Develop the encryption Transparent data with Oracle 10 g XE
Currently I develop an application that will require encrypted in some tables columns, I will recommended to the customer buying an Oracle database for the application and that you have installed Oracle 10 g XE to begin development, I found that I can't create tables with columns TDE tho I can't create a portfolio. I searched the forums and found that a portfolio manager is not available with Oracle XE.My plan was to develop the application and then provide scripts for creating the DBA of the customer so that they can create data tables in their Oracle database... Can I develop the application without transparent data encryption and then say s/n, which must be implemented in the version of the application? The application needs to know the password of portfolio/TDE to encrypt/decrypt the columns!
Any ideas how I could go on the development of the customer Oracle XE database without access to CDW?
The T in TDE is transparent, so that your application should need not even be aware that all columns or storage are encrypted. Transparent data encryption are generally implemented in systems that were never designed to encrypt data, so in theory it should be 'perfectly safe' to develop not encrypted and have the client encrypt the columns during installation.
Of course, when marketing people start talking about things that are 'perfectly safe', it is always a sign of coming danger. Although I have never heard of a case where encrypt a column caused a problem for an application, I would be very doubtful to the development in an environment different from that of production. This includes the exact version of the database (I guess that the customer has installed the last patchsets, so they run 10.2.0.4, for example) as well as editing. If you decide to rely on the fact that everything should go smoothly when you promote to a different version of a different edition of the database with a different schema definition, even if it would normally, you virtually guarantee that you will end up with a problem that will be difficult to solve.
In your case, I would use XE to the development. It would be much safer to develop against the personal edition. It's not free, but it's the database licensed Enterprise edition to run on developer machines. It is not free, but it is much less than an enterprise edition license.
Justin
Tags: Database
Similar Questions
-
How to reset the Master encryption key in the encryption Transparent data...
Hello
I use Transparent data encryption in Oracle Database 11g Release 2.
After having specified an Oracle Wallet location in the sqlnet.ora file as shown below:
ENCRYPTION_WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = D:\Oracle\enc\admin\tde\wallet)
)
)
Created the master encryption key using the statement
SQL > ALTER the ENCRYPTION KEY SET of SYSTEM IDENTIFIED BY 'Abc123def456 ';
Modified system.
When I reset the master Encryption Key by using the statement get an error as shown below:
SQL > ALTER the ENCRYPTION KEY SET of SYSTEM IDENTIFIED BY 'Easy2rem ';ERROR on line 1:
ORA-28353: cannot open portfolio
Please help me how to reset the master encryption key.
Kind regards
Kalashnikoff.
Hi currently,
you need to reset the master encryption key by using the exact same statement:
CHANGE the ENCRYPTION KEY SET of SYSTEM IDENTIFIED BY 'Abc123def456 ';
The passworsd you provide is only the password of the portfolio, the MK is not derived from this, but
using a secure random number generator, the Wallet password can be changed separately
using owm or orapki.
Greetings,
Damage
-
Advantage of the portfolio after the migration to HSM with Oracle 11.2.0.1.0
Hello
I found this integration for Utimaco Cryptoserver guide: http://hsm.utimaco.com/solutions/db-encryption/ and now I wonder if it is necessary to keep the original portfolio after the migration of HSM with Oracle 11.2.0.1.0. As I understand it, eventually all the necessary keys are stored in HSM. Is still used portfolio in a way or is it possible to reuse maybe after you set the METHOD to FILE sqlnet.ora?
Thank youHi flyer007,
If you used the Wallet before Oracle, then migrate the master key of TDE from there to an HSM is a renewal of key operation; the keys of the table (for the TDE column encryption), and tablespace (for TDE tablespace encryption) key is decrypted with the old key in the portfolio) and encrypted again with the new MK unified (in the HSM).
Your RMAN backup files, export files Data Pump and same 'live' in the redo logs, TEMP and UNDO tablespace can be encrypted with the old MK in the wallet, that's why we NEVER delete the portfolio.
