X

The Latest Oracle E-Business Suite Technology News direct from
Oracle E-Business Suite Development & Product Management

Subscribe to Blog Updates

TDE Tablespace Encryption 11.2.0.1 Certified with EBS 12

Steven Chan
Senior Director
Oracle Advanced Security is an optional licenced Oracle 11g Database add-on.  Oracle Advanced Security Transparent Data Encryption (TDE) offers two different features:  column encryption and tablespace encryption.  11.2.0.1 TDE Column encryption was certified with E-Business Suite 12 as part of our overall 11.2.0.1 database certification.  As of today, 11.2.0.1 TDE Tablespace encryption is now certified with Oracle E-Business Suite Release 12.  

What is Transparent Data Encryption (TDE) ?

Advanced_Security_Overview.gif

Oracle Advanced Security Transparent Data Encryption (TDE) allows you to protect data at rest. TDE helps address privacy and PCI requirements by encrypting personally identifiable information (PII) such as Social Security numbers and credit card numbers.

TDE is completely transparent to existing applications with no triggers, views or other application changes required. Data is transparently encrypted when written to disk and transparently decrypted after an application user has successfully authenticated and passed all authorization checks. Authorization checks include verifying the user has the necessary select and update privileges on the application table and checking Database Vault, Label Security and Virtual Private Database enforcement policies.

Existing database backup routines will continue to work, with the data at rest remaining encrypted in the backup. For encryption of entire database backups, TDE can be used in combination with Oracle RMAN.

What is Tablespace Encryption ? TDE_Key_Management_Architecture.png

New in Oracle Database 11g, the Oracle Advanced Security now includes support for tablespace encryption.

When a tablespace is created through Enterprise Manager or on the command line, an option now exists to specify that the file be encrypted on the file system. When new data is added to the new tablespace using the insert command or datapump, entire tables will be transparently encrypted. When the database reads data blocks from the encrypted tablespace it will transparently decrypt the data blocks.

With this certification, Oracle E-Business Suite Release 12 environments can be migrated to the latest 11gR2 11.2.0.1 version of encrypted tablespaces. For more information, please refer to:

Prerequisites

  • Oracle E-Business Suite Release 12.0.4 and higher
  • Oracle E-Business Suite Release 12.1.1 and higher
Platforms certified for Apps 12
  • Linux x86 (Oracle Enterprise Linux 4, 5)
  • Linux x86 (RHEL 4, 5)
  • Linux x86 (SLES 10)
  • Linux x86-64 (Oracle Enterprise Linux 4, 5)
  • Linux x86-64 (RHEL 4, 5)
  • Linux x86-64 (SLES 10)
  • Oracle Solaris on SPARC (64-bit) (Solaris 10) 
  • Oracle Solaris on x86-64 (64-bit)
  • IBM AIX on Power Systems (64-bit) (5.3 and 6.1) 
  • HP-UX Itanium (11.31)
Pending Platform Certifications Certifications for the following platforms are still underway:
  • HP-UX PA-RISC (64-bit) (11.31)
  • Microsoft Windows Server (32-bit) (2003, 2008) 
  • Microsoft Windows x64 (64-bit) (2003, 2008, 2008 R2)
Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to this blog for updates, which I'll post as soon as soon as they're available.     

References

Related Articles

Join the discussion

Comments ( 4 )
  • guest Wednesday, December 9, 2015

    HI,

    We will be implementing TDE for EBS Oracle Financials (iExpense). We want to go with Tablespace encryption for EBS12.2. Do you have any input to the scope of magnitude (how much effort will be needed to configure this in each environment, how much testing may be needed, etc.).

    Using TDE Tablespace Encryption with Oracle E-Business Suite Release 12.2 (Doc ID 1585296.1)

    we are referring to the above oracle doc.

    Thanks,

    Tej


  • Steven Chan Wednesday, December 9, 2015

    Hello, Tej,

    I'm afraid that we don't have much insight into this. Every customer's implementations of different features can vary quite widely. I'd recommend conducting a small proof-of-concept test on a clone of your production database to assess the major requirements for this.

    Regards,

    Steven


  • guest Wednesday, December 9, 2015

    Thank you Steven. I would recommend to conduct a POC as per your suggestion. May I know the most common issues while doing this TDE on EBS? As per the Oracle doc, export/import is suggested to move data to encrypted tablespaces. We have each database around 2TB. I know that this would take large time and will end with many issues while conducting exp/imp. Do we have any other alternatives?

    Thanks

    Tej


  • Steven Chan Wednesday, December 9, 2015

    Hello, Tej,

    There should be no issues as long as you follow our published documentation. Feel free to log a Service Request if you have any questions about a particular step.

    Best of luck with your project.

    Regards,

    Steven


Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.

Recent Content