Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Encryption key storage
The database is currently at Oracle 9.2.0.6 on Solaris.
I have a few questions about my options to store encryption keys.
We want to store the encryption keys in an LDAP directory, so that when
we pass the full export of the database, it doesn't include the
encryption keys. Our encrypt/decrypt package functions can read the
keys from LDAP as required, but is there a way to retain/share the key
values so we don't need to do an LDAP call for each individual session
that wants to do an encrypt or decrypt.
Could the key be stored in a static java variable, to be accessible by
mutliple sessions ?
(or would it's visibility be limited to that of a package variable -
re-initalized for every session)
Could the key be stored in a materialized view, to be accessible by
mutliple sessions ?
In either case, would the key values be included in the dump of a full
database export ?
I am also wondering about the possibility of storing the wrapped encrypt/decrypt package under the SYS schema, so that it would not be included in a full export.
Thanks for your thoughts. Received on Tue Jun 20 2006 - 10:28:26 CDT