Re: hiding Tables
Date: Sat, 13 Sep 2008 23:15:22 -0700
Message-ID: <1221372923.131366@bubbleator.drizzle.com>
Mass wrote:
> On Sep 12, 4:25 pm, Mark D Powell <Mark.Pow..._at_eds.com> wrote:
>> On Sep 12, 9:14 am, "fitzjarr..._at_cox.net" <orat..._at_msn.com> wrote:
>>
>>> On Sep 12, 3:30 am, Mass <mass..._at_gmail.com> wrote:
>>>> Dear All,
>>>> I have a data base on oracle 10g i want to hiding some tables but i
>>>> didn't know the steps to do that and How i will show it later?
>>>> Thanks a lot
>>> What, exactly, do you mean by 'hiding some tables'? There are ways to
>>> restrict access to certain data to certain users, but that's not
>>> called 'hiding tables'.
>>> David Fitzjarrell
>> Mass, by default if you create a table the only users who can see that
>> table are you and users with the select any table privilege such as
>> DBA's. You have to issue object level privileges: select, insert,
>> update, delete to allow other users to access your table.
>>
>> As David asked, what do you mean by, "hiding some tables". Perhaps
>> you want to look into encryption, views, Virtual Private Database
>> (VPD) also called Fine Grained Access Control (FGAC).
>>
>> encryption - require encoding and decoding of raw data so it can
>> be seen in clear form only via an authorized application
>>
>> view - restricts columns and rows returned via a predefined query
>>
>> VPD - Prior to 10g applies a policy rule to filter rows returned
>> based on how rule applies to querying user. With 10g+ can also be
>> used to nullify column value returned.
>>
>> HTH -- Mark D Powell --
> > > let me explain , i have table called ( user) it containt username and > password this table in same my data base (there are many users can > login in this data base and can access to (user ) ),so i need to hid > this table from my data base to avoid any access to this table > > Thanks > Mass
Based on what you are describing FGAC will work but there is a far better solution if you don't mind writing a bit of code.
First create a table with one VARCHAR2(1000) column.
Then load it using DBMS_CRYPTO.RANDOMBYTES. http://www.psoug.org/reference/dbms_crypto.html
Then use ORA_HASH to create a hash on the fly based on some unique bit of information for each user as they log in. http://www.psoug.org/reference/ora_hash.html
Now just write a function that uses the hash to find some unique part of the table. For example:
SQL> select ora_hash('morgan') from dual;
ORA_HASH('MORGAN')
1843898362
So I substring out the first 5 characters, Go to row 184 and read the first 10 characters beginning at position 38.
Use the WRAP utility to obfuscate your code and I doubt anyone will break it without a Cray.
The best place to hide a secret is in plain sight.
-- Daniel A. Morgan Oracle Ace Director & Instructor University of Washington damorgan_at_x.washington.edu (replace x with u to respond) Puget Sound Oracle Users Group www.psoug.orgReceived on Sun Sep 14 2008 - 01:15:22 CDT