Home » Other » Marketplace » Public key encryption tool (Oracle, 11g, 12c, 18c, UNIX)
Public key encryption tool [message #675855] Wed, 24 April 2019 07:48 Go to next message
Olexandr Siroklyn
Messages: 7
Registered: September 2018
Junior Member
FCBHifence software (http://www.oracleongpu.com/fcbhifence/) provides cell level data security via public-key cryptography (also known as asymmetric cryptography) for on-premises or cloud based, Express, Standard or Enterprise, 11g, 12c or 18c Oracle databases.

Purpose

The purpose of this software is to provide highest possible level of data protection for sensitive information like ePHI (US), GDPR (EU) or PCI related. Because of that FCBHifence software doesn't use symmetrical cryptography like AES or DES, but asymmetrical like RSA or DSA.

Key features

Cell level encryption
SQL and PL/SQL data types, i.e. string, varchar, nvarchar, clob, nclob supported
GNU Privacy Guard cryptography engine used
Data access separation
Main code is written in PL/SQL language. External modules are written in shell and JAVA languages
Single and multi-byte char sets supported
All editions of Oracle 11g (excepting XE), 12c and 18c database (including multi-tenant container databases)
DBaaS compatible
External database key storage. No any keys stored within constant database objects
No any key operations inside database or database memory
Distributed key management
Simplified BSD License https://opensource.org/licenses/BSD-2-Clause

How it works

FCBHifence software doesn't reinvent wheel and uses GNU Privacy Guard software (GnuPG). GnuPG (or compatible to IETF standards-track specification of OpenPGP software) must be installed as on server side so on user computer. Key management operations, i.e. creation, deletion, expiration, import, export are performed by GnuPG only. Data operations as encryption and decryption are performed by the GnuPG also. FCBHifence software can be considered as a bridge between the GnuPG (or software with the similar functionality) and Oracle database.

Data routines. Without being lost in too much details asymmetrical encryption bases on two kinds of security keys: public and private. Public key is used to encrypt data. Private key is used to decrypt data. They both is the pair. User, who authorized is to decrypt and therefore to read data, stores private key in GnuPG guard key storage on the user computer. Public key is stored on the server or on the user computer in the GnuPG key storage also. Keys can be exported and imported to/from the GnuPG key storage. Thus any cell level data in an Oracle table can be encrypted by the different public keys to provide data separation, i.e. one column can contain differently encrypted rows. Only application having access to the local key storage, where paired private key is stored, can decrypt data.

Restrictions

There are no ways to store asymmetrically encrypted data in Oracle table data types like date, timestamp, float, number.

Downloads and feedbacks are very appreciated and highly welcome.
Thanks.
Re: Public key encryption tool [message #676112 is a reply to message #675855] Wed, 15 May 2019 02:11 Go to previous message
Olexandr Siroklyn
Messages: 7
Registered: September 2018
Junior Member
Update. Current 1.2.31 version was successfully validated on Oracle 19c database and found as compatible.
Previous Topic: PL/SQL parallel execution tool
Next Topic: What Tool is used for Oracle Database to MySQL Migration
Goto Forum:
  


Current Time: Sat May 25 11:58:52 CDT 2019