Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Where to keep encryption key , DB?

Re: Where to keep encryption key , DB?

From: Niall Litchfield <n-litchfield_at_audit-commission.gov.uk>
Date: Tue, 16 Oct 2001 15:50:31 +0100
Message-ID: <3bcc4950$0$232$ed9e5944@reading.news.pipex.net>


<pelln_at_icke-reklam.ipsec.nu.invalid> wrote in message news:9qh06i$q4p$1_at_nyheter.crt.se...
> In comp.security.misc Niall Litchfield
<n-litchfield_at_audit-commission.gov.uk> wrote:
> > <pelln_at_icke-reklam.ipsec.nu.invalid> wrote in message
> > news:9qemfv$nqf$2_at_nyheter.crt.se...
> >> In comp.security.misc NetComrade <andreyNSPAM_at_bookexchange.net> wrote:
> >> > We are planning to store credit card #'s in our database..
> >>
> > <snip>
> >> The better method is : Don't try to obfuscate credit card info. MOVE IT
> >> to a safe server.
> >>
> >> If a machine is exposed to Internet ( or other security hazards) it's
> >> unwize to have any sensitive information on-line.
>
>
> > This raises the question of how on earth do you conduct online commerce.
Is
> > it just impossible? If you are using an RDBMS to drive your ecommerce
site
> > then it has to have a communications channel to the internet site,
though of
> > course that channel should be secure etc. Maybe this is a FAQ on
> > comp.security.misc but it isn't on the Oracle NG.
>
> The simple answer is : don't run you e-commerce site from the exposed
> machines ( like the webserver(s) itself), move all sensitive info
> to machines on safer networks. The webserver is just an "order recipient"

I rather took the n-tier architecture as a given. The original question was how do I best obfuscate sensitive information within Oracle to which ISTM there are a couple of answers

  1. Use the supplied oracle tools DBMS_OBFUSCATION_TOOLKIT
  2. Use a stronger third party solution based on public key cryptography.

The answer don't bother just store it on a 'safe' machine intrigued me, since the only truly safe machine is a disconnected one.

> Running everything on one set of boxes will make any breakin dangerous,
> by layering the application a single breakin might be quite manageble and
> non-fatal ( as regards to the real assets). And since this was an Oracle
> tinted question, some communication needs might be best done outside
oracle.
> ( no oracle bashing, just a reminder that using proper tools at the right
> moment is better then using a hammer to everything)
>
> Whats strange about this ?

Nothing. However Oracle do to their best to sell this architecture (and their nice expensive software <g>) on you. Encrypting within the rbdms would be yet another security layer.

--
Niall Litchfield
Oracle DBA
Audit Commission UK

(and IIS - yuck - Administrator)
Received on Tue Oct 16 2001 - 09:50:31 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US