RE: encryption

From: Zelli, Brian <Brian.Zelli_at_RoswellPark.org>
Date: Tue, 19 Mar 2013 16:44:27 +0000
Message-ID: <7DCF5A73984B85409A1FB7B957E590ED349052B7_at_EXMB4wsh.roswellpark.org>

Ok, our "security" team is telling us we have to encrypt the databases. If people have sqlplus or sqldev access or what sucks is MS Access front ends to databases it would not be encrypted? Or would they need something on their machine to de-crypt?

ciao,
Brian

Brian Zelli
Senior Database Administrator
Enterprise Apps/Sys Integration
Roswell Park Cancer Institute
(716) 845-4460
brian.zelli_at_roswellpark.org

-----Original Message-----
From: TJ Kiernan [mailto:tkiernan_at_pti-nps.com] Sent: Tuesday, March 19, 2013 12:38 PM
To: andy_at_oracledepot.com
Cc: Zelli, Brian; gints.plivna_at_gmail.com; oracle-l_at_freelists.org; TJ Kiernan Subject: RE: encryption

Fair point - the encrypted data is stored as RAW in the database, but at that point you might as well not rely on DBMS_CRYPTO for ongoing operations. You can certainly do your decryption AND encryption in the application (although DBMS_CRYPTO might still be useful for backfilling existing fields).

Thanks,
T. J.
�

-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Andy Klock Sent: Tuesday, March 19, 2013 11:30 AM
To: TJ Kiernan
Cc: Zelli, Brian; gints.plivna_at_gmail.com; oracle-l_at_freelists.org Subject: Re: encryption

On Tue, Mar 19, 2013 at 11:46 AM, TJ Kiernan <tkiernan_at_pti-nps.com> wrote:
> DBMS_CRYPTO is server-side only (encrypting data at rest). If you're
> looking to encrypt SQL*Net traffic, you're going to need Advanced
> Security, which IIRC costs 1/4 a license (and EE).
>
> Thanks,
> T. J.
>
>

That's not necessarily true. DBMS_CRYPTO contains many of the same old algos that which can be decrypted in several programming languages.

http://docs.oracle.com/cd/E11882_01/appdev.112/e16760/d_crypto.htm#BJFFAJCC

--
http://www.freelists.org/webpage/oracle-l




This email message may contain legally privileged and/or confidential information.  If you are not the intended recipient(s), or the employee or agent responsible for the delivery of this message to the intended recipient(s), you are hereby notified that any disclosure, copying, distribution, or use of this email message is prohibited.  If you have received this message in error, please notify the sender immediately by e-mail and delete this email message from your computer. Thank you.
--
http://www.freelists.org/webpage/oracle-l

Received on Tue Mar 19 2013 - 17:44:27 CET

This message: [ Message body ]
Next message: Christopher.Taylor2_at_parallon.net: "RE: Oracle 7 logon"
Previous message: TJ Kiernan: "RE: encryption"
In reply to: TJ Kiernan: "RE: encryption"
Next in thread: Ryan January: "Re: encryption"
Reply: Ryan January: "Re: encryption"
Reply: Hans Forbrich: "Re: encryption"
Reply: TJ Kiernan: "RE: encryption"
Reply: Steve Montgomerie: "Re: encryption"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message