Jump to content

Oracle Advanced Security

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Gsanbay (talk | contribs) at 11:15, 17 May 2022 (Section for regulations and compliances added). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Oracle Advanced Security, an extra-cost option for Oracle database environments, extends Oracle Net Services in the field of database computing to provide network security, enterprise-user security, public-key infrastructure security[1] and data encryption to users of Oracle databases.

Network encryption (native network encryption and SSL/TLS) and strong authentication services (Kerberos, PKI, and RADIUS) are no longer part of Oracle Advanced Security and are available in all licensed editions of all supported releases of the Oracle database.[2]

History

Former incarnations of Oracle Advanced Security included Secure Network Services and Advanced Network Services, dating back to Oracle database Release 7.[3]

Components

  • Oracle Key Vault (OKV) - key management[4]

Regulations & Compliances

Oracle Advanced Security provides solutions for companies to comply with encryption requirements for regulations like GDPR, CCPA, PCI-DSS, HIPAA, and more. Satisfy audit requirements and avoid fines.

Features

Transparent Data Encryption : Transparent Data Encryption (TDE) stops would-be attackers from bypassing the database and reading sensitive information directly from storage by enforcing data-at-rest encryption in the database layer. Encrypt individual data columns, entire tablespaces, database exports, and backups to control access to sensitive data.

Data Redaction : Data Redaction complements TDE by reducing the risk of unauthorized data exposure in applications, redacting sensitive data before it leaves the database. Partial or full redaction prevents large-scale extraction of sensitive data into reports and spreadsheets

Transparent to Applications : Encryption is implemented at the database kernel level, eliminating the need for any changes to applications.

Integrated Security : Oracle Advanced Security is engineered to work seamlessly with Oracle Exadata, Oracle Real Application Clusters, Oracle Data Guard, Oracle Golden Gate, and more.

Advanced Security Features

Footnotes

  1. ^ Greenwald, Rick (2002). Oracle in a Nutshell: A Desktop Quick Reference. In a Nutshell. David C. Kreines. O'Reilly Media, Inc. p. 114. ISBN 9780596003364. Retrieved 2012-08-22. Oracle Advanced Security provides additional security functionality in three main areas: Network security [...] Enterprise user security [...] Public key infrastructure security [...] Oracle Advanced Security embeds these services in the Oracle Net Services layer [...]
  2. ^ "Database Licensing Information".
  3. ^ Moran, Rita (December 2003). Oracle Security Overview 10g Release 1 (10.1). Jeff Levinger. Oracle Corporation. Retrieved 2012-08-22. Oracle has supported encryption of network data through Oracle Advanced Security (formerly known as "Secure Network Services", and then "Advanced Networking Option") since Oracle7.
  4. ^ Gupta, Saurabh K. (2012). "6: Virtual Private Database". Advanced Oracle PL/SQL Developer's Guide. Professional experience distilled (2 ed.). Birmingham: Packt Publishing Ltd (published 2016). p. 161. ISBN 9781785282522. Retrieved 2016-07-31. The Oracle Advanced Security option includes: [...] Oracle Key Vault (OKV): Oracle Key Vault provides a robust key management platform that can be used as the centralized repository of TDE master keys, Oracle wallets, Java key stores, SSH keys, and other security credential files.


Stub icon

This database software-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Oracle_Advanced_Security&oldid=1088325727"