Solution : https://service.sap.com/sap/support/notes/974876 (SAP Service marketplace login required)
Summary :
This SAP Note covers the integration of Oracle Transparent Data Encryption (TDE) with SAP systems, ensuring sensitive SAP application data is stored securely in encrypted form within Oracle databases. Focusing on Oracle Database versions 10.2 and 11.2, it highlights the dual capabilities of column and tablespace encryption from these releases. Key aspects include the automated encryption process, management of encryption keys within the database, and the use of Encryption Wallets for security management. The note discusses the revised chapter on shared Oracle Homes and introduces a new section on Wallet protection. It also elaborates on TDE’s inability to protect against authorized SQL interface access and provides comprehensive guidance on setting up and managing TDE configurations in SAP environments.
Key words :
racset pagesize 100set linesize 200col inst_id format 999col status format a10col wrl_type format a10col wrl_parameter format a50select inst_id, sapdata_home=/oracle/c11 --> /oracle/c11/orawalletsapdata_home=/oracle/c12 --> /oracle/c12/orawalletsapdata_home=/oracle/c13 --> /oracle/c13/orawallet procedure 1, set pagesize 100set linesize 200col status format a10col wrl_parameter format a50select wrl_parameter, sql> 'create tablespace psapsr3testenc extent management local autoallocate segment space management auto encryption default storage, displaying encryption wallet contents changing encryption wallet password configuring/deleting local auto-open wallet, database files data tablespaces undo tablespaces temp tablespaces redo log files dump files database backups, os> orapki wallet helpdisplaying encryption wallet contentsos> orapki wallet display -wallet <wallet_location>, os> orapki wallet change_pwd -wallet <wallet_location> [-oldpwd <oldpwd> -newpwd <newpwd>], sysopersql> startup mountsql> alter system set encryption wallet open identified, /technetwork/database/focus-areas/security/twp-transparent-data-encryption-bes-130696
Related Notes :
| 1586304 | SAP System Copies with Database Vault and Data Encryption |
| 1464091 | Minor functional enhancements in BR*Tools (3) |
| 1431800 | Oracle 11.2.0: Central Technical Note |
| 1324930 | Creating encrypted EXPDP exports with BRSPACE |
| 1324684 | Creating encrypted RMAN backups using BR*Tools |
| 1279682 | Support for Oracle data encryption in BR*Tools |
| 1269911 | FAQ: Chained Rows |
| 973450 | Oracle Advanced Security: Network encryption |
| 828268 | Oracle Database 10g: New functions |
| 105047 | Support for Oracle functions in the SAP environment |