Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Encrypting data witth TDE Oracle 10g

Re: Encrypting data witth TDE Oracle 10g

From: DA Morgan <damorgan_at_psoug.org>
Date: Thu, 24 Aug 2006 09:28:04 -0700
Message-ID: <1156436883.143141@bubbleator.drizzle.com>


Fred wrote:
> Hi all, very interesting talk ... no ?
> Sorry for my poor english ...
>
> I just want to demonstrate to my customer that encrypt data is not a
> real solution, but i want also explain to him that's possible. I just
> want to undestand how encrypt data work.
>
> So, i'm ok with you with VPD, but if we want a more secure database, we
> must try to encrypt data. We must demonstrate that encrypt data is not
> possible because of poor perf.
>
> So, have you a paper which explain how to encrypt column (and not just
> a string) with DBMS_CRYPTO. Should we use HASH with DBMS_CRYPT on each
> column.
>
> How we do the link between user, key management, with DBMS_CRYPTO ? we
> want to use certificate , is it possible with Oracle ?
>
> Fred
>
>
>
>

>> Like Ed said: VPD is what you want - it does not encrypt, but enforces
>> extensions to the where clause of every select you want.
>> Effectively, this means user A can only see what you design user A to
>> see.
>> I still fail to see why you would like to encrypt your data. Realize
>> there is a performance penalty in encrypting/decrypting.
>> It's a CPU intensive process!
>>
>> --
>> Regards,
>> Frank van Bortel
>>
>> Top-posting is one way to shut me up...

Demos you can use with your customer to show DBMS_CRYPTO usage can be found in Morgan's Library at www.psoug.org.

HTH

-- 
Daniel A. Morgan
University of Washington
damorgan_at_x.washington.edu
(replace x with u to respond)
Puget Sound Oracle Users Group
www.psoug.org
Received on Thu Aug 24 2006 - 11:28:04 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US