Index

Symbols A C D E G H I J K L M N O P R S T U V X

Symbols

, when to use 4.1.4.3

A

ad hoc tools
- Oracle Data Redaction 11.4.2
ADMINISTER KEY MANAGEMENT
- isolated mode operations 6.2
- isolated mode operations not allowed 6.3
- united mode operations allowed in 5.2
- united mode operations not allowed 5.3
administrative access to policies, restricting 16.2
aggregate functions
- affect on Data Redaction policy optimization 15.6
ALTER SYSTEM statement
- how compares with ADMINISTER KEY MANAGEMENT statement 7.5, 8.6.1
APEX_UTIL.GET_NUMERIC_SESSION_STATE function
- Oracle Data Redaction policies (NV public function) 13.5.6
APEX_UTIL.GET_SESSION_STATE function
- Oracle Data Redaction policies (V public function) 13.5.6
applications
- database applications and Oracle Data Redaction 11.4.1
- modifying to use Transparent Data Encryption 7.4
auto login keystores
- and Transparent Data Encryption (TDE) 4.2.6.4
Automatic Storage Management (ASM)
- keystore location configuration 4.1.13.1
- keystore pointing to ASM location 4.1.13.3
- moving software keystores from 4.1.10
- non-OMF-compliant system pointing to ASM location 4.1.13.4
- standalone database pointing to ASM location 4.1.13.2

C

CDBs
- cloning PDBs with encrypted data 5.8.3.2
- cloning PDBs with encrypted data in isolated mode 6.8.3
- cloning PDBs wth encrypted data, about 5.8.3.1
- Data Redaction masking policies 15.10
- moving PDB from one CDB to another 6.8.1
- moving PDB from one CDB to another in united mode 5.8.1
- PDBs with encrypted data 5.8.2
- preserving keystore passwords in PDB move operations 6.8.1
- preserving keystore passwords in PDB move operations in united mode 5.8.1
- remotely cloning PDBs with encrypted data in isolated mode 6.8.4, 6.8.5
- remotely cloning PDBs with encrypted data in united mode 5.8.3.3, 5.8.3.4
change data capture, synchronous 3.5.3
closing external keystores 4.1.14.1
closing software keystores 4.1.14.1
column encryption
- about 2.4.2
- changing algorithm 3.5.9
- changing encryption key 3.5.9
- creating encrypted table column with default algorithm 3.5.4.2
- creating encrypted table column with non-default algorithm 3.5.4.3
- creating index on encrypted column 3.5.6
- data loads from external file 7.6
- data types to encrypt 3.5.2
- existing tables
  - about 3.5.5.1
  - adding encrypted column to 3.5.5.2
  - disabling encryption 3.5.5.4
  - encrypting unencrypted column 3.5.5.3
- external tables 3.5.4.7
- incompatibilities 10.1
- limitations 10.1
- performance, optimum 10.2
- salt 3.5.7
- security considerations 7.2.2
- skipping integrity check 3.5.4.4
column sensitive type discovery
- enabling when creating a Data Redaction policy 14.5.2
compliance
- Transparent Data Encryption 2.2
compression of Transparent Data Encryption data 7.1
configuring software keystores
- creating local auto-login keystore 3.3.3.3
control files
- lost 6.4.1

D

data at rest 2.1
database close operations
- keystores 7.7
database links
- with Oracle Data Redaction policies 15.5
database roles
- Data Redaction policies 13.5.4
databases
- about encrypting 3.6.1
- encrypting existing 3.6.9.1
- encrypting offline 3.6.9.2
- encrypting online 3.6.9.3
data deduplication of Transparent Data Encryption data 7.1
data redaction
- See: Oracle Data Redaction
Data Redaction supported functions 13.5.1
data storage
- Transparent Data Encryption 7.3.2
DDL statements
- Oracle Data Redaction policies 15.2
decryption
- tablespaces, offline 3.6.7.1, 3.6.7.3
- tablespaces, online 3.6.8.1
DISTINCT clause, Data Redaction policies 15.1
DML statements
- Oracle Data Redaction policies 15.2

