| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle and Encryption
On Sat, 07 Oct 2006 17:14:58 -0400, OFM wrote:
> I am running an oracle database with the application written in PHP.
>
> I would like to be able to have the option to encrypt data residing in
> certain columns in certain tables i.e. encrypt the SSNO column but not
> the Fname column. I would like to keep it in its encrypted form in the
> database but I would like to be able to show it to certain privileged
> people based on a password.
>
> Can public key encryption be incorporated here in the php application
> such that if I can encrypt the data based on a key that in it self can
> be encrypted in a way that you can revoke certain passwords if the
> employee leaves - much that same way you have revocation lists
> management in PGP.
>
> Are there any suggestions on how to go about incorporating FLEXIBLE
> encryption of data with PHP and Oracle?
>
> Any help appreciated.
Oracle has something called "Advanced Security Option" which is a commercial product and allows encryption of the entire database or parts of it. There is also something called "VPD" (Virtual Private Database) which allows users to see only the parts of the database they're entitled to see. It takes a bit to set up, but it works really well. As for revoking employee authorization once the employment is terminated, it should be a standard practice. HR should have an application that would disable VPN logins and logins to web visible applications and high priority tickets to immediately revoke all access privileges should be assigned to both system administration group and DBA group. Security is not a part of an application, security is a philosophy that the company must adhere to in everything it does.
-- http://www.mladen-gogala.comReceived on Sun Oct 08 2006 - 22:53:31 CDT
 |
 |