[cryptography] Questions about crypto in Oracle TDE

Florian Weimer fw at deneb.enyo.de
Sun Nov 11 07:34:11 EST 2012


* Kevin W. Wall:

> Oracle TDE is being looked at as oneoption because it is thought to be
> more or less transparent to application itself and its JDBC code.

If it's transparent, it's unlikely to help against relevant attacks,
such as dumping the database over JDBC after the application server
has been compromised.  Non-cryptographic approaches, such
database-level access controls, seem better suited for this task
(assuming that the database has been set up in a suitable fashion and
is itself robust enough to withstand attacks over the client
interface).



More information about the cryptography mailing list