DBAsupport.com Forums - Powered by vBulletin
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Is this possible in Oracle

  1. #1
    Join Date
    Mar 2004
    Location
    DC,USA
    Posts
    650

    Question Is this possible in Oracle

    I have a table where a particular column needs to be invisible when users query that table, say like Date of birth, SSN columns.

    Manager says even this col has to be invisible to dba's too.

    Is this some thing related to encryption and decryption? and what all is needed to put this into working?
    "What is past is PROLOGUE"

  2. #2
    If users and DBAs aren't supposed to be able to access that data, why is it even stored?

    Hiding data from a DBA is very difficult as they must be able to back up the database. You can obfuscate it with the DBMS_CRYPTO, but your application will have to know to use the encrypted value.

  3. #3
    Join Date
    Mar 2004
    Location
    DC,USA
    Posts
    650
    HR related data should be seen only by HR associates.

    By the way this is for Oracle 9i. I came accross DBMS_OBFUSCATION_TOOLKIT package, which can do the above for me.

    any valid suggestions..............?
    "What is past is PROLOGUE"

  4. #4
    Join Date
    Jul 2002
    Location
    Lake Worth, FL
    Posts
    1,492

    Cool

    "The person who says it cannot be done should not interrupt the person doing it." --Chinese Proverb

  5. #5
    Join Date
    Jun 2000
    Location
    Madrid, Spain
    Posts
    7,447
    Quote Originally Posted by LKBrwn_DBA
    unfortunately those arent invisible to DBAs

    you might have a look at Data Vault, not sure if it works for 9i though

  6. #6
    Join Date
    Jul 2002
    Location
    Lake Worth, FL
    Posts
    1,492

    Thumbs down


    I know information is not hidden from DBA's, but I assumed jhmartin's post had clarified that issue.
    "The person who says it cannot be done should not interrupt the person doing it." --Chinese Proverb

  7. #7
    Join Date
    Sep 2005
    Posts
    278
    Does the manger wants to Hide the contents of data from being visible by DBA?

    IF such, A view can be created for users without those two columns, and dbms_obfuscation_toolkit can be used to encrypt and decrypt the values to be stored in the table.

    Below is the example link which might be helpful

    http://www.databasejournal.com/featu...le.php/3358671

  8. #8
    Join Date
    Mar 2004
    Location
    DC,USA
    Posts
    650
    Quote Originally Posted by tabreaz
    IF such, A view can be created for users without those two columns, and dbms_obfuscation_toolkit can be used to encrypt and decrypt the values to be stored in the table.
    Still a dba can access the data by executing the DESDecrypt procedure.

    Any user who runs the DESDecrypt procedure can see the data. How this works to make data secure and hide from normal users?

    Create the encrypt and decrypt procedures from a user and grant execute to the privileged users. But this will not hide the data from dba's view, as requested by my manager.
    "What is past is PROLOGUE"

  9. #9
    Join Date
    Sep 2005
    Posts
    278
    How about using such encryption mechanism from Outside Oracle, and only manager has the control of that application (Both Encryption and Decryption)?

  10. #10
    Join Date
    Mar 2004
    Location
    DC,USA
    Posts
    650
    Quote Originally Posted by tabreaz
    How about using such encryption mechanism from Outside Oracle, and only manager has the control of that application (Both Encryption and Decryption)?
    Sounds good, do you suggest any
    "What is past is PROLOGUE"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Click Here to Expand Forum to Full Width