ASM Disk File Contains Pre TDE Ghost Files Of Sensitive Data

(Doc ID 1995248.1)

Last updated on MAY 14, 2015

Applies to:

Oracle Database - Enterprise Edition - Version 11.2.0.1 and later
Information in this document applies to any platform.

Goal

To protect "ghost" data in TDE tablespace stored in ASM disk group.

RAC Database with ASM, tables are required to move from a regular tablespace to a transparent data encryption (TDE) tablespace. When an OS command "strings" is performed on the ASM Disks, sensitive data from the original tablespace is visible. OS files can be shredded but ASM files do not have a shred option.

What is method for destroying "ghost" copies from the original tablespace in ASM


Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms