Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: searching for encrypted fields in data columns

Re: searching for encrypted fields in data columns

From: <sffan_at_hotmail.com>
Date: 1 Mar 2004 20:10:14 -0800
Message-ID: <7eadb3b7.0403012010.23ca89e@posting.google.com> 





"David Portas" <REMOVE_BEFORE_REPLYING_dportas_at_acm.org> wrote in message news:<pa2dnTSUtI9qM97dRVn-ig_at_giganews.com>...
[..snipped..]


> 

> All that is valid if you have some form of access control to your encryption

> keys which is more secure than the username/password security typically

> available in the OS and database. Maybe my experience is limited but some

> (many?) database encryption systems rely only on password-based encryption

> with password policies no better than those offered by Windows. I realize

> that better options are available but I wanted to understand whether the OP

> had some particular requirement in mind or just made an assumption that an

> encrypted database was inherently more secure than a non-encrypted one.




To clarify, the system I am dealing with has a multilayer access
control mechanism. Username/password is simply for authentication; a
responsibility based engine controls what data is made visible to each
user. Further, the meta-data defines which fields store sensitive data
- these are encrypted with keys available only to a master user. The
data access layer uses a separate set of credentials and is the only
layer that can access the database directly. The raw column data get
mapped to business objects on which access control is applied.



I realize the importance of good key management and I think that in
itself is orthogonal to the original problem that I posed. I figured
(maybe incorrectly) that this was a common enough problem that atleast
a few databases provided some generic mechanism to encrypt column
level data.


Consider, the case of salary information stored in the database. For
one, we don't want nosy DBAs looking up exactly who gets paid what.
Currently, what I need to do is invoke my encryption service on each
datum individually. Subsequently, I also need to have a sort/search
service that applies constraints on queries. For example, if I want to
get a list of all employees getting paid between $100K - $200K, I need
retrieve all rows, decrypt the data and then apply my constraint. If
the data hadn't been encrypted, I could have trivially retrieved this
data using SQL.



Anyway, I hope this gives you all a better understanding of my
problem. If any of you have had to address this issue, I would like to
hear about your approaches.



Much Thanks,


~s
Received on Mon Mar 01 2004 - 22:10:14 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US