user cannot able to fetch data from database.
3) Even DBA, should not have access to fetch the data from the database.
4) Only assigned DBA, should fetch details from database (provided he/she should have details of database as well as application's user / password).
5) It should be restricted by ip and user details (such as ip of application server with user/password of user).
6) Changes should be purely done from database level only.
Can i get some documents on oracle RAC database encryption.?what are the pros and cons of encryption?Does this comes with oracle Database or something we need to buy from oracle sales persons?
We have got a new requirement wherein, The customer wanted the DBA Vendor (US) NOT to access the confidential information (ALL Columns) in the DB tables of PRODUCTION database. This is for few applications to comply with with export control rules. The thin support by Customer DBA will be allowed to access the Data, if required .
1) Web Based Interface ?. 2) DB Encryption (But if we encrypt ALL columns Serious performance issue expected, File level will not restrict DB level access) 3) Special setting on DB (DBA to do only backup and restoration related work only - But cannot access data) 4) Standard Tools / Utilities / Others ??.
We have an application that fetches and writes data into oracle database through pro c. oracle datyabase is on another server.
We are storing some secure information into oracle database so we want to encrypt the data sent by our aplication into oracle database.We do not want to use SSL(i.e certificates) and also do not want to make use of Advance Security Option available in oracle and also do not want to make any changes in sqlnet.ora file on server side.
achieve encryption of traffic between our application and Oracle database?
Can you take an incremental backup level 1 or level 0 without archivelogs?
syntax would bebackup as compressed backupset cummulative level 1 database.
The reason I ask is because when I run backup as compressed backupset cummulative level 1 database plus archivelogs # it runs fine, but when I run backup as compressed backupset cummulative level 1 database it just hangs.
While searching for password encryption I came across these statements.
1.Password Encryption While Connecting. This protection is always in force, by default. Passwords are always automatically and transparently encrypted during network (client/server and server/server) connections, using a modified DES (Data Encryption Standard) or 3DES algorithm, before sending them across the network.
Confirm whether by default oracle encrypts the password before sending it to the database across the network even when the clear text password is used for connecting from a jdbc client.
Our Audit Company has given us a recommendation:"Old DB Link encrypted Passwords: The password of the Oracle databases links are encrypted using DES (password starts with 05). This encryption methord is known and users can decrypt the passwords using a simple SQL query. Please recreate the database links to use the new encryption method (password starts with 06)."What does it mean and how can we perform this recommendation?
Recently the Oracle10g database has been migrated to UTF8 character set and the following have failed.
1. The password applied is not getting encrypted and the password contains a spanish characters.
Getting the below error.
"10057:ERROR WHILE ENCRYPTING GIVEN STRING:String:Uñomasuño5.::ORA-28232: invalid input length for obfuscation toolkit:-28232:ORA-28232: invalid input length for obfuscation toolkit"
The algorithm used for encryption DES. I tried with DESENCRYPT , DES3ENCRPYT and MD5 and it failing.
I am trying to practice some RMAN configuration settings.Version 11.2.0.1OS - Linux X86-64 What i wanted to validate is if there is no level 0 backup of database taken, then the level 1 backup will be automatically backing up all the blocks of the database(similar to full backup). RMAN> report schema; Report of database schema for database with db_unique_name DB101 List of Permanent Datafiles
I am not sure what these input bytes are which is not matching with the database size(posted in the beginning of thread)? why it has to show as db full when i actually run a incremental?
I am trying to create my database on a new server using rman incremental hot backups.
I have already restored and recovered my level 0 database on new server, but i am not able to restore/recover the level 1 backup on the new server. I have transported level 1 backup irom the old server to the new one. Do i need to recover lvl 1 bkp only or restore it also.
I want to write a sql query which will fetch the data from manual_temp_master and manual_temp_detl.But from manual_temp_detl table, Price_bkt_cds columns should be displayed as columns. Like the should look like as below:
I have 4 tables , Certain users need to (Select ,insert,delete) certain rows only based on nApplication id
All the tables have Application Id , Based on this application id user will (Select ,insert,delete)
I tried row level security DBMS_RLS.add_policy but it hangs every time when i query the data or when i try to drop the policy. Is there is any method to resolve this issue.
If only Row level security will solve this issue , give me some example
1. After creating a view, how do I associate that view with certain level of security. As in, only a few users must be allowed to access that view. 2. How can I create a new user-login and password for my database application?
I'm running ora 11gr2 on windows environment and I got a doubt on a specific situation.
I have to locations for my rman bkps, A and B, which point to different devices, one local and the other remote.
Imagine I take a LEVEL 0 backup on day 20 pointing to both locations, A and B. On day 21, 22 and 23 I take a level 01 backup pointing just to the local destination A. On day 24 I take another LEVEL 0 backup pointing just to location A again....
Now, I want to take a level 1 backup to location B, just to backup the blocks changed since the backup level 0 taken on day 20, bypassing the blocks already taken on days 21, 22, 23...
Is that possible? To control the levels 01 backup from 02 different destinations?
We are attempting to configure/use OEM (Oracle 10.2.0.4) on Solaris, and when logging in to OEM we are directed to the Database Down page, stating Enterprise Manager is unable to connect to the database instance, but showing all the components as up/open. After checking the log, I found the following error:
IO exception: Unknown Encryption or Data Integrity algorithm
I checked the settings in emoms.properties and compared the encryption parameters to those in our SQLNet file, and all match up. We are NOT using Grid Control, just db control connecting to 1 instance.
We are trying to restore a database on the different server using RAM incremental level 0 and 1 backups. We have weekly Incremental level 0 backups along with incremental backups on daily basis. During recovery of Incremental level 0 backup, RMAN is expecting/looking for Incremental Level 0 backup of prior week as well. Is this the usual process for RMAN to look for prior level 0 backup though we need to restore from the current level 0 backup and roll forward by a week with subsequent Level 1 backup.?
We intend to restore from the Level 0 of 1/16 and roll forward with daily incrementals till 1/22. RMAN is expecting level 0 backupsets from 1/9 backup as well and keep failing since those backups are not available. quick inputs since we are in middle of recovery and trying to resolve if this is even doable.
Operating System - WindowXP oracle version 10.2.0.1
I was learning some recovery part in my home laptop. Database is in Archivelog, flashback mode. All of sudden, i deleted it from OS level with out taking backup of it.
When i tried to open database, it failed to start. Database is in mount mode.while trying to open, it gives message -
ORA-01157: cannot identify/lock data file 1 - see DBWR trace file ORA-01110: data file 1: 'F:ORACLEPRODUCT10.2.0ORADATADBSYSTEM01.DBF'
I tried to create on file named "UNDOTBS01.DBF" but oracle is not recognizing it.
Oracle 11G...After creating a new datafile, it was accidentally deleted at OS level (AIX).Because it was new there are no backups of it.Now tablespace thinks there are 3 datafiles in it, but one of them is missing.
Is it possible to recreate an empty data file on-the-fly?It has let me set the datafile to offline, but wouldnt let me do anything else.
Now my backups are failing as it recognises :"the status of database file is RECOVER".
whether Oracle has any capability of automatically checking which lossless compression algorithm it should apply by analyzing a data stream on data load? Does Oracle have any compression advisors/wizards that would make recommendations as to type and level of compression?