真实的国产乱ⅩXXX66竹夫人,五月香六月婷婷激情综合,亚洲日本VA一区二区三区,亚洲精品一区二区三区麻豆

成都創(chuàng)新互聯(lián)網(wǎng)站制作重慶分公司

EncryptedWallet加密方面的理解是怎樣的

Encrypted Wallet加密方面的理解是怎樣的,針對這個(gè)問題,這篇文章詳細(xì)介紹了相對應(yīng)的分析和解答,希望可以幫助更多想解決這個(gè)問題的小伙伴找到更簡單易行的方法。

在網(wǎng)站制作、成都網(wǎng)站制作中從網(wǎng)站色彩、結(jié)構(gòu)布局、欄目設(shè)置、關(guān)鍵詞群組等細(xì)微處著手,突出企業(yè)的產(chǎn)品/服務(wù)/品牌,幫助企業(yè)鎖定精準(zhǔn)用戶,提高在線咨詢和轉(zhuǎn)化,使成都網(wǎng)站營銷成為有效果、有回報(bào)的無錫營銷推廣。成都創(chuàng)新互聯(lián)公司專業(yè)成都網(wǎng)站建設(shè)10年了,客戶滿意度97.8%,歡迎成都創(chuàng)新互聯(lián)客戶聯(lián)系。

You cannot decrypt a tablespace that has been created encrypted. You must create an unencrypted tablespace and re-create the database objects in the unencrypted tablespace.
您無法解密已創(chuàng)建加密的表空間。 您必須創(chuàng)建未加密的表空間,并在未加密的表空間中重新創(chuàng)建數(shù)據(jù)庫對象。

個(gè)人理解:加密分兩種,分別為auto login wallet、encrypted wallet

服務(wù)器重啟后,只有auto login wallet會(huì)自動(dòng)打開,所以如果沒有設(shè)置auto login wallet,我們必須執(zhí)行ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "password"打開encrypted wallet(加密錢包);當(dāng)然也可以執(zhí)行ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "password"打開encrypted wallet(加密錢包),雖然后面這個(gè)命令主要是用來重置密碼的。

設(shè)置auto login wallet
暫時(shí)不會(huì),沒找在官方文檔的哪個(gè)地方

設(shè)置encrypted wallet
1、編輯文件sqlnet.ora,添加
ENCRYPTION_WALLET_LOCATION=
  (SOURCE=(METHOD=FILE)(METHOD_DATA=
   (DIRECTORY=/app/wallet)))

WALLET_LOCATION=
  (SOURCE=(METHOD=FILE)(METHOD_DATA=
   (DIRECTORY=/app/wallet)))
備注:
METHOD=HSM,其中HSM表示使用Hardware Security Modules來加密
METHOD=FILE,其中FILE表示生成一個(gè)加密文件來加密
2、ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "password";


創(chuàng)建加密的表空間
CREATE TABLESPACE encrypt_ts
  DATAFILE '/ORACLE_HOME/dbs/encrypt_df.dbf' SIZE 1M
  ENCRYPTION
  DEFAULT STORAGE (ENCRYPT);

ENCRYPTION Clause:Use this clause to specify the encryption properties of the tablespace. This clause does not actually encrypt the tablespace. You must also specify the ENCRYPT keyword as part of the DEFAULT storage_clause in this statement in order for the tablespace to be encrypted. In addition, you must already have used ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY ... to load the TDE master key into database memory for the duration of the instance, or establish a connection to the HSM to send the encrypted table and tablespace keys to the HSM and receive them back decrypted
使用此子句指定表空間的加密屬性。 此子句實(shí)際上不加密表空間。 您還必須在此語句中將ENCRYPT關(guān)鍵字指定為DEFAULT storage_clause的一部分,以便表空間被加密。 此外,您必須已經(jīng)使用ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY ...在實(shí)例的持續(xù)時(shí)間內(nèi)將TDE主密鑰加載到數(shù)據(jù)庫內(nèi)存中,或建立與HSM的連接以發(fā)送加密的表和表空間密鑰到HSM并且接收它們被解密



打開auto login wallet
數(shù)據(jù)庫重啟后會(huì)自動(dòng)打開,命令方式待查官方文檔

打開encrypted wallet
1、ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "password";
啥時(shí)都可以執(zhí)行
2、ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "password"
以下兩種情況下不能執(zhí)行。
2.1、auto login wallet已經(jīng)打開
2.2、encrypted wallet已經(jīng)打開,比如已經(jīng)執(zhí)行了ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "password";

只關(guān)閉auto login wallet
SQL> ALTER SYSTEM SET ENCRYPTION WALLET CLOSE

關(guān)閉encrypted wallet
同時(shí)關(guān)閉auto login wallet和encrypted wallet
SQL> ALTER SYSTEM SET ENCRYPTION WALLET CLOSE IDENTIFIED BY  "password";



auto login wallet的官方摘要
Transparent Data Encryption(TDE) uses an auto login wallet only if it is available at the correct location (ENCRYPTION_WALLET_LOCATION, WALLET_LOCATION, or default wallet location), and the SQL command to open an encrypted wallet has not already been executed. If an auto login wallet is being used, you must not use the ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "password" command.
透明數(shù)據(jù)加密(TDE)只有在正確位置(ENCRYPTION_WALLET_LOCATION,WALLET_LOCATION或默認(rèn)錢包位置)可用時(shí)才使用自動(dòng)登錄錢包,并且尚未執(zhí)行打開加密錢包的SQL命令。 如果正在使用自動(dòng)登錄錢包,則不能執(zhí)行命令A(yù)LTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "password"。

