Database Reference
In-Depth Information
All tables included in the import job are created as
COMPRESS FOR OLTP
, and the data are compressed as
they're loaded.
■
Note
table-level compression (for OLtp) requires a license for the Oracle advanced Compression option.
Encrypting Data
One potential security issue with Data Pump dump files is that anybody with OS access to the output file can search
for strings in the file. On Linux/Unix systems, you can do this with the
strings
command:
$ strings inv.dmp | grep -i secret
Here is the output for this particular dump file:
Secret Data<
top secret data<
corporate secret data<
This command allows you to view the contents of the dump file because the data are in regular text and not
encrypted. If you require that the data be secured, you can use Data Pump's encryption features.
This example uses the
ENCRYPTION
parameter to secure all data and metadata in the output:
$ expdp mv_maint/foo encryption=all directory=dp_dir dumpfile=inv.dmp
For this command to work, your database must have an encryption wallet in place and open. See the
Oracle
Advanced Security Administrator's Guide
, available for download from the Technology Network area of the Oracle web
■
the Data pump
ENCRYPTION
parameter requires that you use the enterprise edition of Oracle 11g or higher and
also requires a license for the Oracle advanced Security option.
Note
The
ENCRYPTION
parameter takes the following options:
ALL
•
DATA_ONLY
•
ENCRYPTED_COLUMNS_ONLY
•
METADATA_ONLY
•
NONE
The
ALL
option enables encryption for both data and metadata. The
DATA_ONLY
option encrypts just the data. The
ENCRYPTED_COLUMNS_ONLY
option specifies that only columns encrypted in the database are written to the dump file in
an encrypted format. The
METADATA_ONLY
option encrypts just metadata in the export file.
•