E

editing custom formats 14.4.3
editing policies 14.5.3
Editions
- Transparent Data Encryption 8.6
encrypted columns
- data loads from external files 7.6
encrypting data
- in isolated mode 6.5.5, 6.6.5
- in united mode 5.5.5, 5.6.5
encryption 2.4.2
- See also: Transparent Data Encryption (TDE)
- cloning PDBs with encrypted data 5.8.3.2
- cloning PDBs with encrypted data in isolated mode 6.8.3
- databases offline 3.6.9.2
- databases online 3.6.9.3
- encrypting future tablespaces 3.6.5.2
  - about 3.6.5.1
- existing databases 3.6.9.1
- procedure 3.6.5.2
- remotely cloning PDBs with encrypted data in isolated mode 6.8.4, 6.8.5
- remotely cloning PDBs with encrypted data in united mode 5.8.3.3, 5.8.3.4
- supported encryption algorithms 3.6.8.1
- tablespaces, offline 3.6.7.1
- tablespaces, online 3.6.8.1
encryption algorithms, supported 3.6.8.1
encryption keys
- setting in isolated mode 6.5.4
- setting in united mode 5.5.4
Errors:
- ORA-46694 6.7.14
EXEMPT REDACTION POLICY privilege
- using with Database Vault 16.2
expressions 13.5.1
- LENGTH functions, character string 13.5.2.3
- namespace functions 13.5.2.1
- Oracle Application Express 13.5.2.4
- Oracle Label Security functions 13.5.2.5
- SUBSTR function 13.5.2.2
EXTERNAL_STORE clause 4.1.4.3
external credential store, external keystores 4.1.4.1
external credential store, external keystores, sqlnet.ora 4.1.4.2
external credential store, password-based software keystores 4.1.4.1
external credential store, password-based software keystores, sqlnet.ora 4.1.4.2
external files
- loading data to tables with encrypted columns 7.6
external keystores 3.4.1
- about 2.4.4.3
- backing up 4.1.7
- changing password in isolated mode 6.7.1.2
- changing password in united mode 5.7.1.2
- closing 4.1.14.1
- closing in isolated mode 6.7.4.2
- closing in united mode 5.7.3.2
- heartbeat batch size 5.6.4.2
- opening, about 3.4.3.1, 5.6.3.1
- opening in isolated mode 6.6.3
- opening in united mode 5.6.3.2
- plugging PDBs 5.8.2.4, 6.8.2.4
- unplugging PDBs 5.8.2.3, 6.8.2.3
- using external keystore 4.1.4.1
- using external keystore, sqlnet.ora 4.1.4.2
external store for passwords
- open and close operations in CDB 5.8.4, 6.8.6
external tables, encrypting columns in
- ORACLE_DATPUMP 7.6
- ORACLE_LOADER 7.6

G

GROUP BY clause, Data Redaction policies 15.1
guidelines
- materialized views and Data Redaction 16.5
- recycle bin and Data Redaction 16.7
- SYS_CONTEXT values and Data Redaction 16.4
guidelines, general usage
- redacted columns and DISTINCT clause 15.1
- redacted columns and GROUP BY clause 15.1
- redacted columns and ORDER BY clause 15.1
guidelines, security
- ad hoc query attacks and Data Redaction 16.1
- application context value handling by Data Redaction policies 16.1
- day-to-day operations and Data Redaction 16.1
- DDL statements and Data Redaction policies 16.1
- exhaustive SQL queries and inference and Data Redaction 16.1

H

HEARTBEAT_BATCH_SIZE initialization parameter 5.6.4.2

I

import/export utilities, original 3.5.3
indexes
- creating on encrypted column 3.5.6
index range scans 2.4.3
inline views
- Data Redaction policies order of redaction 15.3
- Data Redaction redaction 15.3
intruders
- ad hoc query attacks 16.1
isolated mode 6.2, 6.3
- about 6.1
- ADMINISTER KEY MANAGEMENT operations allowed in 6.2
- ADMINISTER KEY MANAGEMENT operations not allowed in 6.3
- backing up software keystores 6.7.2
- changing PDB keystore from CDB root 6.4.2
- configuring 6.4.1
- configuring external keystore 6.6.2
- configuring external keystores, about 6.6.1
- configuring software keystores, about 6.5.1
- creating software keystore 6.5.2
- creating TDE master encryption key for later use 6.7.6
- encrypting data 6.5.5, 6.6.5
- encryption key, setting 6.5.4
- exporting, importing TDE master encryption keys 6.8.7.1
- exporting or importing master encryption keys 6.8.7.2
- external keystores, closing 6.7.4.2
- external keystores, opening 6.6.3
- lost control file 6.4.3
- master encryption keys
  - moving key from PDB to CDB root 6.7.14
- master encryption keys, migrating 6.6.4.2
- migrating from external keystore to password software keystore 6.7.13.2
- migrating from password software keystore to external keystore 6.7.13.1
- moving encryption key into new keystore 6.7.9
- moving PDB from one CDB to another 6.8.1
- Oracle RAC 6.4.4
- password change for external keystores 6.7.1.2
- password change for software keystores 6.7.1.1
- plugging PDBs with encrypted data into CDB 6.8.2.2
- plugging PDB with master encryption keys stored in external keystore 6.8.2.4
- secrets stored in external keystores 6.7.12.2
- secrets stored in software keystores 6.7.12.1
- setting new encryption key 6.6.4.1
- software keystores, closing 6.7.4.1
- software keystores, opening 6.5.3
- uniting PDB keystore 6.7.14
- unplugging PDBs 6.8.2.3

