Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Protecting the encryption key from the DBA

Protecting the encryption key from the DBA

From: Pratap <pratap_fin_at_rediffmail.com>
Date: 18 Jul 2005 10:15:31 -0700
Message-ID: <1121706931.390863.266630@g14g2000cwa.googlegroups.com> 





Oracle database 8.1.7, 9i



We have to use dbms_obfuscation_toolkit to keep encrypted data in the
database. The key is stored outside the database.



How can we protect the encryption key from the DBA? We will be using
Oracle Advanced Security to protect the key over the network.



But I guess any DBA can trace a session with a specific event and dump
the bind variable data to the trace file. So DBA can find the key very
easily by tracing sessions executing the dbms_obfuscation_toolkit
package and the bind variables that are passed to it.



Regards,


Pratap
Received on Mon Jul 18 2005 - 12:15:31 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US