Force file encryption upon shutdown
Posted on 2003-03-24
The situation is that we have laptop PC's each with it's own local Oracle database. The application that modifies the data is not allowed to be changed. Anything internal to Oracle such as processes and tables, and even the names of physical database files are not allowed to be changed. The laptop is considered to be a Medical Device and the database contains sensitive medical data about people. We are concerned that a laptop could be stolen and that the medical information exposed.
The only solution I can think of is that we have some kind of automated script that the user must trigger just prior to shutting off the laptop. The script would 1)Shutdown the database, 2) create encrypted copies of the physical database files, and 3) delete the original physical database files.
When the laptop is started back up, the reverse process would need to take place: decrypt and start up database. So, I have two (2) questions ......
1) Is there a better way to accomplish my intended goal? If so, what.
2) Assuming I am required to implement my own proposed solution, what tools, 3rd party programs, techniques etc would you suggest?