Please Note:

Administration
Quick Start
Tasks
- Encrypt a column
- Decrypt a column
- Re-encrypt data with new key
- Delete data after encryption or decryption
- Delete views and triggers
- Configure column-level encryption settings
- View job history
- Recreate view and triggers
- Download keys from CipherTrust Manager
- Altering encrypted tables
  - Add unencrypted column
  - Add column to encrypt
  - Delete decrypted column
  - Delete encrypted column
  - Resize unencrypted column
  - Resize an encrypted column
  - Grant/revoke table and column permissions
- Uninstall CDP
- Upgrade CDP
- Configure SSL
Advanced Topics
- Planning Migration
- Encryption Flow
- Key caching
- User Mapping
- Error Replacement
- Database Objects
  - Tables and Views
  - Sequences
  - Procedures
  - User Defined Functions
- Format Preserving Encryption
- Configuration Parameters
- Tips and Best Practices
Troubleshooting and Limitations
FAQs

CDP for Oracle
Administration

Administration

The goal of deploying CDP is to retrofit existing databases so that security can be provided by encrypting and decrypting the data flowing into and out of databases. Deployment starts with encrypting existing databases - a process called data migration.

Data migration is the process of encrypting existing column(s). It also involves altering existing tables so that they can store the resulting ciphertext, and creating views and triggers so that existing applications can seamlessly and automatically encrypt new data and request decrypted data when needed.

CDP ensures various levels of security to protect your data from unauthorized users. Once the data is migrated, users and applications must have permission to send a request from the database to the Key Manager and they must have permission to access the encryption key. If either of these conditions is not met, then the sensitive data is not accessed.

How it Works

Consider an online retailer that stores sensitive customer data in plaintext in its database. The retailer’s applications write customer information, such as credit card numbers, directly to a database and read the plaintext values when needed. The data is stored in plaintext on the database for anyone to access.

To secure the data, the retailer installs CDP and migrates the data. Now, when an authorized application wants to write a credit card number to an encrypted column, CDP automatically sends the credit card number to the CipherTrust Manager for encryption. The CipherTrust Manager encrypts the value and returns the resulting ciphertext. The database writes the ciphertext to the column.

Supported Environments

CDP is a Java based solution, hence allowing it to work with most of the operating systems. The CDP solution is supported on a variety of platforms, including AIX PowerPC, HPUX, RHEL, SUSE, OpenSUSE, Solaris SPARC, Windows, Oracle Linux v7.7 with UEK kernel. All it requires is the database Java package to be installed and be available to the database. However, not all operating system versions combinations are explicitly validated.

Supported Oracle Versions

CDP for Oracle is supported on Oracle 12c, 18c, and 19c.
CDP also supports Oracle XA driver.

Supported JDKs

CDP supports the following Oracle Java Versions (OJVM): OJVM version 6 (minimum 1.6.0_131), 7 (minimum 1.7.0_121), and 8 (minimum 1.8.0_111).

Suggest A Change

Administration

How it Works

Supported Environments

Supported Oracle Versions

Supported JDKs

On this page