Solved

Does the Oracle wrap utility actually "encrypt" the existing oracle schema structure?

Posted on 2008-06-12
2
1,276 Views
Last Modified: 2013-12-19
Hi,

      I need to secure our Oracle db from unauthorized changes to the schema. The db is not in a development\production environment. It is strickly holding non-sensitive data, however, one of our security requirements is to have the Oracle Database Source Code Object Encryption - encrypted. Is the wrap utility used for this purpose? What does obfuscation offer? We simply do not want the existing Oracle schema to be tampered with and become unusable. Could someone clarify if the wrap utility or obfuscation utility is only used for a development environment or could it be used to protect the existing Oracle db schema?

Thanks, MissyMadi
0
Comment
Question by:missymadi
  • 2
2 Comments
 
LVL 23

Expert Comment

by:David
ID: 21770016
No, it masks the code, but may be readily hacked.  You might google further for specifics.  Wrap is used for PL/SQL objects, to protect the modules from casual viewing.  As far as having the schema objects tampered with, you have other security measures to work with such as roles and fine-grained auditing.
0
 
LVL 23

Accepted Solution

by:
David earned 125 total points
ID: 21770046
1. Obfuscation  Obfuscation is not technically encryption.  Obfuscation simply obscures and makes your data apparently useless.  Advanced decryption techniques can break obfuscation, yet obfuscation makes casual data theft\ unlikely among threats inside or outside your organization unless sophisticated and time- consuming techniques are employed to break the obfuscation keys.

2. DES Encryption  DES Encryption is the certified encryption standard provided by the Oracle Corporation through their package DBMS_Obfuscation_Toolkit.  The Encryption Wizard utilizes a 64 bit key to protect your data.

3. Triple DES Encryption  Triple DES Encryption (3DES) is a response to advanced techniques used to break standard DES encrypted data.  With Triple DES, a data value is encrypted recursively using three 64-bit keys to insure an almost infinite number of key combinations. Currently the Encryption Wizard uses the Triple DES scheme:

C=Ek3(Dk2(Ek1(P)))

4. AES 128-bit Encryption - AES (Advanced Encryption Standard) encryption is available to  Oracle 10g users through the new DBMS_Crypto toolkit.  AES encryption is more secure than DES Encryption and we have tested it as 20% faster on small and medium-sized tables.

5. AES 256-bit  Encryption - 256-bit AES encryption uses large 32 byte encryption keys. This encryption  type also is called through Oracle's certified DBMS_Crypto toolkit and is only available to Oracle 10g  users.

Source: http://www.relationalwizards.com/html/ora_encyrption.html
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Background In several of the companies I have worked for, I noticed that corporate reporting is off loaded from the production database and done mainly on a clone database which needs to be kept up to date daily by various means, be it a logical…
From implementing a password expiration date, to datatype conversions and file export options, these are some useful settings I've found in Jasper Server.
Via a live example, show how to restore a database from backup after a simulated disk failure using RMAN.
This video shows how to configure and send email from and Oracle database using both UTL_SMTP and UTL_MAIL, as well as comparing UTL_SMTP to a manual SMTP conversation with a mail server.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now