I need your expert opinion on one of the data encryption method. We have some legal compliance to implement data encryption as listed below, lets say we have to apply encryption on 2 tables (1) TAB_A (2) TAB_B.
(1) Need data encryption on the TAB_A & TAB_B for 2-3 columns and not the entire table.
(2) Data should not be in readable format, if anyone connect to database and query the table.
(3) We have reporting services on our tables but reporting services doesn't connect to our schema directly rather they connect to a different schema to which we have given the table Select grant.
(4) Reports should work as it is, and users should see the data in readable format only.
(5) There are batch processes which generates the data into these tables and we are not allowed to make any changes to these batch processes.
This is a business need which has to be delivered. I explored various options such as VPDs, Data encryption methods etc but honestly none of these are serving our business need. There is also a limitation of encrypting data as data volume of quiet high (30TB DB) and generally users query the data on millions of records at a time. Also reports have very tight SLAs as well. If we create any encryption wrapper then decrypt will take longer in reports and will cause the SLA miss for reports.
Could someone please suggest any better solution to me or if something is inbuilt in Oracle? We are using Oracle 11g.