An Oracle database is not for everyone. The preferred course to database selection would be a requirements analysis and formal responses to a request for proposal (RFP). Chances are when this is done that either Oracle Enterprise Edition will be selected, or some other database product completely. Enterprise Edition is Oracle’s only product that (normally) allows the advanced options and tools. Without analysed needs for the options, other database products will compete favorably at much less expense.

If your company has purchased an operational Oracle application, or bought a company that has developed a product perhaps programmed in PL/SQL, you may have no choice but to use an Oracle database. Some companies have Oracle for the prestige of having Oracle. The PR machine uses this stuff a lot… down to advertising “career positions” on the company web site.

Oracle Standard Edition One (SEO), Standard Edition (SE) and Enterprise Edition (EE) are “licensing options”. They are installed from the same media. Internally Oracle uses some EE components for the database; although, often, not completely. To the customer, these features are unavailable.

Oracle on Amazon RDS (Relational Database Service) is only available as an SE(SEO) instance unless your bring your own license; however, good news… there is a reason to use Oracle SE after all. The following paragraphs taken from AWS Security Best Practices, November 2013:

“In all regions, Amazon RDS supports Transparent Data Encryption and Native Network Encryption, both of which are components of the Advanced Security option for the Oracle Database 11g Enterprise Edition. Oracle Database 11g Enterprise Edition is available on Amazon RDS for Oracle under the Bring-Your-Own-License (BYOL) model. There is no additional charge to use these features.

Oracle Transparent Data Encryption encrypts data before it is written to storage and decrypts data when it is read from storage. With Oracle Transparent Data Encryption you can encrypt table spaces or specific table columns using industry standard encryption algorithms such as Advanced Encryption Standard (AES) and Data Encryption Standard (Triple DES).”

Encryption on Standard Edition is a BIG DEAL! I am reading between the lines here and elsewhere where I have researched this subject. The corporate position on your licensing belongs in your company’s legal department.

This is a reason to use Oracle on RDS, vs. MS SQL Server or MySQL even… forgetting for a moment that some other technology and methodology might be best.

The technique used by people mining Bitcoins using the GPU on a graphics card is also used by security hackers to break encryption. One claim made by a leading security company says that TrueCrypt encryption can be defeated this way in 20 seconds.

Oracle encryption is not enough; but, it is a worthwhile start to building a layer defense model for your application environment. It is a valid reason to use Oracle Standard Edition on Amazon RDS… providing you do not need Oracle “sys/system” access, or an instance in EC2.

Leave a Reply

Your email address will not be published.