Difference between revisions of "Oracle Secure Files"

What is SecureFiles?

• Current solutions before 11g to store unstructured or semi-structured data
  • LOB – part of database but there is a limitation in sizing, low concurrency of DMLs
  • OS Files – ease of access, compressed format, but not part of db backup nor security
• The SecureFiles in 11g gives the best features of database-resident LOBs and OS files.
• Note that traditional LOBs are still available in the form of BasicFiles.

Benefits of the SecureFiles

• Variable chunk size

• De-duplication
  • Oracle stores only reference if identical copy of LOB data is already in database. Oracle uses a secure hash index to detect duplication.

	alter table contracts_sec modify lob(orig_file)(DEDUPLICATE LOB);
        

• • Main benefit is dramatic reduction in storage usage.

• Compression
  • Oracle stores only reference if identical copy of LOB data is already in database.

	alter table contracts_sec modify lob(orig_file)(COMPRESS HIGH);

• • Uncompress only the required set of data blocks for random read and write access
  • Default compression is MEDIUM.
  • Advanced Compression Option License is required

• Encryption
• Supports the industry-standard encryption algorithms: 3DES168, AES128, AES192 (default), and AES256.

	alter table contracts_sec modify lob(orig_file)(ENCRYPT USING 'AES128');

• Advanced Compression Option License is required.

Enabling Oracle SecureFiles

• Tablespace used must be Automatic Segment Space Management (ASSM) enabled – default setting in 11g.
• Using the DB_SECUREFILE init parameter which can have the following values
  • ALWAYS – Attempts to create all LOBs as SecureFile, but as BasicFile only on non-ASSM enabled tablespace
  • FORCE – Forces all LOBs created going forward to be SecureFile LOBs
  • PERMITTED – Allows SecureFile to be created (default)
  • NEVER – Disallows SecureFile from being created going forward
  • IGNORE – Disallows SecureFile and ignore any errors