| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle Security:Anyone Did Encryption of Data in Tables B4 ?
In article <33B5F753.D9D_at_pacific.net.sg>,
Goh Pin Pin <gohchan_at_pacific.net.sg> writes:
>Oracle Security Experts:
>
>Even today, using Oracle 7 etc, the unix account "oracle"
>or anyone with the Oracle account "sys" & "system" can
>see all the data that my CEO and CFO puts in my Oracle database.
>The unix account "root" can also "su - oracle" and see
>the data in my Oracle database.
>
>The only way out, I think is to encrypt the data as it is
>"inserted" or "updated" into the database. Has anyone done
>encryption of data in Oracle before and has some interesting
>horror stories and war scars to describe ? I am aware that:
>
>1. Searches such as "select * from table where column = 'xxx'"
> becomes really difficult since every row needs to be decrypted
> before matching. Is there an easier / ingenious way out ?
>
One easy way is to encrypt the select criteria. You don't need to decrypt
anything but the result set.
Bill
--Received on Sun Jun 29 1997 - 00:00:00 CDT
 |
 |