Re: Protecting the encryption key from the DBA

Sybrand Bakker <postbus_at_sybrandb.demon.nl> wrote:

>On 18 Jul 2005 10:15:31 -0700, "Pratap" <pratap_fin_at_rediffmail.com>
>wrote:

>>How can we protect the encryption key from the DBA

>If you don't trust the DBA, fire him.
>No database can be and should be protected from a DBA.
>If you want be sure of protection, swap Oracle for a toy like
>sqlserver, put the system in a server room, make sure the password of
>sa is sa, and throw away the key of that server room.

Isn't it frequently the case that you might be a company X selling your product to company Y, such that you want Y's DBA to be able to backup and run scripts, but not to look at your raw data?

Paul...

-- 

plinehan __at__ yahoo __dot__ __com__

XP Pro, SP 2, 

Oracle, 9.2.0.1.0 (Enterprise Ed.)
Interbase 6.0.1.0;

When asking database related questions, please give other posters 
some clues, like operating system, version of db being used and DDL.
The exact text and/or number of error messages is useful (!= "it didn't work!").
Thanks.
 
Furthermore, as a courtesy to those who spend 
time analysing and attempting to help, please 
do not top post.