Oracle glossary
The following terms are used throughout the Oracle connector documentation and are summarized here for clarity.
Note: The first occurrence of these terms may be on other documentation pages.
Term | Definition |
PDB | Oracle pluggable database that is a portable collection of schemas, schema objects, and non schema objects that appears to an Oracle Net client as a traditional Oracle database. |
CDB | An Oracle Database installation that contains at least one PDB. A PDB appears to an Oracle Net client as a traditional Oracle database. |
vPDB | Oracle virtual pluggable database. This is a Delphix concept. |
Linked CDB | Physical container database that has been previously provided by the Oracle DBA on the target environment to which Delphix may provision vPDBs. Physical CDBs must be configured and set up specifically for use by Delphix. |
Virtual CDB (vCDB) | Virtual container database that is created by Delphix during the provision workflow for vPDBs. Once created for Oracle versions 12.1.0.2 and later, it may be used to provision additional vPDBs. |
Linked CDB provision | Provisioning to physical CDBs that are part of the target environment added in Delphix Continuous Data Engine. |
New Virtual CDB (vCDB) provision | During the provisioning workflow for provisioning a new vPDB to a new vCDB, Delphix Continuous Data Engine will create a vCDB in the target environment. |
Existing Virtual CDB (vCDB) Provision | Provisioning to existing vCDBs that are part of the target environment added to the Delphix Continuous Data Engine. |
Auxiliary container database (CDB) | Provisioning an Oracle vPDB requires running recovery to bring the snapshotted datafiles into a consistent state. This needs to be done in the context of a container database, which is created on the target system. After recovery is complete, the vPDB is unplugged and plugged into the target container, and the auxiliary container is deleted. |
RAC | Oracle Real Application Cluster. It is an option to the Oracle Database that allows multiple database instances running on different servers to access the same physical database stored on shared storage. |
TDE | Transparent Data Encryption. It enables encryption of sensitive data that is stored in tables and tablespaces as well as encryption of database backups. After the data is encrypted, this data is transparently decrypted for authorized users or applications when they access this data. TDE helps protect data stored on media (also called data at rest) in the event that the storage media or data file is stolen. |
TDE-enabled vPDB | Virtual pluggable databases provisioned using Delphix that are configured with Transparent Data Encryption. |
Keystore/wallet | File found on the Oracle host which stores the keys used to encrypt and decrypt the internal table keys in a database. Every keystore has a password which is set when it is first created and must be supplied for operations on it. |
Parent keystore | Keystore with the keys used to encrypt the dSource PDB files. |
Target keystore | Keystore for the target CDB into which the TDE-enabled vPDB is plugged. |
Artifact directory | Directory on the target system (not on Delphix Continuous Data Engine storage) which stores keys needed to support Delphix Continuous Data Engine workflows on TDE-enabled vPDBs. It is located under the keystores root directory. |
Exported keyfile | File located on the target Oracle host which contains keys that have been exported from the keystore. It is encrypted with a secret that is specified when it is exported. The exported keyfile itself cannot be used as a keystore, but its contents can be imported into a new keystore. |
Key rotation | Process for changing the master encryption key in the keystore via the |
Keyfile secret | Password used to encrypt an exported keyfile. |
Keystores root directory | User-specified location on the target system under which all TDE related artifacts such as keystores and exported keyfiles created by Delphix Continuous Data Engine are stored. This includes both the artifact directories used for vPDBs and temporary directories used for auxiliary CDB keystores. |
Target domain | A logical unit in CipherTrust Manager, contains the master encryption keys of target CDB into which the TDE-enabled vPDB is plugged. |
Parent domain | A logical unit in CipherTrust Manager, contains the master encryption keys used to encrypt the dSource PDB files. |
TDE external key manager credential | The credentials used to access the master encryption keys of the External Key Manager. |
TDE encryption secret | A passphrase or key that serves as an additional layer of protection for your exported master encryption key and/or transport secret during |
OKV | Oracle Key Vault. It enables customers to easily deploy encryption and other security solutions by offering robust, central management of encryption keys, Oracle Wallets, Java Keystores, and credential files. |
OKV Home | Oracle Key Vault Home. The installation directory path of the |
Target endpoint | Oracle database, registered and enrolled with OKV, contains the target CDB into which the TDE-enabled vPDB is plugged. |
Parent endpoint | Oracle database, registered and enrolled with OKV, contains keys used to encrypt the dSource PDB files. |