Databases Reference
In-Depth Information
Encrypting a Dump File
You can also create an encrypted dump file, using an external table. This example uses the
ENCRYPTION
option of the
ACCESS PARAMETERS
clause:
CREATE TABLE inv_et
ORGANIZATION EXTERNAL (
TYPE ORACLE_DATAPUMP
DEFAULT DIRECTORY dp
ACCESS PARAMETERS
(ENCRYPTION ENABLED)
LOCATION ('inv1.dmp')
)
AS SELECT * FROM inv;
For this example to work, you need to have a security wallet in place and open for your database.
■
Note
Using encryption requires the Oracle enterprise edition along with the advanced Security option.
eNaBLING aN OraCLe WaLLet
an Oracle Wallet is the mechanism Oracle uses to enable encryption. the wallet is an OS file that contains
encryption keys. the wallet is enabled via the following steps:
1.
Modify the
SQLNET.ORA
file to contain the location of the wallet:
ENCRYPTION_WALLET_LOCATION=
(SOURCE=(METHOD=FILE) (METHOD_DATA=
(DIRECTORY=/ora01/app/oracle/product/12.1.0.1/db_1/network/admin)))
2.
Create the wallet file (
ewallet.p12
) with the
ALTER SYSTEM
command:
SQL> alter system set encryption key identified by foo;
3.
enable encryption:
SQL> alter system set encryption wallet open identified by foo;
See the
Oracle Advanced Security Administrator's Guide
, which can be freely downloaded from the technology
network area of the Oracle web site (
http://otn.oracle.com
)
, for full details on implementing encryption.
You enable compression and encryption via the
ACCESS PARAMETERS
clause. Table
14-2
contains a listing of all
access parameters available with the
ORACLE_DATAPUMP
access driver.