J

JSON
- Oracle Data Redaction 15.16

K

keystore location
- setting 3.3.2
- setting for isolated mode 6.4.1
- setting for united mode 5.4.1, 5.4.2
keystores
- about 2.4.4.1
- architecture 2.4.2
- ASM-based 4.1.13.1
- auto login 4.2.6.4
- auto-login, open and close operations in CDBs 5.8.4, 6.8.6
- backing up isolated mode password-protected software keystores
  - procedure 6.7.2
- backing up password-protected software keystores
  - about 4.1.5.1
  - backup identifier rules 4.1.5.2
  - procedure 4.1.5.3
- backing up united mode password-protected software keystores
  - procedure 5.7.2
- changing external keystore password 4.1.3
- changing passwords for protected-protected software keystores 4.1.2.1
- closing external keystores 4.1.14.1
- closing in CDBs 5.8.4, 6.8.6
- closing software keystores 4.1.14.1
- creating when PDB is closed 6.7.15.1
- database close operations 7.7
- deleting 4.1.16
- deleting unused 5.7.11
- deleting unused, about 4.2.8.1
- deleting unused, procedure 4.2.8.2
- deleting unused in isolated mode 6.7.9
- external 3.4.1
- external, changing password in isolated mode 6.7.1.2
- external, changing password in united mode 5.7.1.2
- external, opening in united mode 5.6.3.2
- external keystore
  - configuration process 3.4
- hardware, opening in isolated mode 6.6.3
- merging
  - about 4.1.8.1
  - auto-login into password-protected 4.1.8.4
  - one into another existing keystore 4.1.8.2
  - one into another existing keystore in isolated mode 6.7.3.1
  - reversing merge operation 4.1.8.5
  - two into a third new keystore 4.1.8.3
  - two into a third new keystore in isolated mode 6.7.3.2
- migrating
  - creating master encryption key for external keystore-based encryption 4.1.11.1.3
  - external keystore to software keystore 4.1.11.2.1
  - keystore order after migration 4.1.11.3
  - password key into external keystore 4.1.11.1.2
- migration using Oracle Key Vault 4.1.12
- moving out of ASM 4.1.10
- moving software keystore to a new location 4.1.9
- non-OMF-compliant system pointing to ASM location 4.1.13.4
- opening external 3.4.3, 5.6.3
- opening in CDBs 5.8.4, 6.8.6
- Oracle Database secrets
  - about 4.3.1
  - storing in external keystore 4.3.6
  - storing in software keystore 4.3.2
- password access 4.1.1
- password preservation in PDB move operations 6.8.1
- password preservation in PDB move operations in united mode 5.8.1
- pointing to ASM location 4.1.13.3
- reverting keystore creation operation 6.7.15.2
- search order for 3.2
- software, changing password in isolated mode 6.7.1.1
- software, changing password in united mode 5.7.1.1
- software, creating in united mode 5.5.2
- software, opening in isolated mode 6.5.3
- software, opening in united mode 5.5.3
- standalone database pointing to ASM location 4.1.13.2
- TDE master encryption key merge differing from import or export 4.2.7.10
- using auto-login external keystore 4.3.10.1
keystores, software
- configuration process 3.3
keystore type
- setting 3.3.2
- setting for isolated mode 6.4.1
- setting for united mode 5.4.2
- setting for united mode using parameter 5.4.1

