Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Usenet -> c.d.o.server -> Re: searching for encrypted fields in data columns

Re: searching for encrypted fields in data columns

From: <>
Date: 1 Mar 2004 20:10:14 -0800
Message-ID: <>

"David Portas" <> wrote in message news:<>... [..snipped..]
> All that is valid if you have some form of access control to your encryption
> keys which is more secure than the username/password security typically
> available in the OS and database. Maybe my experience is limited but some
> (many?) database encryption systems rely only on password-based encryption
> with password policies no better than those offered by Windows. I realize
> that better options are available but I wanted to understand whether the OP
> had some particular requirement in mind or just made an assumption that an
> encrypted database was inherently more secure than a non-encrypted one.

To clarify, the system I am dealing with has a multilayer access control mechanism. Username/password is simply for authentication; a responsibility based engine controls what data is made visible to each user. Further, the meta-data defines which fields store sensitive data - these are encrypted with keys available only to a master user. The data access layer uses a separate set of credentials and is the only layer that can access the database directly. The raw column data get mapped to business objects on which access control is applied.

I realize the importance of good key management and I think that in itself is orthogonal to the original problem that I posed. I figured (maybe incorrectly) that this was a common enough problem that atleast a few databases provided some generic mechanism to encrypt column level data.
Consider, the case of salary information stored in the database. For one, we don't want nosy DBAs looking up exactly who gets paid what. Currently, what I need to do is invoke my encryption service on each datum individually. Subsequently, I also need to have a sort/search service that applies constraints on queries. For example, if I want to get a list of all employees getting paid between $100K - $200K, I need retrieve all rows, decrypt the data and then apply my constraint. If the data hadn't been encrypted, I could have trivially retrieved this data using SQL.

Anyway, I hope this gives you all a better understanding of my problem. If any of you have had to address this issue, I would like to hear about your approaches.

Much Thanks,
~s Received on Mon Mar 01 2004 - 22:10:14 CST

Original text of this message