Database security is becoming increasingly important. Oracle Database Advanced Security Transparent Data Encryption (TDE) stops would-be attackers from bypassing the database and reading sensitive information from storage by enforcing data-at-rest encryption in the database layer. Oracle's SPARC T5-2 server outperformed x86 systems when running Oracle Database 12c with Transparent Data Encryption.
The SPARC T5-2 server sustained more than 8.0 GB/sec of read bandwidth while decrypting using Transparent Data Encryption (TDE) in Oracle Database 12c. This was the bandwidth available on the system and matched the rate for querying the non-encrypted data.
The SPARC T5-2 server achieves about 1.5x higher decryption rate per socket using Oracle Database 12c with TDE than a Sun Server X4-2 system.
The SPARC T5-2 server achieves more than double the decryption rate per socket using Oracle Database 12c with TDE than a Sun Server X3-2 system.
|Table of Size 250 GB Encrypted with AES-128-CFB
Full Table Scan with Degree of Parallelism 128
|System||Chips||Table Data Format||SPARC T5-2 Advantage|
|SPARC T5-2||2||8.4 GB/sec||8.3 GB/sec||1.0|
|Sun Server X4-2L||2||8.2 GB/sec||5.6 GB/sec||1.5|
|SPARC T5-2||1||8.4 GB/sec||4.2 GB/sec||1.0|
|Sun Server X4-2L||1||8.2 GB/sec||2.8 GB/sec||1.5|
|Sun Server X3-2L||1||8.2 GB/sec||2.0 GB/sec||2.1|
Systems Under Test:
The purpose of the benchmark is to show the query performance of a database using data encryption to keep the data secure. The benchmark creates a 250 GB table. It is loaded both into a clear text (no encryption) tablespace and an AES-128 encrypted tablespace. Full table scans of the tables were timed.
The Oracle Database feature, Transparent Data Encryption (TDE), simplifies the encryption of data within datafiles, preventing unauthorized access to it from the operating system. Transparent Data Encryption allows encryption of the entire contents of a tablespace.
With hardware acceleration of the encryption routines, the SPARC T5-2 server can achieve nearly the same query rate whether the table is encrypted or not up to a limit of about 4 GB/sec per chip.
Copyright 2013, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Results as of 23 September 2013.