Bookshelf Home | Contents | Index | PDF     

Installation Guide for Oracle Billing Insight > Configuring the Oracle Database >

Process of Implementing TDE Tablespace Encryption

By default, TDE Tablespace Encryption is disabled in Oracle Billing Insight. To enable TDE Tablespace Encryption, you must specify the encryption properties in BillingInsight.properties file when setting the configuration values for use by Ant script that creates the Oracle Billing Insight database.

When you enable TDE Tablespace Encryption, the Oracle Billing Insight database installation script encrypts the following OLTP tablespaces by default:

  • EDX_DATA
  • EDX_FS_DATA
  • EDX_PWC_DATA
  • EDX_APP_DATA

You can optionally identify any additional tablespaces you want to encrypt in two SQL files. No OLAP tablespaces are encrypted by default.

This process is a step in Roadmap for Configuring the Oracle Billing Insight Database.

To set up TDE Tablespace Encryption, perform the following tasks:

  1. Follow the steps in Specifying the Oracle Wallet Location.
  2. For other tablespaces you want to encrypt, in the setuptablespaces.sql file for the OLTP and OLAP schemas, change the encrypted field value from FALSE to TRUE in the corresponding insert statements. The setuptablespaces.sql files are located in the following directories:
    • OLTP Database:
      • UNIX. EDX_HOME/db/oracle/oltp/setuptablespaces.sql
      • Windows. EDX_HOME\db\oracle\oltp\setuptablespaces.sql
    • OLAP Database:
      • UNIX. EDX_HOME/db/oracle/olap/setuptablespaces.sql
      • Windows. EDX_HOME%\db\oracle\olap\setuptablespaces.sql

        In the following example of an insert statement, EDX_REPORT_IDX is the tablespace name. In the last two field values, FALSE and 3DES168, FALSE means this tablespace will not be encrypted by default, and 3DES168 is the encryption algorithm used for the Tablespace Encryption. Change the encrypted field value from FALSE to TRUE to enable encryption for this tablespace.

    :insert into "ebill_tablespace" (name, location, tablespace_size, auto_extend, auto_allocate, uniform_size, encrypted, encrypt_algorithm)

    value ('EDX_REPORT_IDX', '$L_DB_EDX_INDX_TB_FILE_LOC/edx_report_idx_01.dbf', '28M', 'TRUE', 'FALSE', '1m', 'FALSE', '3DES168');

  3. Follow the steps in Creating the Oracle Billing Insight Database Using Ant to create the Oracle Billing Insight database. You must set the encryption properties as follows when configuring the BillingInsight.properties file in those steps.
    Encryption Property
    Description

    ENCRYPTION_WALLET_LOCN

    Specify the location of the Oracle Wallet folder. Use the same location that you set in the sqlnet.ora file.

    WALLET_AUTO_OPEN

    Specify whether the Oracle wallet opens automatically when the database instance is restarted, or whether you must open it manually. Valid values are Y or N. It is recommended to set the value to Y.

    TDE_ENCRYPT_OLAPCOLUMN

    Set the value to N to suppress column-level encryption in the OLAP schema.

    TDE_ENCRYPT_OLAPTSPACE

    Set the value to TRUE to set the Master Encryption Key and encrypt tablespaces in the OLAP schema.

    TDE_ENCRYPT_OLTPCOLUMN

    Set the value to N to suppress column-level encryption in the OLTP schema.

    TDE_ENCRYPT_OLTPTSPACE

    Set the value to TRUE to encrypt tablespaces in the OLTP schema.
  4. The Ant script prompts you to create an Oracle Wallet password when it is ready to create the Master Encryption Key. Specify a password for the Oracle Wallet, then enter it again.

    The installation script sets the Master Encryption Key for TDE tablespace encryption and creates the encrypted tablespaces as you specified.

    
Installation Guide for Oracle Billing Insight Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Legal Notices.