Re: Looking for a method to encrypt data within an Oracle database, hosted on a public net, and accessed by thousands

From: <jacob.marley_at_plaintalk.bellevue.wa.us>
Date: 1997/03/14
Message-ID: <5gapo9$7e7_at_Holly.aa.net>#1/1

In <33284938.42D2_at_medicalert.org> Medic Alert wrote:
| jacob.marley_at_plaintalk.bellevue.wa.us wrote:
| >
| > Sorry about the large cross post, my question seems (to
| > me) relevant to all groups with the possible exception of
| > sci.crypt.
| >
| > Anyway, I am looking for a method to encrypt columns
| > within an Oracle database, hosted on a public net, and
| > accessed by thousands with the purpose of protecting the
| > data from access by the sysadmin(s), server compromise,
| > and backup media compromise.
| >
| > Clients would be authenticated in some way and, via some
| > KEA, decypt/re-encrypt the columns for reading and
| > modification.
| >
| > Anybody want to share any ideas how to do this? My
| > preference is an existing product.
|
| PGP is a readily available encryption program
| that you may be able to incorporate into your
| program. It is a public-key encryption system
| and has varying levels of security. It can be
| found on many many FTP sites.
|

Opps, sorry. I left out two important points: first, the data is *shared* by those thousands of clients and second, only some of the columns are encrypted, others are not (so I can select off of them).

Some problems with PGP include:
1) All clients will have to know the private key in

addition to the public key. This seems fundamentally orthogonal to the public key philosophy. 2) I have a big-time, uncentralized, and course grain key

management problem.
3) I want the clients to be authenticated outside of

Oracle, since I cannot trust the security of their logon identifiers and passwords stored within the Oracle database.

j Received on Fri Mar 14 1997 - 00:00:00 CET

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message