Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Protecting the encryption key from the DBA
Oracle database 8.1.7, 9i
We have to use dbms_obfuscation_toolkit to keep encrypted data in the database. The key is stored outside the database.
How can we protect the encryption key from the DBA? We will be using Oracle Advanced Security to protect the key over the network.
But I guess any DBA can trace a session with a specific event and dump the bind variable data to the trace file. So DBA can find the key very easily by tracing sessions executing the dbms_obfuscation_toolkit package and the bind variables that are passed to it.
Regards,
Pratap
Received on Mon Jul 18 2005 - 12:15:31 CDT