L

LENGTH functions, character string
- expressions 13.5.2.3

M

masking
- See: Oracle Data Redaction
materialized views
- Data Redaction guideline 16.5
- Transparent Data Encryption tablespace encryption 8.2.1
migration
- migrating from external keystore to password software keystore 6.7.13.2
- migrating from password software keystore to texternal keystore 6.7.13.1
moving encryption key into new keystore
- about 4.2.8.1
- procedure 4.2.8.2
multitenant container databases
- See: CDBs

N

namespace functions
- expressions 13.5.2.1
nested functions
- Data Redaction policies order of redaction 15.3
NV public function (APEX_UTIL.GET_NUMERIC_SESSION_STATE function), Data Redaction policies 13.5.6

O

OLS_LABEL_DOMINATES public function
- Data Redaction policies 13.5.5
ONE_STEP_PLUGIN_FOR_PDB_WITH_TDE dynamic system parameter 5.8.1, 6.8.1
opening external keystores 3.4.3, 5.6.3, 3.4.3.1, 5.6.3.1
opening software keystores 3.3.4.1
operations allowed in 5.2, 6.2
operations not allowed in 5.3, 6.3
ORA-00979 error
- not a GROUP BY expression error 15.1
ORA-28081
- Insufficient privileges - the command references a redacted object error 15.2
ORA-28365 error
- wallet is not open 3.6.2
ORA-46680 error 5.8.2.1
ORA-46694 error 6.7.14
ORA-65040 error 6.7.15.1
Oracle Application Express
- filtering using by session state in Data Redaction policies 13.5.6
Oracle Application Expression
- expressions 13.5.2.4
Oracle Call Interface
- Transparent Data Encryption 8.5
Oracle Database Real Application Security
- Data Redaction 15.12
Oracle Database Vault
- using with Data Redaction 16.2
Oracle Data Guard
- TDE and Oracle Key Vault 8.2.2
- TDE master encryption keys, removing from standby database 5.7.12
- Transparent Data Encryption 8.2.1
Oracle Data Pump
- encrypted columns 8.1.2
- encrypted data 8.1.1
- encrypted data with database links 8.1.4
- encrypted data with dump sets 8.1.3
- exported data from Data Redaction policies 15.14.3
- exporting Oracle Data Redaction objects 15.14.2.1
- imported data from Data Redaction policies 15.14.4
- Oracle Data Redaction security policy 15.14.1
Oracle Data Redaction 12.4
- about 11.1
- ad hoc tools 11.4.2
- aggregate functions 15.6
- benefits 11.3
- CDBs 15.10
- columns with XML-generated data 15.8
- creating custom format 14.4.2
- database applications 11.4.1
- DBMS_REDACT.ADD_POLICY procedure
  - using 13.3
- DBMS_REDACT.ALTER_POLICY procedure
  - about 13.14.1
  - example 13.14.4
  - parameters required for various actions 13.14.3
  - syntax 13.14.2
- DBMS_REDACT.DISABLE_POLICY
  - about 13.16.1
  - example 13.16.1
  - syntax 13.16.1
- DBMS_REDACT.DROP_POLICY
  - about 13.17
  - examples 13.17
  - syntax 13.17
- DBMS_REDACT.ENABLE_POLICY
  - about 13.16.2
  - example 13.16.2
  - syntax 13.16.2
- DBMS_REDACT.UPDATE_FULL_REDACTION_VALUES procedure
  - about 13.7.2.1
  - syntax 13.7.2.2
  - using 13.7.2.3
- deleting policies 14.5.6
- editing custom format 14.4.3
- editions 15.9
- Enterprise Manager Cloud Control 14.4.1, 14.4.2, 14.4.3, 14.5.1
- Enterprise Manager Cloud Control, about 14.1
- Enterprise Manager Cloud Control workflow 14.2
- exporting data using Data Pump Export 15.14.3
- exporting objects using Data Pump 15.14.2.1
- full data redaction
  - about 12.1
  - creating policy for 13.7.1.1
  - examples 13.7.1.3
  - modifying default value 13.7.2.1
  - syntax 13.7.1.2
- functions used in expressions 13.5.2
- how differs from Oracle Database Real Application Security masking 15.12
- how differs from Oracle Virtual Private Database masking 15.11
- importing data using Data Pump Export 15.14.4
- inline views order of redaction 15.3
- JSON 15.16
- managing policies 14.5.1
- named policy expressions
  - about 12.8
- nested functions order of redaction 15.3
- no data redaction
  - about 12.7, 13.12.1
  - creating policies for 13.12.1
  - example 13.12.2
  - syntax 13.12.1
- Oracle Data Pump security policy 15.14.1
- Oracle Enterprise Manager Data Masking and Subsetting Pack 15.15
- partial data redaction
  - about 12.2
  - character types, policies for 13.9.4.1
