14 Encryption of Sensitive Credential Data in the Data Dictionary
You can encrypt sensitive credential information, such as passwords that are stored in the data dictionary.
- About Encrypting Sensitive Credential Data in the Data Dictionary
The data dictionarySYS.LINK$
andSYS.SCHEDULER$_CREDENTIAL
system tables store sensitive credential data, such as user passwords. - How the Multitenant Option Affects the Encryption of Sensitive Data
In a multitenant environment, you can encrypt sensitive data dictionary information from the application root, as well as within individual pluggable databases (PDBs). - Encrypting Sensitive Credential Data in System Tables
TheALTER DATABASE DICTIONARY
statement can encrypt sensitive credential data in theSYS.LINK$
andSYS.SCHEDULER$_CREDENTIAL
system tables. - Rekeying Sensitive Credential Data in the SYS.LINK$ System Table
You can use theALTER DATABASE DICTIONARY
statement to rekey sensitive credential data in the data dictionarySYS.LINK$
andSYS.SCHEDULER$_CREDENTIAL
system tables. - Deleting Sensitive Credential Data in System Tables
TheALTER DATABASE DICTIONARY
statement can invalidate existing credentials inSYS.LINK$
andSYS.SCHEDULER$_CREDENTIAL
and obfuscate future credential entries to those tables. - Restoring the Functioning of Database Links After a Lost Keystore
Database links can be adversely affected if the TDE keystore and its master encryption key is inadvertently lost. - Data Dictionary Views for Encrypted Data Dictionary Credentials
Oracle Database provides a set of data dictionary views that provide information about the encryption of sensitive credential data in the data dictionary.
Parent topic: Controlling Access to Data
About Encrypting Sensitive Credential Data in the Data Dictionary
The data dictionary SYS.LINK$
and SYS.SCHEDULER$_CREDENTIAL
system tables store sensitive credential data, such as user passwords.
The SYS.LINK$
table stores information about database links. SYS.SCHEDULER$_CREDENTIAL
stores information about Oracle Scheduler events. By default, the sensitive credential data stored in these tables is obfuscated.
You can manually encrypt the data that is stored in the SYS.LINK$
and SYS.SCHEDULER$_CREDENTIAL
tables by using the ALTER DATABASE DICTIONARY
statement. Though this feature makes use of Transparent Data Encryption (TDE), you do not need to have an Advanced Security Option license to perform the encryption, but you must have the SYSKM
administrative privilege. TDE performs the encryption by using the AES256 (Advanced Encryption Standard) algorithm. The encryption follows the same behavior as other data that is encrypted using TDE.
As a best security practice, Oracle recommends that you encrypt this sensitive credential data. To check the status the data dictionary credentials, you can query the DICTIONARY_CREDENTIALS_ENCRYPT
data dictionary view.
How the Multitenant Option Affects the Encryption of Sensitive Data
In a multitenant environment, you can encrypt sensitive data dictionary information from the application root, as well as within individual pluggable databases (PDBs).
When you encrypt, rekey, or decrypt sensitive credential data in the SYS.LINK$
and SYS.SCHEDULER$_CREDENTIAL
system tables, you must synchronize the affected PDBs after you complete the process. The instructions for doing so are in the procedures that cover these topics.
Encrypting Sensitive Credential Data in System Tables
The ALTER DATABASE DICTIONARY
statement can encrypt sensitive credential data in the SYS.LINK$
and SYS.SCHEDULER$_CREDENTIAL
system tables.
ALTER DATABASE DICTIONARY
statement with the ENCRYPT CREDENTIALS
clause to encrypt SYS.LINK$
and SYS.SCHEDULER$_CREDENTIAL
. The credential data encryption process de-obfuscates the obfuscated passwords and then encrypts them. The encryption applies to any future password changes that users may make after you complete this process.
Rekeying Sensitive Credential Data in the SYS.LINK$ System Table
You can use the ALTER DATABASE DICTIONARY
statement to rekey sensitive credential data in the data dictionary SYS.LINK$
and SYS.SCHEDULER$_CREDENTIAL
system tables.
ALTER DATABASE DICTIONARY
statement with the REKEY CREDENTIALS
clause. The rekey operation, which uses column encryption, does not affect other TDE master encryption keys.
Deleting Sensitive Credential Data in System Tables
The ALTER DATABASE DICTIONARY
statement can invalidate existing credentials in SYS.LINK$
and SYS.SCHEDULER$_CREDENTIAL
and obfuscate future credential entries to those tables.
ALTER DATABASE DICTIONARY
statement with the DELETE CREDENTIALS
clause. This statement is mainly used in cases where you must recover the database link from the loss of a Transparent Data Encryption (TDE) keystore.
Restoring the Functioning of Database Links After a Lost Keystore
Database links can be adversely affected if the TDE keystore and its master encryption key is inadvertently lost.
Data Dictionary Views for Encrypted Data Dictionary Credentials
Oracle Database provides a set of data dictionary views that provide information about the encryption of sensitive credential data in the data dictionary.
Table 14-1 lists the data dictionary views. For detailed information about these views, see Oracle Database Reference.
Table 14-1 Data Dictionary Views for Encrypted Data Dictionary Credentials
View | Description |
---|---|
|
Describes database links that are accessible to the current user. A value of |
|
Describes describes all database links in the database. A value of |
|
Describes the status of dictionary credentials. The |
|
Describes the database links hat are owned by the current user. A value of |