Oracle Database 11 g - Online Public Access Catalog

CHAPTER 5 ■ DATABASE SECURITY 245Transparent Data Encryption with Enterprise ManagerDatabase ConsoleYou can create encryption keys and control security using the Oracle Enterprise ManagerDatabase Console. One of the enhancements made in Oracle Database 11g is the integration ofthe wallet creation with Enterprise Manager Database Console. To enable TDE, the navigationpath is Server ➤ Security (Transparent Data Encryption).The new TDE setup screen looks like the screen displayed in Figure 5-2.Figure 5-2. TDE setupAll you have to do is determine what you want your password to be. Once you createthe wallet, you can proceed to other security-related options such as creating an encryptedtablespace. If you click the Advanced Option button, you will have the option to rekey themaster key. You might want to do this is if you think your master key has been compromised.You can revisit the screen in Figure 5-2 after each database bounce to open the wallet. Byproviding the master key password for the database, you are able to open the wallet.Tablespace Encryption with Database ConsoleEarlier in this chapter, we demonstrated how to set up tablespace encryption using the conventionalSQL syntax. All of the tablespace encryption features are also configurable using DatabaseConsole. You can navigate to the tablespace setup screen within Database Console by selectingServer ➤ Storage (Tablespaces) ➤ Create.You will see the new encryption options provided, as shown in Figure 5-3.