  - data-time data types 13.9.6.1
  - example using character data type 13.9.4.2
  - example using data-time data type 13.9.6.2
  - example using fixed character format 13.9.3.2
  - example using number data type 13.9.5.2
  - formats, fixed character 13.9.3.1
  - number data types 13.9.5.1
  - syntax 13.9.2
- policy expressions
  - about 13.6.1
  - creating 13.6.2
  - dropping 13.6.4
  - tutorial 13.6.5
  - updating 13.6.3
- privileges for creating policies 13.2
- queries on columns protected by Data Redaction policies 15.4
- random data redaction
  - about 13.11.1
  - creating policies for 13.11.1
  - example 13.11.2
- randomized data redaction
  - about 12.5
- regular expression data redaction
  - creating policies for 13.10.1
  - custom, creating policies for 13.10.4
  - example 13.10.3.2
  - example of custom 13.10.4.2
  - formats 13.10.3.1
  - formats, creating policies for 13.10.3
  - settings for 13.10.4.1
  - syntax 13.10.2
- regular expression redaction
  - about 12.3
- returning null values
  - about 13.8.1
  - example 13.8.3
  - syntax 13.8.2
- SYS schema objects 16.3
- SYSTEM schema objects 16.3
- use cases 11.4
- when to use 11.2
- WHERE clause redaction 15.3
Oracle Data Redaction, database links 15.5
Oracle Data RedactionEnterprise Manager Cloud Control
- deleting custom format 14.4.5
Oracle Data Redaction formats
- creating in Cloud Control 14.4.2
- deleting in Cloud Control 14.4.5
- editing in Cloud Control 14.4.3
- Enterprise Management Cloud Control, managing in 14.4.1
- Enterprise Manager Cloud Control, sensitive column types 14.3
- Enterprise Manager Cloud Control, viewing in 14.4.4
Oracle Data Redaction partial redaction
- creating policies for 13.9, 13.9.1
Oracle Data Redaction policies 13.5.3
- about 13.1
- altering 13.14.1
- building reports 13.18
- creating
  - examples 13.7.1.4
  - general syntax 13.4
  - procedure 13.3
- creating in Cloud Control 14.5.2
- deleting in Cloud Control 14.5.6
- disabling 13.16.1
- disabling in Cloud Control 14.5.5
- dropping 13.17
- editing in Cloud Control 14.5.3
- enabling 13.16.2
- Enterprise Manager Cloud Control, viewing in 14.5.4
- exempting users from 13.13
- expressions
  - by Application Express session state 13.5.6
  - by database role 13.5.4
  - by OLS label dominance 13.5.5
  - by user environment 13.5.3
- filtering users
  - about 13.5.1
  - no filtering 13.5.7
- finding information about 13.19
- Oracle Enterprise Manager Cloud Control 14.5.6
- redacting multiple columns in one policy 13.15
Oracle Data Redaction policy expressions
- Cloud Control, about 14.6.1
- creating in Cloud Control 14.6.2
- deleting in Cloud Control 14.6.5
- editing in Cloud Control 14.6.3
- viewing in Cloud Control 14.6.4
Oracle Enterprise Manager Cloud Control 14.5.3
- creating custom formats 14.4.2
- creating policy expressions 14.6.2
- deleting policy expressions 14.6.5
- disabling policies 14.5.5
- editing policy expressions 14.6.3
- Oracle Data Redaction 14.4.2, 14.4.3, 14.5.5, 14.6.1, 14.6.2, 14.6.3, 14.6.4, 14.6.5
- Oracle Data Redaction, creating policies 14.5.2
- Oracle Data Redaction, viewing details of a policy 14.5.4
- Oracle Data Redaction formats, viewing in 14.4.4
- policy expressions, about 14.6.1
- viewing policy expressions 14.6.4
Oracle Enterprise Manager Data Masking and Subsetting Pack
- Oracle Data Redaction impact 15.15
Oracle GoldenGate
- storing secrets in Oracle keystores 4.4.1
Oracle Key Vault
- migration of keystores 4.1.12
Oracle Label Security
- functions using Data Redaction expressions 13.5.2.5
Oracle-managed tablespaces 3.6.1
Oracle Real Application Clusters
- Oracle Key Vault and TDE in multitenant configuration 8.3.2
- Transparent Data Encryption 8.3.1
Oracle Recovery Manager
- Transparent Data Encryption 4.1.15
Oracle Securefiles
- Transparent Data Encryption 8.4, 8.4.1
Oracle Virtual Private Database (VPD)
- Data Redaction 15.11
orapki utility
- how compares with ADMINISTER KEY MANAGEMENT statement 7.5, 8.6.1
ORDER BY clause, Data Redaction policies 15.1
original import/export utilities 3.5.3

