Difference between revisions of "Oracle Secure Files"
Jump to navigation
Jump to search
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== What is SecureFiles? == | == What is SecureFiles? == | ||
| − | * Current solutions before 11g to store unstructured or semi-structured data | + | * Current solutions before 11g to store unstructured or semi-structured data: |
** LOB – part of database but there is a limitation in sizing, low concurrency of DMLs | ** LOB – part of database but there is a limitation in sizing, low concurrency of DMLs | ||
** OS Files – ease of access, compressed format, but not part of db backup nor security | ** OS Files – ease of access, compressed format, but not part of db backup nor security | ||
| − | * The '''SecureFiles''' in 11g gives the best features of database-resident | + | |
| − | * Note that traditional LOBs are still available in the form of BasicFiles. | + | * The '''SecureFiles''' in 11g gives the best features of database-resident LOB and OS files. |
| + | |||
| + | * Note that traditional LOBs are still available in the form of '''BasicFiles'''. | ||
== Benefits of the SecureFiles == | == Benefits of the SecureFiles == | ||
| − | + | * Variable chunk size | |
| − | + | * De-duplication | |
| − | ** Oracle stores only reference if identical copy of LOB data is already in database. Oracle uses a secure hash index to detect duplication. | + | ** Oracle stores only reference if identical copy of LOB data is already in database. Oracle uses a secure hash index to detect duplication. Main benefit is dramatic reduction in storage usage. |
| − | + | <pre> | |
alter table contracts_sec modify lob(orig_file)(DEDUPLICATE LOB); | alter table contracts_sec modify lob(orig_file)(DEDUPLICATE LOB); | ||
| − | + | </pre> | |
| − | |||
* Compression | * Compression | ||
** Oracle stores only reference if identical copy of LOB data is already in database. | ** Oracle stores only reference if identical copy of LOB data is already in database. | ||
| − | |||
| − | |||
| − | |||
** Uncompress only the required set of data blocks for random read and write access | ** Uncompress only the required set of data blocks for random read and write access | ||
** Default compression is MEDIUM. | ** Default compression is MEDIUM. | ||
** Advanced Compression Option License is required | ** Advanced Compression Option License is required | ||
| + | |||
| + | <pre> | ||
| + | alter table contracts_sec modify lob(orig_file)(COMPRESS HIGH); | ||
| + | </pre> | ||
* Encryption | * Encryption | ||
| − | * Supports the industry-standard encryption algorithms: 3DES168, AES128, AES192 (default), and AES256. | + | ** Supports the industry-standard encryption algorithms: 3DES168, AES128, AES192 (default), and AES256. |
| + | ** Advanced Security Option License is required. | ||
<pre> | <pre> | ||
alter table contracts_sec modify lob(orig_file)(ENCRYPT USING 'AES128'); | alter table contracts_sec modify lob(orig_file)(ENCRYPT USING 'AES128'); | ||
</pre> | </pre> | ||
| − | |||
== Enabling Oracle SecureFiles == | == Enabling Oracle SecureFiles == | ||
* Tablespace used must be Automatic Segment Space Management (ASSM) enabled – default setting in 11g. | * Tablespace used must be Automatic Segment Space Management (ASSM) enabled – default setting in 11g. | ||
| + | |||
* Using the DB_SECUREFILE init parameter which can have the following values | * Using the DB_SECUREFILE init parameter which can have the following values | ||
** ALWAYS – Attempts to create all LOBs as SecureFile, but as BasicFile only on non-ASSM enabled tablespace | ** ALWAYS – Attempts to create all LOBs as SecureFile, but as BasicFile only on non-ASSM enabled tablespace | ||
| Line 42: | Line 45: | ||
** NEVER – Disallows SecureFile from being created going forward | ** NEVER – Disallows SecureFile from being created going forward | ||
** IGNORE – Disallows SecureFile and ignore any errors | ** IGNORE – Disallows SecureFile and ignore any errors | ||
| − | |||
[[Category:Database_Features]] | [[Category:Database_Features]] | ||
| + | [[Category:Oracle_11g]] | ||
Latest revision as of 19:44, 14 March 2011
What is SecureFiles?
- Current solutions before 11g to store unstructured or semi-structured data:
- LOB – part of database but there is a limitation in sizing, low concurrency of DMLs
- OS Files – ease of access, compressed format, but not part of db backup nor security
- The SecureFiles in 11g gives the best features of database-resident LOB and OS files.
- Note that traditional LOBs are still available in the form of BasicFiles.
Benefits of the SecureFiles
- Variable chunk size
- De-duplication
- Oracle stores only reference if identical copy of LOB data is already in database. Oracle uses a secure hash index to detect duplication. Main benefit is dramatic reduction in storage usage.
alter table contracts_sec modify lob(orig_file)(DEDUPLICATE LOB);
- Compression
- Oracle stores only reference if identical copy of LOB data is already in database.
- Uncompress only the required set of data blocks for random read and write access
- Default compression is MEDIUM.
- Advanced Compression Option License is required
alter table contracts_sec modify lob(orig_file)(COMPRESS HIGH);
- Encryption
- Supports the industry-standard encryption algorithms: 3DES168, AES128, AES192 (default), and AES256.
- Advanced Security Option License is required.
alter table contracts_sec modify lob(orig_file)(ENCRYPT USING 'AES128');
Enabling Oracle SecureFiles
- Tablespace used must be Automatic Segment Space Management (ASSM) enabled – default setting in 11g.
- Using the DB_SECUREFILE init parameter which can have the following values
- ALWAYS – Attempts to create all LOBs as SecureFile, but as BasicFile only on non-ASSM enabled tablespace
- FORCE – Forces all LOBs created going forward to be SecureFile LOBs
- PERMITTED – Allows SecureFile to be created (default)
- NEVER – Disallows SecureFile from being created going forward
- IGNORE – Disallows SecureFile and ignore any errors
