EM 13.4: Support for TDE Enabled Databases in Fleet Maintenance (Doc ID 2636422.1)

Last updated on MARCH 09, 2020

Applies to:

Goal

Fleet Maintenance is a centralized mechanism for Patching/Upgrading of Oracle Homes and maintain consistency. This document lists all the options for TDE Enabled Databases for successful Fleet Maintenance Activity.

Oracle Transparent Data Encryption Concepts and Overview

Oracle Transparent Data Encryption (TDE) enables the organizations to encrypt sensitive application data on storage media completely transparent to the application. TDE addresses encryption requirements associated with public and private privacy and security regulations such as PCI DSS. TDE column encryption was introduced in Oracle Database 10g Release 2, enabling encryption of table columns containing sensitive information. The TDE tablespace encryption and the support for hardware security modules (HSM) were introduced in Oracle Database 11gR1.

TDE is protecting the data at rest. It is encrypting the data in the datafiles so that in case they are obtained by other parties it will not be possible to access the clear text data. TDE cannot be used to obfuscate the data for the users who have privileges to access the tables. In the databases where TDE is configured any user who has access on an encrypted table will be able to see the data in clear text because Oracle will transparently decrypt the data for any user having the necessary privileges.

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.