How to obfuscate table , schema details

Hi,

I know we can use oracle obfuscation kit to encrypt pl/sql code or actual data stored in database table but I would like to know if we can obfuscate oracle database schema, table structure.

I would like to know how we can obfuscate table name, column name in Oracle database. Please help me understand how this can be done. Can we use one technique to obfuscate all pl/sql code (i.e. triggers, packages,procedures, functions) and table name, col name?

idforpg1Asked:
Who is Participating?
 
schwertnerConnect With a Mentor Commented:
To encrypt programming code(procedures, functions, packages, triggers) (one way only! no decryption) use the 'wrap" utility of Oracle.
Should be found in ORACLE_HOME/bin

Tables are encrypted usig DBMS_CRYPTO PL/SQL package. Interner has plenty of examples "How to encrypt/decrypt ..." so I will avoid to puiblish codes here.
0
 
k_murli_krishnaCommented:
0
 
k_murli_krishnaCommented:
Does the Oracle wrap utility actually "encrypt" the existing oracle schema structure?
http://www.experts-exchange.com/Database/Oracle/10.x/Q_23479627.html

So, one cannot directly mask/obfuscate/morph/encrypt oracle database schema structure, table, column.

But apart from security measures like grant/revoke of privileges, roles and fine grained access control, one can indirectly do it with help of synonyms (has to be in same schema as tables/views since schema is user that connects to database), views(SQL SELECT query). With these one can hide table/view names and hide query as well as give alias names to columns selected in view respectively.

Similarly, in distributed computing, db links hide the SID or service name of target database since one accesses it while connected to source database.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
k_murli_krishnaCommented:
One can also resort to renaming of tables, columns and recreating synonyms/views and other objects with a different name in long periodic time. But this should be the last resort since even though there is a checklist to make due changes to code i.e. application and SQL or PL/SQL, this is a headache.
0
 
sdstuberCommented:
also note,  even if you do obfuscate your tables and other objects you will still be able to find references between them in dba_dependencies and dba_constraints
0
 
schwertnerCommented:
Oracle security is based on ownership and priwiliges.
Every user can see everything in his own tables. But the tables could be encrypted - this could be done using DBMS_CRYPTO pckage.

Other users (except SYS) can not see neither the structure nor the name and the contents of the user objects.

But I say it again - the tables can be encrypted and without knowing the encryption key and the encryption method it is not possible to see the content.
0
 
idforpg1Author Commented:
need more information
0
All Courses

From novice to tech pro — start learning today.