Database Security Products (MOSC)

MOSC Banner

Foreign Keys in Encrypted Tablespaces (TDE)

edited Jun 24, 2011 3:32AM in Database Security Products (MOSC) 1 commentAnswered
Does the 11g version of Transparent Data Encryption (TDE) support encryption of tables with foreign key columns? 

Oracle 10g TDE did not allow you to encrypt columns that were foreign keys.  From Adv. Security doc:

You cannot use transparent data encryption to encrypt columns used in foreign key
constraints. This is because every table has a unique column encryption key.

With 11g, TDE supports encrypted tablespaces.  I can move a table containing foreign key columns into an encrypted tablespace.  I don't seem to have any issues with inserting/updating the table or joining it to non-encrypted tables by the foreign key.  I couldn't find anything in the Oracle Advanced Security documentation for 11g that says it is acceptable to use TDE to move a table with foreign keys into an encrypted tablespace. Does the fact that each table has a unique column encryption key only matter when you are encrypting select columns and not when working with encrypted tablespaces?

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center