Of course, the Oracle database automatically knows what MK he needs.
Good luck
Peter
-
Integration of the OPA 10.4 with Oracle E-business Suite
We have a requirement for the integration of the OPA 10.4 with Oracle E - business suite.
The condition is hypocritical:
(1) EBS can call rules of the takeover bid on any screen - I think that this will be achieved by Oracle determinations Server (ODS) with probably a middleware between both to facilitate the exchange of webservice.
Request- I just wanted to know if there is another way to better or if it is only best option?
Are there examples of projects or pointers that can help us get a better understanding of the present?
(2) given certain conditions of release in EBS, the modules of the OPA may be invoked, but this time there may be a few involved OPA interview screens.
Request- How to proceed and achieve this goal?
Any help on the above queries is really appreciated.
(1) it is for an older version of OPA, but you might find something useful in this tutorial.
(2) launch a browser window in passing a single parameter "caseid" to OPA startsession URL, so that a data adapter that you write can load and save data interviews of EBS based on the id of the object.
-
Error: The lines of data with unmapped dimensions exist for period "1 April 2014".
Expert Hi
The below error when I click on the button Execute in order to load data in the area of data loading in 11.1.2.3 workspace. Actually, I already put in the tabs global mapping (add records of 12 months), mapping of Application (add records of 12 months) and map sources (add a month "1 April 2014' as the name of period with Type = Explicit mapping") in the service of the period mapping. What else should I check to fix this? Thank you.
2014-04-29 06:10:35, 624 [AIF] INFO: beginning of the process FDMEE, process ID: 56
2014-04-29 06:10:35, 625 [AIF] INFO: recording of the FDMEE level: 4
2014-04-29 06:10:35, 625 [AIF] INFO: FDMEE log file: null\outbox\logs\AAES_56.log
2014-04-29 06:10:35, 625 [AIF] INFO: user: admin
2014-04-29 06:10:35, 625 [AIF] INFO: place: AAESLocation (Partitionkey:2)
2014-04-29 06:10:35, 626 [AIF] INFO: period name: Apr 1, 2014 (period key: 4/1/14-12:00 AM)
2014-04-29 06:10:35, 627 [AIF] INFO: category name: AAESGCM (category key: 2)
2014-04-29 06:10:35, 627 [AIF] INFO: name rule: AAESDLR (rule ID:7)
2014-04-29 06:10:37, 504 [AIF] INFO: Jython Version: 2.5.1 (Release_2_5_1:6813, September 26 2009, 13:47:54)
[JRockit (R) Oracle (Oracle Corporation)]
2014-04-29 06:10:37, 504 [AIF] INFO: Java platform: java1.6.0_37
2014-04-29 06:10:39, 364 INFO [AIF]: - START IMPORT STEP -
2014-04-29 06:10:45, 727 INFO [AIF]:
Import of Source data for the period "1 April 2014".
2014-04-29 06:10:45, 742 INFO [AIF]:
Import data from Source for the book "ABC_LEDGER".
2014-04-29 06:10:45, 765 INFO [AIF]: monetary data lines imported from Source: 12
2014-04-29 06:10:45, 783 [AIF] INFO: Total of lines of data from the Source: 12
2014-04-29 06:10:46, 270 INFO [AIF]:
Map data for period "1 April 2014".
2014-04-29 06:10:46, 277 [AIF] INFO:
Treatment of the column mappings 'ACCOUNT '.
2014-04-29 06:10:46, 280 INFO [AIF]: data rows updated EXPLICIT mapping rule: 12
2014-04-29 06:10:46, 280 INFO [AIF]:
Treatment of the "ENTITY" column mappings
2014-04-29 06:10:46, 281 [AIF] INFO: rows of data updates to EXPLICIT mapping rule: 12
2014-04-29 06:10:46, 281 [AIF] INFO:
Treatment of the column mappings "UD1.
