




Remote DBA services Remote DBA Support Remote DBA RAC Remote DBA Reasons Remote Oracle Tuning Remote DBA Links Oracle DBA Support Oracle DBA Forum Oracle Disaster Oracle Training Oracle Tuning Oracle Training Remote DBA SQL Server Remote MSSQL Consulting Oracle DBA Hosting Oracle License Negotiation

Intelligent LOB Encryption with Securefile LOBs

Oracle 11g New Features Tips by Burleson Consulting
July 8, 2008

Oracle 11g SQL New Features Tips

Many applications need to store handle large amounts of unstructured data in the form of files such as images of checks, X-rays and other scanned documents such as invoices, article drafts or satellite images. This is a big challenge in terms of performance and can be a severe security risk.

With Release 11g Oracle has extended the TDE functionality for LOBs. Oracle has completely re-invented the LOB datatype to improve performance and security. This new lob datatype data is always stored inside the database and on the other hand it comes with benefits such as file system like logging.

Performance tests have shown that query read access is up to 2 times faster and inserting can even be up to 5 times faster compared with conventional lobs, which are called basicfile lobs as of Oracle 11g. Securefile lobs even outperform Linux NFS/EXT3 files system at all file sizes.

% Securefiles are fully compatible with the traditional LOB interfaces such as JDBC (Java thick and thin clients), ODBC, OCI, .NET.

% PL/SQL and applications can fully transparently take advantage of securefile lobs.

It is possible to use operating system interfaces to access securefile lobs through the WebDAV servers of Oracle XML DB or Oracle Content DB. Data can be accessed using protocols such as WebDAV, HTTP, NFS and FTP.

The new securefile lob columns can be compressed and they support de-duplication, file system like logging and encryption.

In this chapter I will mainly discuss the security aspects of securefile lobs. I do not go into details with features like compression and de-duplication.

The following Oracle products use securefile lobs as underlying storage:

XML DB
Oracle Spatial
Oracle Multimedia
Content DB

% For encrypted securefile lobs you need the extra cost Advanced Security Option.

The following encryption algorithms are supported for securefile lobs:

3DES168: Triple Data Encryption Standard with a 168-bit key size
AES128: Advanced Encryption Standard with a 128 bit key size
AES192: Advanced Encryption Standard with a 192-bit key size
AES256: Advanced Encryption Standard with a 256-bit key size

% Securefile lobs are fully capable of the following Oracle features:

Transactions and Read Consistency

Flashback

Backward Compatibility with LOB Interfaces

Readable Standby

Consistent Backup

Point in Time Recovery

Fine Grained Auditing

Label Security

XML indexing, XML Queries, XPath

Real Application Clusters (RAC)

Automatic Storage Management (ASM)

Partitioning

This is an excerpt from the new book Oracle 11g New Features: Expert Guide to the Important New Features by John Garmany, Steve Karam, Lutz Hartmann, V. J. Jain, Brian Carr.

You can buy it direct from the publisher for 30% off.

Expert Remote DBA

BC is America's oldest and largest Remote DBA Oracle support provider. Get real Remote DBA experts, call
BC Remote DBA today.

BC Remote Oracle Support

Remote DBA

Remote DBA Services

Oracle� is the registered trademark of Oracle Corporation.

Hit Counter