Oracle資料安全解決方案-透明資料加密TDE
阿新 • • 發佈:2019-02-12
select file_name,tablespace_name from dba_data_files;
create temporary tablespace wal_temp99
tempfile 'D:\APP\ADMINISTRATOR\ORADATA\ORCL\wal_temp99.dbf'
size 100m
autoextend on
next 100m maxsize 20480m
extent management local;
/*第2步:建立資料表空間 */
create tablespace wal_data99
logging
datafile 'D:\APP\ADMINISTRATOR\ORADATA\ORCL\wal_data99.dbf'
size 100m
autoextend on
next 100m maxsize 20480m
extent management local;
/*第3步:建立使用者並指定表空間 */
create user wal_admin99 identified by wal_admin99 --建立使用者和密碼
default tablespace wal_data99
temporary tablespace wal_temp99;
/*第4步:給使用者授予許可權 要給dba許可權*/
grant create session, create any table, create any view ,create any index,
create any procedure,alter any table, alter any procedure,drop any table,
drop any view, drop any index, drop any procedure,select any table, create any trigger,create table,
insert any table, update any table, delete any table ,unlimited tablespace,connect,resource,dba to wal_admin99;
/*1.建立一個新目錄,並指定為Wallet目錄 */
D:\oracle\product\10.2.0\admin\ora10\ora_wallet
/*2.設定wallet目錄,在引數檔案sqlnet.ora中(window+f,在你安裝盤區查詢sqlnet.ora),按照下面的格式加入資訊:*/
ENCRYPTION_WALLET_LOCATION=(SOURCE=(METHOD=FILE)
(METHOD_DATA=(DIRECTORY=D:\oracle\product\10.2.0\admin\ora10\ora_wallet)))
/*3.建立master key檔案,指定wallet密碼,使用SYS使用者登入系統,建立加密檔案*/
alter system set encryption key authenticated by "zhaohy";
/*4.啟動、關閉Wallet */
ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "zhaohy";
alter system set wallet close identified by "zhaohy"; --關閉
/*5.源庫wallet處於open狀態下進行匯出*/
select * from v$encryption_wallet;
/*6.新使用者下建立表,info為加密列*/
create table tde_private(
id number(10) primary key,
info varchar2(50) encrypt using 'AES192'
);
/*7.插入資料*/
insert into tde_private values (1, 'This is private info');
/*8.wallet關閉時 select id from tde_private; 可以執行 select * from tde_private; 提示“wallet is not open”*/
create temporary tablespace wal_temp99
tempfile 'D:\APP\ADMINISTRATOR\ORADATA\ORCL\wal_temp99.dbf'
size 100m
autoextend on
next 100m maxsize 20480m
extent management local;
/*第2步:建立資料表空間 */
create tablespace wal_data99
logging
datafile 'D:\APP\ADMINISTRATOR\ORADATA\ORCL\wal_data99.dbf'
size 100m
autoextend on
next 100m maxsize 20480m
extent management local;
/*第3步:建立使用者並指定表空間 */
create user wal_admin99 identified by wal_admin99 --建立使用者和密碼
default tablespace wal_data99
temporary tablespace wal_temp99;
/*第4步:給使用者授予許可權 要給dba許可權*/
grant create session, create any table, create any view ,create any index,
create any procedure,alter any table, alter any procedure,drop any table,
drop any view, drop any index, drop any procedure,select any table, create any trigger,create table,
insert any table, update any table, delete any table ,unlimited tablespace,connect,resource,dba to wal_admin99;
/*1.建立一個新目錄,並指定為Wallet目錄
D:\oracle\product\10.2.0\admin\ora10\ora_wallet
/*2.設定wallet目錄,在引數檔案sqlnet.ora中(window+f,在你安裝盤區查詢sqlnet.ora),按照下面的格式加入資訊:*/
ENCRYPTION_WALLET_LOCATION=(SOURCE=(METHOD=FILE)
(METHOD_DATA=(DIRECTORY=D:\oracle\product\10.2.0\admin\ora10\ora_wallet)))
/*3.建立master key檔案,指定wallet密碼,使用SYS使用者登入系統,建立加密檔案*/
alter system set encryption key authenticated by "zhaohy";
/*4.啟動、關閉Wallet
ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "zhaohy";
alter system set wallet close identified by "zhaohy"; --關閉
/*5.源庫wallet處於open狀態下進行匯出*/
select * from v$encryption_wallet;
/*6.新使用者下建立表,info為加密列*/
create table tde_private(
id number(10) primary key,
info varchar2(50) encrypt using 'AES192'
);
/*7.插入資料*/
insert into tde_private values (1, 'This is private info');
/*8.wallet關閉時 select id from tde_private; 可以執行 select * from tde_private; 提示“wallet is not open”*/