Content deleted Content added
m Dating maintenance tags: {{Cn}} |
|||
Line 2:
'''Transparent Data Encryption''' (often abbreviated to '''TDE''') is a technology employed both by [[Microsoft]] and by [[Oracle Corporation|Oracle]] to [[encryption|encrypt]] [[database]] files. TDE offers encryption at file level. TDE solves the problem of protecting [[data at rest]], encrypting databases both on the hard drive and consequently on [[backup]] media. It does not protect [[data in transit]] nor [[data in use]]. Enterprises typically employ TDE to solve compliance issues such as [[PCI DSS]] which require the protection of data at rest.
Microsoft offers TDE as part of its [[Microsoft SQL Server]] 2008, 2008 R2, 2012, 2014 and 2016.{{cn|date=July 2016}} TDE is only supported on the Evaluation, Developer, Enterprise and Datacenter editions of Microsoft SQL Server. SQL TDE is supported by [[Hardware Security Module]]s from Thales e-Security, Townsend Security and SafeNet, Inc.
Oracle requires the [[Oracle Advanced Security]] option for Oracle 10g and 11g to enable TDE.{{cn|date=July 2016}} Oracle TDE addresses encryption requirements associated with public and private privacy and security mandates such as PCI and [[California]] [[SB 1386]]. Oracle Advanced Security TDE column encryption was introduced in Oracle Database 10g Release 2. Oracle Advanced Security TDE tablespace encryption and support for [[Hardware Security Module]]s (HSMs) were introduced with Oracle Database 11gR1. Keys for TDE can be stored in an HSM to manage keys across servers, protect keys with hardware, and introduce a separation of duties.
The same key is used to encrypt columns in a table, regardless of the number of columns to be encrypted. These encryption keys are encrypted using the database server master key and are stored in a dictionary table in the database.
| |||