-
Continue reading →: Protect the Data First: A Pragmatic Approach to Database Vault Deployment
Oracle Database Vault (DV) is one of the most misunderstood security features in the Oracle Database stack. A lot of DBAs hear the words “separation of duties” and immediately assume Database Vault is going to break operations, complicate patching, lock down SYS, and create endless tickets from application teams. In…
-
Continue reading →: How to Manually Migrate the TDE Keystore to OKV
In my previous post, I covered how to configure TDE with OKV as the initial keystore for the database. In this post, Ill cover how to migrate an existing TDE keystore from a file based wallet to OKV. I typically recommend this manual approach for anyone doing this for the…
-
Continue reading →: How to configure Oracle TDE, straight to OKV
More often than not, when I am talking with customers about TDE key management with Oracle Key Vault, TDE is already in place and the conversation is focused around migrating the keys and the keystore to OKV. But what about those new databases that aren’t yet encrypted? Or, perhaps you…
-
Continue reading →: A tokenization alternative?
Part one. Let’s be clear from the start, this isn’t going to be a suitable alternative if you have a compliance standard which you are required to comply with such as PCI DSS, or anything else that specifically calls for “tokenization”. That being said, I have worked with more than…
-
Continue reading →: Oracle Data Safe: Register Targets using OCI Command Line Interface
No doubt about it, using a command line interface to get things done is easy and efficient if you know how to use it. For something as comprehensive as the OCI Command Line Interface (oci-cli), figuring out what those commands are can be a little time consuming. My goal for…
I am a technology professional working as a Master Principal Solution Engineer at Oracle. For the last 15 years of my career, I have focused almost exclusively Database Security. The views and opinions expressed in this blog are the authors and don’t necessarily reflect those of Oracle.
Gian's Database Security Blog 