In Oracle’s recovery manager (RMAN), transparent encryption is used to create and restore encrypted database backups. The whole backup can be encrypted and backed securely to a tape or disk. You can also configure encrypted backups using the configure command. That is, RMAN> configure encryption for database on; And backup the database RMAN> backup dataset; Further, Transparent Tablespace Encryption (TTE) allows all contents within a specific tablespace to be encrypted especially when the tablespace is permanent, e.g. RMAN> Configure encryption for Tablespace classlab on; RMAN> Configure encryption for Tablespace classlab off; (to turn it off) However, the disadvantages to encrypting database tablespaces are that once set, the encryption cannot be changed, hence, once you loose encryption key, you loose your data. Likewise, transporting encrypted tablespaces is difficult without cross-endianness transport. In addition, virtual private catalog in Oracle 11g was introduced to provide data backup security in the recovery catalog. Using he RMAN grant command, you can restrict recovery catalog view access to other users. This is one of the ways to ensure that an organization’s security procedures are met. |
How to Encrypt Backups - RMAN
Tags
Database Technology
Social: