• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 432
  • Last Modified:

oracle security of a table - column

Hi Experts
 I have a table with the Following columns
 application id, master key
 as I can do to seguridada to this table, ie through a select column not see master key
 Consider that the master key can not be encrypted
0
enrique_aeo
Asked:
enrique_aeo
  • 4
  • 2
  • 2
  • +1
4 Solutions
 
Gerwin Jansen, EE MVETopic Advisor Commented:
I don't understand this question, what is your problem with the table? Describe the table for us?
0
 
enrique_aeoAuthor Commented:
we provide security master key column
0
 
enrique_aeoAuthor Commented:
we want to prevent any user could see the value of SELECT that column
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
Gerwin Jansen, EE MVETopic Advisor Commented:
Create a view that the users access to read application id and change the password for the schema that contains the master key column?
0
 
enrique_aeoAuthor Commented:
Can you explain me with code
0
 
slightwv (䄆 Netminder) Commented:
Depending on your licensing you can use Transparent Data Encryption or Label Security.

If you don't have the license you can use DBMS_CRYPTO to encrypt the column.

TDE: 3.4.2 Create a Table with an Encrypted Column
http://docs.oracle.com/cd/E11882_01/network.112/e10746/asotrans.htm#ASOAG9566

Label Security:
http://docs.oracle.com/cd/E11882_01/network.112/e10745/intro.htm#OLSAG001

DBMS_CRYPTO:
http://docs.oracle.com/cd/E11882_01/appdev.112/e25788/d_crypto.htm#ARPLS65669
0
 
awking00Commented:
Do not give privilege to users on the table, but create a view of the table that doesn't include the master_key column and give privileges on the view.
0
 
enrique_aeoAuthor Commented:
Is there any way to protect the table from database administrators?
remember that this column can not be encrypted
0
 
slightwv (䄆 Netminder) Commented:
If you don't trust your DBAs to see the data, maybe you need new DBAs.

>>Is there any way to protect the table from database administrators?

Oracle Database Vault:
http://www.oracle.com/us/products/database/options/database-vault/overview/index.html

Privileged User Access Control for Oracle Database
 
Oracle Database Vault helps organizations increase the security of existing applications and address regulatory mandates that call for separation-of-duties, least privilege and other preventive controls to ensure data integrity and data privacy. Oracle Database Vault proactively protects application data stored in the Oracle database from being accessed by privileged database users.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 4
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now