2014-04-29 06:10:46, 282 [AIF] INFO: rows of data updates to EXPLICIT mapping rule: 12
2014-04-29 06:10:46, 282 [AIF] INFO:
Treatment of the column mappings "node2".
2014-04-29 06:10:46, 283 [AIF] INFO: rows of data updates to EXPLICIT mapping rule: 12
2014-04-29 06:10:46, 312 [AIF] INFO:
Scene for period data "1 April 2014".
2014-04-29 06:10:46, 315 [AIF] INFO: number of deleted lines of TDATAMAPSEG: 171
2014-04-29 06:10:46, 321 [AIF] INFO: number of lines inserted in TDATAMAPSEG: 171
2014-04-29 06:10:46, INFO 324 [AIF]: number of deleted lines of TDATAMAP_T: 171
2014-04-29 06:10:46, 325 [AIF] INFO: number of deleted lines of TDATASEG: 12
2014-04-29 06:10:46, 331 [AIF] INFO: number of lines inserted in TDATASEG: 12
2014-04-29 06:10:46, 332 [AIF] INFO: number of deleted lines of TDATASEG_T: 12
2014-04-29 06:10:46, 366 [AIF] INFO: - END IMPORT STEP -
2014-04-29 06:10:46, 408 [AIF] INFO: - START NEXT STEP -
2014-04-29 06:10:46, 462 [AIF] INFO:
Validate the data maps for the period "1 April 2014".
2014-04-29 06:10:46, 473 INFO [AIF]: data rows marked as invalid: 12
2014-04-29 06:10:46, ERROR 473 [AIF]: error: the lines of data with unmapped dimensions exist for period "1 April 2014".
2014-04-29 06:10:46, 476 [AIF] INFO: Total lines of data available for export to the target: 0
2014-04-29 06:10:46, 478 FATAL [AIF]: error in CommMap.validateData
Traceback (most recent call changed):
Folder "< string >", line 2348 in validateData
RuntimeError: [u "error: the lines of data with unmapped dimensions exist for period" 1 April 2014' ""]2014-04-29 06:10:46, 551 FATAL [AIF]: COMM error validating data
2014-04-29 06:10:46, 556 INFO [AIF]: end process FDMEE, process ID: 56Thanks to all you guys
This problem is solved after I maped all dimensions in order of loading the data. I traced only Entity, account, Custom1 and Custom2 at first because there is no source map Custom3, Custom4 and PIC. After doing the mapping for Custom3, Custom4 and PKI, the problem is resolved. This is why all dimensions should be mapped here.
-
Find the store of data with more free space.
So I'm trying to build a script to configure the virtual machine.
I'll have it retrieve the node to keep newly available vm out based on the cluster, I said to use. I'm just using the Random function to do that then I select a node in the cluster.
Where I have questions, how can I
find the data store less used, based on a particular data store naming scheme.
I want to say is:
Hypathetically, I for example named data warehouses:
store data-prod-01 200 GB free
store data-prod-02 500 GB free
free data-prod-03 10 GB store
free data-qa-01 200 GB store
free data-qa-02 1000 GB store
I want to throw in a piece of code to tell him to watch data warehouses "datastore-prod *" and place the virtual machine on the store of data with the most space. (that's assuming that the vm will agree on the DS and let fresh generals)
I guess I want to know if it is possible?
I would also be concerned about scenario that perhaps the vm should I build just will not match on any of my other data store. I guess I need a logic to check if it is still possible.
This is more than a wish rather than a necessity. I'm thinking if I just read the info, or use a cvs file after running the script. Any recommendations would be greatly appreacted.
