Free Preparation Discussions
MENU
Oracle Exam 1Z0-1084-21 Topic 9 Question 12 Discussion
Topic #: 9
You are developing a serverless application with Oracle Functions. Your function needs to store state in a database. Your corporate security Standards mandate encryption of secret information like database passwords.
As a function developer, which approach should you follow to satisfy this security requirement?
Oracle Functions: Using Key Management To Encrypt And Decrypt Configuration Variables
Since this process involves multiple steps, I thought it would be helpful to give you an outline of the steps that we're going to take:
Create a KMS vault
Create a Master Encryption Key
Generate a Data Encryption Key(DEK)from the Master Encryption Key
Use the DEKplaintextreturn value to encrypt thesensitive value(offline)
Store the encryptedsensitive valueas a config variable in the serverless application
Store the DEKciphertextand theinitVectorused to encrypt thesensitive valueas Function config variables
Within the function, decrypt the DEKciphertextback intoplaintextusing the OCID and Cryptographic Endpoint by invoking the OCI KMS SDK
Decrypt thesensitive valueusing the decrypted DEKplaintextand theinitVector
https://docs.oracle.com/en/database/other-databases/essbase/19.3/essad/encrypt-values-using-kms.html
Currently there are no comments in this discussion, be the first to comment!