Re: Ques. re. Oracle Obfuscation

DA Morgan wrote:
>
> ohaya wrote:
> > Hi,
> >
> > I was wondering if anyone is aware if there are any best practices
> > regarding key management when using Oracle's DBMS_OBFUSCATION_TOOLKIT?
> > I'm particularly interested in how we can protect the
> > encryption/decryption key that we would use.
> >
> > Thanks,
> > Jim
>
> Best practice is to upgrade to 10g as DBMS_OBFUSCATION_TOOLKIT is not
> all that secure by current standards. If you can't upgrade far more
> information would be required to advice you.
>
> Personally: I like to hide things in plain sight.

Hi Daniel et al,

We're currently on 9i (sorry, I forgot to mention that). There may be plans to go to 10g, but I haven't seen anything definitive thus far.

I'm inferring from your post that 10g has some features that obviate problems with key management. If so, can you tell me what those are?

Thanks,
Jim Received on Tue Jun 14 2005 - 00:16:02 CDT