Hello, drivera01-
You should be able to do this with a very small amount of code. Download all data warehouses that correspond to the model name, sort free space (in descending order) and select the top one. As:
## get the datastore matching datastore-prod* that has the most freespace$oDatastoreWithMostFree = Get-Datastore datastore-prod* | Sort-Object -Property FreespaceGB -Descending:$true | Select-Object -First 1 ## if the freespace plus a bit of buffer space is greater than the size needed for the new VMif (($oDatastoreWithMostFree.FreespaceGB + 20) -gt $intNewVMDiskSize) {<# do the provisioning to this datastore #>}else {"oh, no -- not enough freespace on datastore '$($oDatastoreWithMostFree.Name)' to provision new VM"}The second part, where it checks for sufficient freespace on the data store that has the most free, can be updated to behave as you need, but that should be the basis. How does this look?
-
Transparent data encryption are supported with Oracle Advanced Replication?
Which version of DB, TDE supported with Oracle Advanced Replication?user939188 wrote:
Which version of DB, TDE supported with Oracle Advanced Replication?"Materialized views do not support columns that have been encrypted by using transparent data encryption."
Source - http://oracle.su/docs/11g/server.112/e10706/repmview.htm
-
Development of rich Web Applications with Oracle ADF tutorial
Oracle JDeveloper 12 c (12.1.2) tutorials - developing rich Web Applications with Oracle ADF
3.8 step that a change in the Salary field should translate into a auto update, partial trigger, in terms of annual salary after tabbing off the Salary field, but it doesn't. If I do a update for the Salary field and click on the next button, click the back button, I can see the field update of annual salary.
I use the version of the JDeveloper IDE with the logical Web server and Apache Derby network server - 10.8.2.2.
Oracle IDE 12.1.2.0.40.66.68 I made all the changes or the steps in the tutorial.
No idea why the automatic update does not work on my system?
Thanks in advance for your suggestions!
Hello
two suggestions
1 set the property clientComponent on the field of output annual salary to 'true '. Because the field is an element of output text sometimes what makes a client component helps the update.
2 obtain the completed application to http://docs.oracle.com/cd/E37547_01/tutorials/tut_rich_app/labs/richclient.zip and check if she works there. If this works it then the problem is in your implementation. But then you have a working example to compare with.
Frank
-
WLST Script to create the field of OSB with Oracle XE
I installed oracle Service bus 10.3 with Oracle XE on a CentOS linux distribution. Everything went well. I created a default domain with the Wizard (so with Pointbase). Now, I want to go a little further. So I want to automatically create a domain OSB for Oracle XE. I used the following script (I borrowed from another thread ;-))):
-----
import sys
Print "@ from the script...» »
Try:
domaintarget = "/ apps/bea/user_projects/domains/test2.
domainUser = "weblogic.
wl_home='/apps/BEA/wlserver_10.3'
workshop_home='/apps/BEA/workshop_10.3'
osb_home='/apps/BEA/osb_10.3'
def configOraDB (dataSource):
CD (DataSource)
URL = "jdbc:oracle:thin:@localhost:1521:XE".
Set ('URL', URL)
Set('DriverName','oracle.) JDBC. OracleDriver')
cmo.setPasswordEncrypted (domainUser)
CD (' Properties/NO_NAME_0/Property/user')
Set ('Value', domainUser)
CD ('. /.. /.. /.. /.. /.. /.. / JdbcConnectionPoolParams/NO_NAME_0 ')
cmo.setTestTableName ('dual')
