Book Image

Oracle Autonomous Database in Enterprise Architecture

By : Bal Mukund Sharma, Krishnakumar KM, Rashmi Panda
Book Image

Oracle Autonomous Database in Enterprise Architecture

By: Bal Mukund Sharma, Krishnakumar KM, Rashmi Panda

Overview of this book

Oracle Autonomous Database (ADB) is built on the world’s fastest Oracle Database Platform, Exadata, and is delivered on Oracle Cloud Infrastructure (OCI), customer data center (ExaCC), and Oracle Dedicated Region Cloud. This book is a fast-paced, hands-on introduction to the most important aspects of OCI Autonomous Databases. You'll get to grips with concepts needed for designing disaster recovery using standby database deployment for Autonomous Databases. As you progress, you'll understand how you can take advantage of automatic backup and restore. The concluding chapters will cover topics such as the security aspects of databases to help you learn about managing Autonomous Databases, along with exploring the features of Autonomous Database security such as Data Safe and customer-managed keys for Vaults. By the end of this Oracle book, you’ll be able to build and deploy an Autonomous Database in OCI, migrate databases to ADB, comfortably set up additional high-availability features such as Autonomous Data Guard, and understand end-to-end operations with ADBs.
Table of Contents (13 chapters)
1
Part 1 – Understanding Autonomous Database in OCI
4
Part 2 – Migration and High Availability with Autonomous Database
9
Part 3 – Security and Compliance with Autonomous Database

Data encryption

An autonomous database encrypts data by default at rest and in transit. It can’t be turned off. There are two ways to perform data encryption. These are encryption of data at rest and encryption of data in transit. Let’s discuss these.

Encryption of data at rest

All tablespaces are encrypted using TDE (Transparent Data Encryption). TLS (Transport Layer Security) 1.2 protocol has been applied. Encryption protects the processing, transmission, and storage of data. Each database and its backup have different encryption keys. Database cloning creates a new set of keys.

An autonomous database manages the keys by default and stores them in the Public Key Cryptography Standards (PKCS) 12-key store, but it also has provision to use customer-managed keys created using the OCI Vault service. The customer-managed keys can be rotated regularly to meet the best security standards.

To configure custom-managed keys for Autonomous Database, log in to the OCI...