tde

Protect sensitive information from the DBA in SQL Server 2008

不问归期 提交于 2019-12-30 05:15:33
问题 Our client need to encrypt the MOSS content database so the content db should not be able to view by DBA or unauthorized people without the right encryption key. Seem the Transparent Data Encryption (TDE) in SQL Server 2008 cannot protect the sensitive information from DBA cause TDE is designed to protect data 'at rest'. Does anyone here faced this problem? 回答1: It seems to me that a requirement to have sensitive data in a database is to trust the database admin. Even if you could encrypt the

Oracle - How to determine if a table is TDE encrypted

痴心易碎 提交于 2019-12-23 22:13:02
问题 As mentioned in the topic: How to tell if in Oracle a table is encrypted with TDE or not? Couldn't find anything asking Google. 回答1: This information can be obtained from [dba | all | user]_encrypted_columns data dictionary view(s) administer key management set keystore open identified by password; administer key management set key identified by password with backup; -- test table with one encrypted column create table tb_encrpt ( c1 varchar2(10) encrypt ) tablespace encrypt_tbs; Display

What are impacts of TDE enabling on database performance?

青春壹個敷衍的年華 提交于 2019-12-22 06:58:11
问题 If I use Transparent Data Encryption on my database, is there any impact on my db performance? Is it cause any problem for database indexing? 回答1: Some folks have tested this (see here, here, here and here) and have given some generic advice (see here and here). Seems the common perception is that the impact is about 3-5%. But 3-5% of what? If that is CPU and your workload is already CPU-bound, is that acceptable? Could it be worse? If that is I/O and you're already having I/O issues, is it

Data encryption in application cluster

佐手、 提交于 2019-12-12 14:33:31
问题 I have a web application accessed over SSL. To beef up security on the back end we are looking at adding in symmetric encryption for the database. The application is spread across 6 servers in a websphere cluster. We were looking at a simple model of generating a common key, propagating the key across all clones in an isolated JCEKS keystore. Settled on AES (256) for the cipher and key length. Question I have is how safe is this approach? My fear is we create all of this and encrypt the data,

Why is SQL server unable to connect to Azure key vault using SQL Server connector

你离开我真会死。 提交于 2019-12-11 16:10:24
问题 I am trying to encrypt sql server database in Azure VM using TDE where the EKM will use Azure Key vault. I have been following the steps outlined in below link. setup steps for EKM using Azure Key Vault I have followed all the steps exactly including the below step where we need to provide value for SECRET (Application ID without hyphens+ Azure vault key). USE master; CREATE CREDENTIAL sysadmin_ekm_cred WITH IDENTITY = 'keyvaultname', SECRET =

KNIME 3.2 Tableau Node error

一笑奈何 提交于 2019-12-11 06:16:24
问题 I installed the new (in KNIME 3.2) Tableau extension, installed and configured the dependencies as per instructions in the node description (Tableau SDK and Visual Basic Redistributable), and tried to create an extract. My repeated attempts throw the same error: ERROR Tableau Writer (TDE) 0:8 Execute failed: Timeout - IPC_NamedPipe::Select(WaitForMultipleObjects) Does anyone have any tips on how to diagnose this further? Thank you. 回答1: This was resolved with the help of Tableau engineer. The

Database encryption or application level encryption?

一笑奈何 提交于 2019-12-04 10:50:57
问题 When you need to store sensitive data such as CCs or SSNs, do you: 1) Build your own encryption routine within the application, define a secret key somewhere in a config file, and then manually encrypt/decrypt data going to the database. 2) Push all the problem to the database, using the built in DB capabilities (I think most vendors call it Transparent Database Encryption). What trade-offs have you find for your solution? Does writing your own routine perform poorly when compared to TDE? Is

Database encryption or application level encryption?

与世无争的帅哥 提交于 2019-12-03 13:04:29
When you need to store sensitive data such as CCs or SSNs, do you: 1) Build your own encryption routine within the application, define a secret key somewhere in a config file, and then manually encrypt/decrypt data going to the database. 2) Push all the problem to the database, using the built in DB capabilities (I think most vendors call it Transparent Database Encryption). What trade-offs have you find for your solution? Does writing your own routine perform poorly when compared to TDE? Is code maintainability, or conversely DB vendor lock-in an issue? I've used a variety of encryption

How to use Cassandra with TDE (Transparent Data Encryption)

旧城冷巷雨未停 提交于 2019-12-02 03:25:34
问题 I'm trying to figure out how to use Cassandra with TDE (Transparent Data Encryption) and in which DataStax edition TDE is supported. I've been going through DataStax documentation and from what I see, TDE is supported only in DataStax Enterprise Edition. Is this correct? Also, TDE is included on table/column level and is specified when creating new tables, not as some configuration? Just want to confirm my assumptions. Thanks in advance 回答1: Your assumptions are correct. Transparent Data

Oracle Transparent Data Encryption undecrypted access

一笑奈何 提交于 2019-12-01 19:05:04
问题 Can I set up an Oracle Database in a way that all of the following statements are true a) certain columns, potentially all columns are encrypted, so that direct file access to the database file wouldn't allow an attacker to retrieve any records b) the encrypted columns are transparently decrypted for authorized user, where authorization happens e.g. by having a certain role or privilege c) an admin who has suiteable privileges for doing 'normal' admin tasks (tuning, creating/droping schema