-
Hiding/Encrpting Data from DBA/Developers
Hi,
We have been asked to implement the company wide annual review system and are faced with a situation where the data needs to be hidden from the DBA as well as the developers.
Any ideas or pointers to the right direction would be of immense help.
Thanks
Ron
Ronnie
ronnie_yours@yahoo.com
You can if you think you can.
-
you cant hide data from dba's - you can only encrypt it
-
Originally Posted by davey23uk
you cant hide data from dba's - you can only encrypt it
If the DBA is encrypting the data he can see it if he wants to as he would be knowing how to decrypt it. Please correct me if I am wrong as I never had to implement encryption n the past.
-Ron
Ronnie
ronnie_yours@yahoo.com
You can if you think you can.
-
Originally Posted by ronnie
If the DBA is encrypting the data he can see it if he wants to as he would be knowing how to decrypt it. Please correct me if I am wrong as I never had to implement encryption n the past.
-Ron
We can also put it this way:
One who insert's the data can encrypt the data which may not be seen even by the DBA's. Needs Oracle advanced security incorporating Kerberos and other security protocols(if i am right).
Once a banking client came to me asking to decrypt the invisible data which was encrypted by the security manager(who quit!!)
"What is past is PROLOGUE"
-
Remember when you encrypt data with oracle, you have a way to preserve the encryption key. If you lose your key you lose your access.
Big Bucks !!!
Sam
Thanx
Sam
Life is a journey, not a destination!
-
-
Originally Posted by ronnie
Hi,
We have been asked to implement the company wide annual review system and are faced with a situation where the data needs to be hidden from the DBA as well as the developers.
Any ideas or pointers to the right direction would be of immense help.
Thanks
Ron
How do you encrypt paper doc?
Tamil
-
Originally Posted by tamilselvan
How do you encrypt paper doc?
l
They probably don't. But it is trivial to deny access to the confidential paper docs to anyone who is not authorized to see them, no?
They can't deny access to the confidential data in the database from DBAs, so the only option is to make those confidential data "readable" for the authorized database users only. And data encription is the way to go in such situation. Only the authorized users will have the access to the encription keys, regardless of wether they are DBAs or not.
Jurij Modic
ASCII a stupid question, get a stupid ANSI
24 hours in a day .... 24 beer in a case .... coincidence?
-
Pardon me from being silly here bit isnt it the DBA who will encrypt the data in the first place and would also know how to decrypt it.
Originally Posted by jmodic
They probably don't. But it is trivial to deny access to the confidential paper docs to anyone who is not authorized to see them, no?
They can't deny access to the confidential data in the database from DBAs, so the only option is to make those confidential data "readable" for the authorized database users only. And data encription is the way to go in such situation. Only the authorized users will have the access to the encription keys, regardless of wether they are DBAs or not.
Ronnie
ronnie_yours@yahoo.com
You can if you think you can.
-
doesnt have to - can be the application
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|