# Open a field template.
readTemplate (wl_home + ' / common/templates/domains/wls.jar')
CD (' Servers/AdminServer')
together ('ListenPort', 7002)
Set('ListenAddress','')
CD('/')
CD (' Security/base_domain/user/weblogic')
cmo.setName ('weblogic')
cmo.setPassword ('weblogic')
setOption ('OverwriteDomain', 'true')
writeDomain (domaintarget)
closeTemplate()
readDomain (domaintarget)
addTemplate (workshop_home + ' / common/templates/applications/workshop_wl.jar')
addTemplate (wl_home + ' / common/templates/applications/wls_webservice.jar')
addTemplate (osb_home + ' / common/templates/applications/wlsb.jar')
configOraDB('/JdbcSystemResources/wlsbjmsrpDataSource/JdbcResource/wlsbjmsrpDataSource/JdbcDriverParams/NO_NAME')
configOraDB('/JdbcSystemResources/cgDataSource/JdbcResource/cgDataSource/JdbcDriverParams/NO_NAME')
configOraDB('/JdbcSystemResources/cgDataSource-nonXA/JdbcResource/cgDataSource-nonXA/JdbcDriverParams/NO_NAME')
updateDomain()
closeDomain()
except:
dumpStack()
Print "unexpected error:", sys.exc_info () [0]
lift
-----
This creates a pretty empty field, as I have not yet created a real database. The command I found was
loadDB ('10g ','wlsbjmsrpDataSource ')
that will load the appropriate tables (of OSB/dbscripts /..)
The problem is that I have no schema/user created in Oracle XE. So, I can manually create this but is not what I want to do. I also want to be scripted. So, how can I do this or is this not the way to go. You always manually create users on the database for three data sources (cgDataSource, wlsbjmsrpDatasrouce, cgDataSource-nonXA) before running a script to make a loadDB. Or do I run some kind of script create_user.sql or something.
A second issue is that I can't find the scripts for the databases for cgDataSource and cgDataSource-nonXA data sources. They should be somewhere in workshop_10.3 but I can't find them. So, what is the problem here, I have to do a loadDB('10g','cgDataSource') or that eventually an error?
My last question is I want to change the ALSB_DEBUGPORT (7 something) and debugging of the FMV of port (8453) in my script, how can I do this? I had another instance that already use these ports, so this won't work...My preference would be to invoke wslt by ant. This way Weblogic specific configurations can be addressed using WSLT and generic configurations (create DB users) can be done using ant.
The files SQL to create tables required for the OSB are present in/MiddlewareHome/Oracle_OSB1/dbscripts/oracle. Try to run manually by using the Ant sql task. Create DB users is also possible using the same Ant SQL task http://ant.apache.org/manual/CoreTasks/sql.html.
There are several ways you can do. I use http://ant.apache.org/manual/CoreTasks/replace.html as shown below in an Ant macro. Similarly, you can replace the ALSB_DEBUGPORT debug port and jvm debugging.
Maury -
Foreign key constraint, not recognized during the synchronization of data with the model dictionary
Hello
Data Modeler is a foreign key constraints do not recognize when synchronizing data with the model dictionary, although the foreign key is there (in the database that a data dictionary is read). I can't find any criterion when a foreign key is not recognized by the Data Modeler. Are there limits to the length of the attribute, or the number of columns in a foreign key, or other limitations which may lead to this behavior not to recognize a fk by Data Modeler? I have columns more than 32 characters. I compared with the fk is recognized by DM, but I can't find anything that indicates why it is not recognized.
I wonder if someone also has constraints of foreign keys that are not recognized in the comparison of data bases and model?
Thank you
Robert
Hi Robert,.
Thanks for the comments, I logged a bug.
Philippe
-
Masking of data with Oracle 10 g Data Pump
Dear all,
I have to hide certain data confidential all import in specific tables. I am currently using below mentioned oracle version
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
In 11g, there is an option in datapump called REMAP_DATA. Is there an equivalent feature in version 10g?
Kind regards
S.balraj
I thought that 'no' was pretty clear.
DIY - or copy table, the mask sensitive data and then expdp / impdp copied or hide the data after the import.
-
Synchronize the dictionary of data with model only works for models imported?
When I imported data dictionary model (file-> import-> data dictionary) then in relational model the two buttons "Synchronize Data with Model Dictionary" and "Synchronize model with Data Dictionary" works very well.
But when I model created from scratch and I'm clicking on the buttons "Synchronize data dictionary with the model" or "Synchronize model with Data Dictionary" nothing happens.
It works only for models imported?
(Data model EA 3.3)Hello
Yes, Synchronize only works for objects that were imported to the original (like Synchronize uses the information entered during the import to determine which database connection and the database object to compare to).