P

passwords
- access to for ADMINISTER KEY MANAGEMENT operations 4.1.1
- preserving in PDB move operations 6.8.1
- preserving in PDB move operations in united mode 5.8.1
PDBs
- Data Redaction policies 15.10
- finding TDE keystore status for all PDBs 5.8.5
- master encryption keys
  - exporting 6.8.7.1
  - importing 6.8.7.1
- unplugging with encrypted data 5.8.2.1
performance
- Transparent Data Encryption 7.3.1
pluggable databases
- See: PDBs
policy expressions, Oracle Data Redaction 13.6.1

R

recycle bin
- Data Redaction policies and 16.7
REDACTION_COLUMNS data dictionary view
- invalid views 16.6
rekeying
- master encryption key 4.2.6.4
- TDE master encryption key in isolated mode 6.7.8
- TDE master encryption key in united mode 5.7.8
reports
- based Data Redaction policies 13.18
returning null values
- about 12.4

S

salt
- removing 3.5.8
salt (TDE)
- adding 3.5.7
secrets
- storing Oracle Database secrets in keystore
  - about 4.3.1
  - storing in external keystore 4.3.6
  - storing in software keystore 4.3.2
SecureFiles
- Transparent Data Encryption 8.4, 8.4.1
sensitive credential data 3.6.6
software keystores
- about 2.4.4.3
- changing password in isolated mode 6.7.1.1
- changing password in united mode 5.7.1.1
- closing in isolated mode 6.7.4.1
- closing in united mode 5.7.3.1
- creating in united mode 5.5.2
- opening, about 3.3.4.1
- opening in isolated mode 6.5.3
- opening in united mode 5.5.3
- password-based using external keystore 4.1.4.1
- password-based using external keystore, sqlnet.ora 4.1.4.2
SUBSTR function
- expressions 13.5.2.2
synchronous change data capture 3.5.3
SYS_CONTEXT function
- Data Redaction policies 16.4
- SYS_SESSION_ROLES namespace used in Data Redaction 13.5.4
SYS_SESSION_ROLES SYS_CONTEXT namespace
- Data Redaction 13.5.4
SYSTEM user
- Data Redaction policies 16.3
SYS user
- Data Redaction policies 16.3

