Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Encrypt Red Hat OS that runs Oracle 11G

Posted on 2014-08-26
5
Medium Priority
?
797 Views
Last Modified: 2014-09-10
We currently have an Oracle 11G server that runs on the Red Hat 6 OS.  HIPPA requirements are forcing us to encrypt data at rest so we thought it would be easiest to use the OS encryption in Red Hat.  If the OS is encrypted, how does this affect Oracle?  can the encryption be turned on now or does it need to be enabled before Oracle is installed?
0
Comment
Question by:NytroZ
5 Comments
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40286595
i've used trucrypt in the past and worked well though i wouldn't suggest it now since work on it ended a few months ago and could be insecure

dm-crypt/LUKS is also a method of encryption but can't be done with data already on the partition

not sure if it's an option for you, but you could build a new system, encrypt it with the native RHEL tools (dm-crypt/LUKS), then migrate the oracle database(s) over
0
 

Author Comment

by:NytroZ
ID: 40286610
I think I will eventually need to encrypt certain tables in the database at some point as well so with that in mind does dm-crypt figure into that at all?
0
 
LVL 36

Accepted Solution

by:
Seth Simmons earned 2000 total points
ID: 40286634
no, oracle database encryption is completely separate; dm-crypt is for the file system

Transparent Data Encryption (TDE) Frequently Asked Questions
http://www.oracle.com/technetwork/database/security/tde-faq-093689.html

i saw this question because it was tagged with linux; i'm not an oracle expert so i'll let someone else speak more about that part
0
 
LVL 78

Expert Comment

by:slightwv (䄆 Netminder)
ID: 40286752
TDE is a way to protect column data.

Of course, it has a cost as it is a separate license.

Advanced Security also has other features that are guaranteed to meet your HIPPA requirements.

Their main page even mentions HIPPA:
Helps address regulatory requirements, including PCI DSS and HIPAA HITECH

http://www.oracle.com/us/products/database/options/advanced-security/overview/index.html
0
 
LVL 62

Expert Comment

by:gheist
ID: 40287467
Indded dm-crypt is for raw disks (think ASM), that includes filesystems on them
LVM also has same sort of transparent encryption and a bit more flexibility
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to Unravel a Tricky Query Introduction If you browse through the Oracle zones or any of the other database-related zones you'll come across some complicated solutions and sometimes you'll just have to wonder how anyone came up with them.  …
Often times it's very very easy to extend a volume on a Linux instance in AWS, but impossible to shrink it. I wanted to contribute to the experts-exchange community a way of providing a procedure that works on an AWS instance. It can also be used on…
This video shows information on the Oracle Data Dictionary, starting with the Oracle documentation, explaining the different types of Data Dictionary views available by group and permissions as well as giving examples on how to retrieve data from th…
This video shows how to Export data from an Oracle database using the Datapump Export Utility.  The corresponding Datapump Import utility is also discussed and demonstrated.
Suggested Courses
Course of the Month14 days, 7 hours left to enroll

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question