Transparent Data Encryption (TDE) provides a mechanism to encrypt the data stored in the OS data files. TDE enables the encryption of data at the storage level to prevent data tampering from outside of the database. The encryption is totally transparent for application. New commands has been introduced in oracle 12c for enabling Transparent data encryption. ADMINISTER KEY MANAGEMENT will replace the previous commands like ALTER SYSTEM SET ENCRYPTION WALLET and Wallet is known as keystore in 12c. TDE encryption can be divided into two parts according to how it affects at database object level is as below,

  • TDE Column Encryption

  • TDE Tablespace Encryption

Lets see how to configure TDE,


Create a wallet/keystore location.



Update the wallet/keystore location in sqlnet.ora.


Create keystore


Now open the keystore.


Now activate the key.


As above mentioned there is no any key in the keystore therefore create new one as below,


Creating an encrypted tablespace.


Create a table with an encrypted column.