Re: Data encryption in Oracle

From: David T. Bath <david.bath_at_nre.vic.gov.au>
Date: 1998/06/22
Message-ID: <358DA937.11ED1EB9_at_nre.vic.gov.au>#1/1


SV wrote:

> We need to store highly confidential data in Oracle
> so that nobody (not even SYS, SYSTEM, ORACLE, root, or any other
> user) except authorized ones can see it.
> So far it looks like the only way
> is to store this data encrypted and
> decrypt it inside application front-end.
>
> Are there any tools/packages/apps out there
> which allow that?
> Cost is not a concern.
>
> Thanks,
> Sergei

Tools: The standard for encryption tools seems to be Eric Young's suite from
psych.psy.uq.oz.au/pub/Crypto.
He has a libdes, SSL implementation, etc. For MS architectures, there are precompiled binaries. Perl modules are also available for this. The problem you will have is the storage of the key. For authorizing users have a look at how webmin (www.webmin.com) does it

using the perl module Net::SSLeay for secure sockets layers. Note: US sites may not re-export Eric Young's code, although they are allowed
to get it.
This is not to say that trusted Oracle is not the way to go, just pointers to
tools that may be useful in crypting/decrypting yourself.

--
-----------------------------------------------------------------------------
David T. Bath at home
david.bath_at_nre.vic.gov.au
Phone: +613 9500 0894    Mobile: 015 824 171 (not always on)
Office: Global Consulting Ph:+613 9347 7511    Fax:+613 9347 0182
-----------------------------------------------------------------------------
Received on Mon Jun 22 1998 - 00:00:00 CEST

Original text of this message