T

tablespace encryption
- about 2.4.3
- architecture 2.4.3
- creating encrypted tablespaces 3.6.4.3.2
- examples 3.6.4.3.3
- incompatibilities 10.1
- opening keystore 3.6.4.1.2
- performance, optimum 10.2
- performance overhead 7.3.1
- procedure 3.6.4.1.1
- restrictions 3.6.3
- security considerations for plaintext fragments 7.2.3
- setting tablespace key 3.6.4.2
- storage overhead 7.3.2
tablespace master encryption key
- setting 3.6.4.2
tablespaces
- about encrypting 3.6.1
- comparison between offline and online conversions 3.6.1
- Oracle managed, closed TDE keystore impact on encrypted 3.6.2
- rekeying encryption algorithm 4.2.6.5
- tablespaces
  - encrypting 4.2.6.5
tablespaces, offline decryption
- procedure 3.6.7.3
tablespaces, offline encryption
- about 3.6.7.1
- procedure 3.6.7.2
tablespaces, online encryption
- about 3.6.8.1
- decrypting 3.6.8.4
- finishing interrupted job 3.6.8.5
- procedure 3.6.8.2
- rekeying 3.6.8.3
TDE
- See: Transparent Data Encryption (TDE)
TDE column encryption
- restrictions 3.5.3
TDE master encryption key 3.3.1
- creating for later use in isolated mode 6.7.6
- creating for later use in united mode 5.7.6
TDE master encryption keys
- activating
  - about 4.2.3.1
  - example 4.2.3.3
  - procedure 4.2.3.2
- activating in isolated mode 6.7.7
- activating in united mode 5.7.7
- architecture 2.4.2
- attributes 4.2.4.1
- creating for later use
  - about 4.2.2.1
  - examples 4.2.2.3
  - procedure 4.2.2.2
- custom attribute tags
  - about 4.2.5.1
  - creating 4.2.5.2
  - creating in isolated mode 6.7.10
  - creating in united mode 5.7.10
- disabling not allowed 4.2.6.1
- exporting 4.2.7.2
- exporting in PDBs 6.8.7.1
- finding currently used encryption key in united mode 5.7.9
- finding currently used TDE master encryption key 4.2.4.2
- importing 4.2.7.7
- importing in PDBs 6.8.7.1
- keystore merge differing from import or export 4.2.7.10
- outside the databaase
  - about 4.2.1.1
- outside the database
  - create 4.2.1.2
  - creating in isolated mode 6.7.5
  - creating in united mode 5.7.4
- rekeying 4.2.6.4, 5.7.8, 6.7.8
- removing automatically from standby database 5.7.12
- resetting in keystore 4.2.6.3
- setting in keystore 4.2.6.1
Transparent Data Encryption (TDE)
- about 2.1
- about configuration 3.1
- benefits 2.2
- column encryption
  - about 2.4.2, 3.5.1
  - adding encrypting column to existing table 3.5.5.2
  - changing algorithm 3.5.9
  - changing encryption key 3.5.9
  - creating encrypted column in external table 3.5.4.7
  - creating index on encrypted column 3.5.6
  - creating tables with default encryption algorithm 3.5.4.2
  - creating tables with non-default encryption algorithm 3.5.4.3
  - data types supported 3.5.2
  - disabling encryption in existing column 3.5.5.4
  - encrypting columns in existing tables 3.5.5.1
  - encrypting existing column 3.5.5.3
  - encryption and integrity algorithms 2.4.5
  - restrictions 3.5.3
  - salt in encrypted columns 3.5.7
- columns with identity columns 3.5.3
- compatibility with application software 10.1
- compatibility with Oracle Database tools 10.1
- compression of encrypted data 7.1
- configuring external keystores
  - about 3.4.1
  - opening 3.4.3, 5.6.3
  - reconfiguring software keystore 3.4.4.3, 5.6.4.4
  - setting master encryption key 3.4.4.1, 5.6.4.1
  - sqlnet.ora configuration 3.4.2, 5.6.2
- configuring external keystores in isolated mode
  - reconfiguring software keystore 6.6.4.2
- configuring software keystores
  - about 3.3.1
  - creating auto-login keystore 3.3.3.3
  - creating password-protected keystore 3.3.3.2
  - setting software TDE master encryption key 3.3.5
- data deduplication of encrypted data 7.1
- editions 8.6
- encryption and integrity algorithms 2.4.5
- finding information about 3.7
- frequently asked questions 10
- incompatibilities 10.1
- keystore management
  - ASM-based keystore 4.1.13.1
  - backing up password-protected software keystores 4.1.5.1
  - changing external keystore password 4.1.3
  - changing protected-protected software keystore password 4.1.2.1
  - closing external keystores 4.1.14.1
  - closing software keystore 4.1.14.1
  - merging keystores, about 4.1.8.1
  - merging keystores, auto-login into password-protected 4.1.8.4
  - merging keystores, one into an existing 4.1.8.2
  - merging keystores, one into an existing in isolated mode 6.7.3.1
  - merging keystores, reversing merge operation 4.1.8.5
  - merging keystores, two into a third new keystore 4.1.8.3
  - merging keystores, two into a third new keystore in isolated mode 6.7.3.2
  - migrating password key and external keystore 4.1.11.1.2
  - migrating password key and external keystore, master encryption key creation 4.1.11.1.3
  - migrating password key and external keystore, reverse migration 4.1.11.2.1
  - TDE master encryption key attributes 4.2.4.1
- keystore pointing to ASM location 4.1.13.3
- keystores
  - about 2.4.4.1
  - benefits 2.4.4.2
  - types 2.4.4.3
- keystore search order 3.2
- master encryption key
  - rekeying 4.2.6.4
  - rekeying in united mode 5.7.8
- master encryption key attributes
  - creating custom tags 4.2.5.2
- master encryption keys
  - setting in keystore, about 4.2.6.1
  - setting in keystore procedure 4.2.6.1
- modifying applications for use with 7.4
- multidatabase environments 8.7
- multitenant environment 2.5
- non-OMF-compliant system pointing to ASM location 4.1.13.4
- Oracle Call Interface 8.5
- Oracle Data Guard 8.2.1, 8.2.2
- Oracle Data Pump
  - export and import operations on dump sets 8.1.3
  - export and import operations on encrypted columns 8.1.2
  - export operations on database links 8.1.4
- Oracle Data Pump export and import operations
  - about 8.1.1
- Oracle Real Application Clusters
  - about 8.3.1
  - Oracle Key Vault in multitenant configuration 8.3.2
- Oracle Recovery Manager 4.1.15
  - keystores 4.1.15
- PDBs
  - finding keystore status for all PDBs 5.8.5
- performance
  - database workloads 10.2
  - decrypting entire data set 10.2
  - optimum 10.2
  - worst case scenario 10.2
- performance overheads
  - about 7.3.1
  - typical 10.2
- privileges required 2.3
- SecureFiles 8.4, 8.4.1
- security considerations
  - column encryption 7.2.2
  - general advice 7.2.1
  - platintext fragments 7.2.3
- standalone database pointing to ASM location 4.1.13.2
- storage overhead 7.3.2
- storing Oracle GoldenGate secrets 4.4.1
- tablespace encryption
  - about 2.4.3, 3.6
  - creating 3.6.4.3.1
  - encryption and integrity algorithms 2.4.5
  - examples 3.6.4.3.3
  - opening keystore 3.6.4.1.2
  - restrictions 3.6.3
  - setting master encryption key 3.6.4.2
- tablespace encryption, setting with COMPATIBLE parameter 3.6.4.1.1
- TDE master encryption key
  - rekeying in isolated mode 6.7.8
- TDE master encryption key attributes
  - about 4.2.5.1
  - creating custom tags in isolated mode 6.7.10
  - creating custom tags in united mode 5.7.10
- TDE master encryption keys
  - exporting and importing 4.2.7.1
- TDE Master Encryption Keys
  - resetting in keystore 4.2.6.3
- views 3.7
Transparent Data Encryption (TDE)integrity
- column encryption
  - creating tables without integrity checks (NOMAC) 3.5.4.4
  - improving performance 3.5.4.4
- NOMAC parameter (TDE) 3.5.4.4
Transparent Data Encryption (TDE) keystores
- deleting 4.1.16
- features affected if deleted 4.1.17
- moving software keystore to a new location 4.1.9
transportable tablespaces 3.5.3
tutorials
- named Data Redaction policy expressions 13.6.5