If your model is not imported, you can achieve the same effect as follows:
-Open the template in Data Modeler and also open the relevant physical model.
-Do an Import of data dictionary, select the objects you want to compare with that.After the import phase, this will display the dialog box to compare, showing the differences between the objects imported from the database and your model.
Note that if you intend to generate the DDL to update your database of the difference (as in "synchronize with Model Data Dictionary"), you must select the "Swap Target Model" option in step 2 (select database schema) data dictionary import wizard.
David
-
Cannot read the encrypted content DRM with Win 7 - 64 bit and IE9 - 64-bit
Hello
I have a problem I have to solve...
Everything works fine with Firefox, IE7, IE8, Chrome, Safari on Windows XP 32-bit as 64-bit, except under Windows 7 64-bit with 64-bit IE9 and 11.3 Flash. 64-bit. In addition, it's working with Windows 7 32 bit with 32-bit IE9 and flash 11.3 32 bits.
After that the flash client is running a "loadVoucher (drmContentData)" for the license server, I receive, in response, error code 3303?
According to the reference of the runtime error, it says that the content is expired.
3303 Content expiration. Reacquire right from the server. Have you encountered this problem already, if so, how do solve you?
Thanks in advance
source: http://help.Adobe.com/en_US/FlashPlatform/reference/ActionScript/3/runtimeErrors.html
Hi Seb,
I know we have a known problem in the 64-bit version of Internet Explorer.
If the content expiration date is 2038-1-18 or later, Internet Explorer 64 bit version error 3303.
If this symptom fits your situation, try to rearrange your content with different expiration date and try again.
Thank you
--
Hiroshi
-
Deploy the adf on glassfish with oracle database server.
I am trying to create a connection from the pool on glassfish 4 oracle database server.
but I could not. I was trting to ping and show this error ping Connection Pool failed for audio. Class name is incorrect or classpath is not set to: oracle.jdbc.pool.OracleDataSource
GlassFish 3.1 is supported, 4.x is not.
-
Creating folders in the view of data with powercli store
Hello
We try to automate some parts of a build script and we want to create a folder in the view of data warehouses to move all the local disk. the only place that I can create a folder has been the point of view of Cluster, DataCenter and VM. is there a way to do this?
Thank you
Matt
This is a hidden folder named "datastore".
You can do
$dsHome = Get-Folder -Name datastoreNew-Folder -Name MyFolder -Location $dsHome
Note that there is 1 folder "data store" by the data center.
If you have more than 1 data center in your vCenter, you need to indicate what you want "datastore" folder from the data center.
$dc = Get-Datacenter -Name DC$dsHome = Get-Folder -Name datastore -Location $dcNew-Folder -Name MyFolder -Location $dsHome
Maybe you are looking for
-
I regularly visit a Web site were members of the community can submit/attach photos with each submission blogfeed on their own profile page. When more then 2 photos are submitted/joint there are only 2 thumbnails shown and one line "and x" (x = quant
-
Firefox last month started to freeze every time on a Windows 7 laptop, whenever I have try one of these measures. I tried 'refresh Firefox', safe mode, uninstall/reinstall, nothing seems to help. Cannot open prefs so I have not been able to disable h
-
I get the error: "year error has occurred, please try again later" when you try to view videos youtube on Firefox.I tried to use Google Chrome and everything's good about it. Things I've tried: Clearing cookies, history etc. Removal of cookies.sqlite
-
Shortcut on the desktop for the recycling bin
Hi, I accidentally deleted my shortcut on the desktop for the recycling bin. Is it possible to get it back? Thanks in advance!
-
Permission to edit/update/copy of Win7 for Vista
I just got a new PC running Win7 Home Premium 64, and I want to edit files on my server in Vista Home premium 64 SP2. They are connected via a wired network and two machines can see and I can copy files in public directories on each one to the other.