1. Oracle Database 21c New Features
  2. Security Solutions
  3. Advanced Security
  4. Ability to Set the Default Tablespace Encryption Algorithm
 

Practice: Setting the Default Tablespace Encryption Algorithm

Overview

This practice shows how you can set the TABLESPACE_ENCRYPTION_DEFAULT_ALGORITHM dynamic parameter to define the default encryption algorithm for tablespace creation operations.

Before starting any new practice, refer to the Practices Environment recommendations.

Step 1 : Set the default tablespace encryption algorithm

  • Connect to the CDB root and display the default tablespace encryption algorithm.

    
$ sqlplus / AS SYSDBA
Connected to:

SQL> SHOW PARAMETER TABLESPACE_ENCRYPTION_DEFAULT_ALGORITHM

NAME                                       TYPE   VALUE
------------------------------------------ ------ -----------------------
tablespace_encryption_default_algorithm    string AES128
SQL>

  • Change the tablespace encryption algorithm.

    
SQL> ALTER SYSTEM SET TABLESPACE_ENCRYPTION_DEFAULT_ALGORITHM=AES192;

System altered.

SQL> EXIT
$

  • Connect to the PDB and create a new tablespace in PDBTEST

    
$ sqlplus sys@PDB21 AS SYSDBA
Enter password:
Connected.
SQL> CREATE TABLESPACE tbstest DATAFILE SIZE 2M;

Tablespace created.

SQL>

Step 2 : Verify the tablespace encryption algorithm used

  • Verify the result of the operation.

    
SQL> SELECT name, encryptionalg 
              FROM v$tablespace t, v$encrypted_tablespaces v 
              WHERE t.ts#=v.ts#;

NAME                           ENCRYPT
------------------------------ -------
USERS                          AES128
TBSTEST                        AES192

SQL> EXIT

$