U

united mode 5.2, 5.3
- about 5.1
- about managing cloned PDBs with encrypted data 5.8.3.1
- ADMINISTER KEY MANAGEMENT operations allowed in 5.2
- ADMINISTER KEY MANAGEMENT operations not allowed in 5.3
- backing up software keystores 5.7.2
- cloning PDB with encrypted data 5.8.3.2
- configuring, procedure 5.4.2
- configuring, procedure using parameters 5.4.1
- configuring external keystores, about 5.6.1
- configuring software keystores, about 5.5.1
- creating software keystore 6.5.2
- creating TDE master encryption key for later use 5.7.6
- encrypting data 5.5.5, 5.6.5
- encryption key, setting 5.5.4
- external keystores, closing 5.7.3.2
- external keystores, opening 5.6.3.2
- finding keystore status for all PDBs 5.8.5
- heartbeat batch size for external keystores 5.6.4.2
- isolating PDB keystore 5.7.13
- keystore open and close operations 5.8.4
- master encryption keys
  - moving key from CDB root to PDB 5.7.13
- moving TDE master encryption key into new keystore 5.7.11
- password change for external keystores 5.7.1.2
- password change for software keystores 5.7.1.1
- remotely cloning PDBs with encrypted data 5.8.3.4, 6.8.5
- remotely cloning PDB with encrypted data 5.8.3.3, 6.8.4
- setting external keystore encryption key 5.6.4.3
- software keystores, closing 5.7.3.1
- software keystores, creating in 5.5.2
- software keystores, opening 5.5.3
utilities, import/export 3.5.3

V

V$ENCRYPTION_WALLET view
- keystore order after migration 4.1.11.3
views
- Data Redaction 13.19
V public function (APEX_UTIL.GET_SESSION_STATE function), Data Redaction policies 13.5.6

X

XML generation 15.8