说明:本篇参考eygle老师的作品《Oracle DBA手记4:数据安全警示录》,特此表示感谢。
数据安全,特别是企业核心业务数据的安全问题,是当今全社会共同关注的问题。从前几天轰轰烈烈的携程服务终止,风闻数据库被删除事件,到去年多次发生的互联网公司用户账号密码外泄风波,都不断挑战业界紧绷的神经。在当今社会,数据就是财富已经不是乌托邦,而是彻彻底底的现实。出现过信息泄露安全事故的企业,在商誉和品牌上的损失都是难以评估的。
从信息系统的角度看,备份是我们DBA的命脉,也是我们的“后手”。只要有备份,只要数据不丢,都有回旋的余地和空间。针对备份的安全,也是各种信息化安全标准均重要强调之处。
备份的安全,主要体现在两个层面上:备份有效性和备份不被非法使用。备份有效性是运维人员的噩梦,关键场合却发现备份不可用或者有坏块,是足以让运维人员吐血的场景。备份不被非法使用,是保证备份集合数据不会被非法的还原到其他环境中去。
作为Oracle官方推荐的备份恢复工具,RMAN提供了三种安全加密策略来确保备份不被非法使用。本篇主要来介绍这三种基本策略。
1、环境介绍
笔者选择Oracle 11g进行测试,版本编号为11.2.0.4。
SQL> select * from v$version;
BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
PL/SQL Release 11.2.0.4.0 - Production
CORE 11.2.0.4.0 Production
TNS for Linux: Version 11.2.0.4.0 - Production
NLSRTL Version 11.2.0.4.0 - Production
为了使用rman进行热备份,开启归档模式。
SQL> select log_mode from v$database;
LOG_MODE
------------
ARCHIVELOG
RMAN备份安全的三种策略分别为:密码口令安全、Oracle Wallet安全和混合加密安全。
下面分别介绍三种策略:
2、密码口令安全
密码口令安全如其名称,就是在加密解密过程中都需要交互式的密码输入。配置密码口令就在RMAN本身的配置中即可。
RMAN> show encryption for database ;
RMAN configuration parameters for database with db_unique_name SICSSTB are:
CONFIGURE ENCRYPTION FOR DATABASE OFF; # default
RMAN> show encryption algorithm;
RMAN configuration parameters for database with db_unique_name SICSSTB are:
CONFIGURE ENCRYPTION ALGORITHM 'AES128'; # default
默认RMAN是不启用加密机制的。加密问题一定跟随着加密算法,默认加密算法为AES128。查看视图v$RMAN_ENCRYPTION_ALGORITHMS,可以看到当前可以使用的加密算法。
SQL> select * from v$rman_encryption_algorithms;
ALGORITHM_ID ALGORITHM_NAME ALGORITHM_DESCRIPTION IS_DEFAULT RESTORE_ONLY
------------ --------------- ------------------------- ---------- ------------
1 AES128 AES 128-bit key YES NO
2 AES192 AES 192-bit key NO NO
3 AES256 AES 256-bit key NO NO
使用口令加密,首先使用set encryption命令设置上口令。
RMAN> set encryption on identified by 'test' only;
executing command: SET encryption
RMAN> show encryption for database;
RMAN configuration parameters for database with db_unique_name SICSSTB are:
CONFIGURE ENCRYPTION FOR DATABASE OFF; # default
注意后面的only标记,一定要加入进来。
下面可以进行备份:
RMAN> backup database plus archivelog;
Starting backup at 08-JUN-15
current log archived
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID=137 device type=DISK
channel ORA_DISK_1: starting archived log backup set
channel ORA_DISK_1: specifying archived log(s) in backup set
(篇幅原因,有省略……)
Starting Control File and SPFILE Autobackup at 08-JUN-15
piece handle=+RECO/sicsstb/autobackup/2015_06_08/s_881833159.266.881833159 comment=NONE
Finished Control File and SPFILE Autobackup at 08-JUN-15
备份集合状态:
RMAN> list backup;
List of Backup Sets
===================
BS Key Size Device Type Elapsed Time Completion Time
------- ---------- ----------- ------------ ---------------
1 14.01M DISK 00:00:00 08-JUN-15
BP Key: 1 Status: AVAILABLE Compressed: NO Tag: TAG20150608T093841
(篇幅原因,有省略……)
BP Key: 4 Status: AVAILABLE Compressed: NO Tag: TAG20150608T093919
Piece Name: +RECO/sicsstb/autobackup/2015_06_08/s_881833159.266.881833159
SPFILE Included: Modification time: 08-JUN-15
SPFILE db_unique_name: SICSSTB
Control File Included: Ckp SCN: 2685935 Ckp time: 08-JUN-15
重启进入mount状态,尝试恢复。
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
RMAN> connect target /
connected to target database (not started)
RMAN> startup mount;
Oracle instance started
database mounted
Total System Global Area 2087780352 bytes
Fixed Size 2254824 bytes
Variable Size 553650200 bytes
Database Buffers 1526726656 bytes
Redo Buffers 5148672 bytes
尝试进行恢复。
RMAN> restore database ;
Starting restore at 08-JUN-15
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID=131 device type=DISK
(篇幅原因,有省略……)
channel ORA_DISK_1: reading from backup piece +RECO/sicsstb/backupset/2015_06_08/nnndf0_tag20150608t093842_0.263.881833123
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of restore command at 06/08/2015 09:46:38
ORA-19870: error while restoring backup piece +RECO/sicsstb/backupset/2015_06_08/nnndf0_tag20150608t093842_0.263.881833123
ORA-19913: unable to decrypt backup
ORA-28365: wallet is not open
备份集合被加密,不能读取。只能进行解密之后才能使用。
RMAN> set decryption identified by 'test';
executing command: SET decryption
之后再进行恢复操作。
RMAN> restore database;
Starting restore at 08-JUN-15
using channel ORA_DISK_1
channel ORA_DISK_1: starting datafile backup set restore
channel ORA_DISK_1: specifying datafile(s) to restore from backup set
channel ORA_DISK_1: restoring datafile 00001 to +DATA/sicsstb/datafile/system.256.878897771
channel ORA_DISK_1: restoring datafile 00002 to +DATA/sicsstb/datafile/sysaux.257.878897773
channel ORA_DISK_1: restoring datafile 00003 to +DATA/sicsstb/datafile/undotbs1.258.878897773
channel ORA_DISK_1: restoring datafile 00004 to +DATA/sicsstb/datafile/users.259.878897773
channel ORA_DISK_1: restoring datafile 00005 to +DATA/sicsstb/datafile/example.265.878897857
channel ORA_DISK_1: reading from backup piece +RECO/sicsstb/backupset/2015_06_08/nnndf0_tag20150608t093842_0.263.881833123
channel ORA_DISK_1: piece handle=+RECO/sicsstb/backupset/2015_06_08/nnndf0_tag20150608t093842_0.263.881833123 tag=TAG20150608T093842
channel ORA_DISK_1: restored backup piece 1
channel ORA_DISK_1: restore complete, elapsed time: 00:00:35
Finished restore at 08-JUN-15
RMAN> recover database;
Starting recover at 08-JUN-15
using channel ORA_DISK_1
starting media recovery
media recovery complete, elapsed time: 00:00:00
Finished recover at 08-JUN-15
RMAN> alter database open;
database opened
那么,最后如何关闭这个属性呢?使用set encryption即可。
RMAN> set encryption off;
executing command: SET encryption
这种策略,是比较简单的RMAN备份集合加密策略。一般正式运维场景下,是不使用这个的。
