RE: Transparent Data Encryption

• From: "Christian Antognini" <Christian.Antognini@xxxxxxxxxxxx>
• To: <post.ethan@xxxxxxxxx>
• Date: Fri, 6 Jan 2006 11:05:09 +0100

Ethan

>Anyone used this feature yet in 10G R2 and have any idea what type of
>CPU overhead is added for encrypting all/most of the data in a
>database. 

TDE is not meant to encrypt all/most of the data in a database. 
Overhead for CPU and/or database size could be a reason. But there are more...

- not all datatypes are supported
- FK cannot be specified on encrypted columns
- only "regular" (i.e. not FBI) b*tree indexes are supported
- for indexes NO SALT have to be specified
- index range scans are available only for equality searches

And probably many more that I don't remember right now.

>Going to go look at the docs now, but does this also encrypt
>the network traffic or just encrypt the data on the server?

Data is encrypted in database blocks only. If you need encryption over the 
network you have to use Advanced Security Option (or some tunneling tricks...).


HTH
Chris
--
//www.freelists.org/webpage/oracle-l

Other related posts:

• » Transparent Data Encryption
• » RE: Transparent Data Encryption
• » Transparent Data Encryption- Charles Schultz
• » Re: Transparent Data Encryption- Jeremy Schneider
• » Re: Transparent Data Encryption- Marcin Przepiorowski
• » Re: Transparent Data Encryption- Charles Schultz
• » Re: Transparent Data Encryption- David Mann
• » Re: Transparent Data Encryption- Charles Schultz
• » Re: Transparent Data Encryption- Jeremy Schneider
• » Re: Transparent Data Encryption- Stefan Knecht
• » Re: Transparent Data Encryption- MARK BRINSMEAD
• » Transparent Data Encryption- Rusnak, George A CTR (US) DeCA HQ LEITC
• » Re: Transparent Data Encryption- Stefan Knecht
• » Re: Transparent Data Encryption- Stefan Knecht

1. Home
2. oracle-l
3. Archive
4. 01-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---