A password is not required to close an auto-open wallet when only an auto-open wallet is present. The password is required to close an auto-open wallet when both an auto-open wallet and an encryption wallet are open. In this case, using CLOSE with a password will close the auto-open wallet and the encryption wallet.
當(dāng)只有auto-open的錢包存在時(shí),不需要使用密碼去關(guān)閉auto-open的錢包。 當(dāng)auto-open的錢包和加密錢包都打開時(shí),需要密碼關(guān)閉auto-open的錢包。 在這種情況下,使用CLOSE結(jié)合密碼將關(guān)閉auto-open的錢包和加密錢包。

The external security module can use wallets with the automatic login feature enabled. These wallets remain open all of the time. The security administrator does not have to reopen the wallet after a database instance has been restarted. If your environment does not require the extra security provided by a wallet that must be explicitly opened for use, then you may use an auto login wallet.
外部安全模塊可以使用啟用自動(dòng)登錄功能的錢包。 這些錢包一直保持開放。 數(shù)據(jù)庫實(shí)例重新啟動(dòng)后,安全管理員無需重新打開錢包。 如果您的環(huán)境不需要必須明確打開使用的錢包提供的額外安全性,那么您可以使用自動(dòng)登錄錢包。

Auto login wallets are opened automatically and do not need to be opened explicitly.
No password is required to close an auto login wallet.
In case an auto login wallet needs to be closed, it can be closed with the following command:
SQL> ALTER SYSTEM SET ENCRYPTION WALLET CLOSE
自動(dòng)登錄錢包自動(dòng)打開,不需要明確打開。
關(guān)閉自動(dòng)登錄錢包不需要密碼。
如果需要關(guān)閉自動(dòng)登錄錢包,可以使用以下命令關(guān)閉自動(dòng)登錄錢包:
SQL> ALTER SYSTEM SET ENCRYPTION WALLET CLOSE



encrypted wallet的官方摘要
SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "Easy2rem";
The preceding command achieves the following:
If no encrypted wallet is present in the directory specified, an encrypted wallet is created (ewallet.p12), the wallet is opened, and the master encryption key for TDE is created/re-created.
If an encrypted wallet is present in the directory specified, the wallet is opened, and the master encryption key for TDE is created/re-created.
上述命令可以實(shí)現(xiàn)以下命令:
如果指定的目錄中沒有加密的錢包,則會(huì)創(chuàng)建加密的錢包(ewallet.p12),打開錢包,并創(chuàng)建/重新創(chuàng)建TDE的主加密密鑰。
如果指定的目錄中存在加密的錢包,則打開錢包,并創(chuàng)建/重新創(chuàng)建TDE的主加密密鑰。

When you create the master encryption key using the ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "password" command, TDE checks to see if a wallet exists in the default or specified location. If no wallet exists, then a wallet is created automatically.
當(dāng)您使用ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY“password”命令創(chuàng)建主加密密鑰時(shí),TDE會(huì)檢查是否存在缺省或指定位置的錢包。 如果沒有錢包存在,則自動(dòng)創(chuàng)建錢包。

Use the following command to open the wallet containing the master encryption key:
SQL> ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "Easy2rem";
Every time the database is shut down, the Oracle wallet is closed. You can also explicitly close the wallet.
You need to make sure that the Oracle wallet is open before you can perform any encryption or decryption operation. 
每次關(guān)閉數(shù)據(jù)庫時(shí),Oracle錢包都將關(guān)閉。 您還可以明確地關(guān)閉錢包。
在執(zhí)行任何加密或解密操作之前,您需要確保Oracle錢包打開。




實(shí)驗(yàn)下來的現(xiàn)象(從上至下順序出現(xiàn)的結(jié)果)

編輯文件sqlnet.ora 
ENCRYPTION_WALLET_LOCATION=
  (SOURCE=(METHOD=FILE)(METHOD_DATA=
   (DIRECTORY=/app/wallet)))

WALLET_LOCATION=
  (SOURCE=(METHOD=FILE)(METHOD_DATA=
   (DIRECTORY=/app/wallet)))

SQL> ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "oracle123";
ORA-28367: wallet does not exist

SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "oracle123";
System altered

SQL> ALTER SYSTEM SET ENCRYPTION WALLET close;
ORA-28390: auto login wallet not open but encryption wallet may be open

SQL> ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "oracle123";
ORA-28354: Encryption wallet, auto login wallet, or HSM is already open

SQL> ALTER SYSTEM SET ENCRYPTION WALLET CLOSE IDENTIFIED BY  "oracle123";
System altered

SQL> ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "oracle123";
System altered

SQL> startup force
ORACLE instance started.
Total System Global Area 2471931904 bytes
Fixed Size                  2255752 bytes
Variable Size             637535352 bytes
Database Buffers         1811939328 bytes
Redo Buffers               20201472 bytes
Database mounted.
ORA-28365: wallet is not open

SQL> ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "oracle123";
System altered.

SQL> alter database open;
Database altered.

關(guān)于Encrypted Wallet加密方面的理解是怎樣的問題的解答就分享到這里了,希望以上內(nèi)容可以對大家有一定的幫助,如果你還有很多疑惑沒有解開,可以關(guān)注創(chuàng)新互聯(lián)行業(yè)資訊頻道了解更多相關(guān)知識(shí)。


網(wǎng)頁題目:EncryptedWallet加密方面的理解是怎樣的
轉(zhuǎn)載來源:http://weahome.cn/article/ppcesc.html

其他資訊

在線咨詢

微信咨詢

電話咨詢

028-86922220(工作日)

18980820575(7×24)

提交需求

返回頂部