?
Solved

oracle security of a table - column

Posted on 2012-08-26
9
Medium Priority
?
420 Views
Last Modified: 2012-08-28
Hi Experts
 I have a table with the Following columns
 application id, master key
 as I can do to seguridada to this table, ie through a select column not see master key
 Consider that the master key can not be encrypted
0
Comment
Question by:enrique_aeo
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 38334547
I don't understand this question, what is your problem with the table? Describe the table for us?
0
 

Author Comment

by:enrique_aeo
ID: 38334564
we provide security master key column
0
 

Author Comment

by:enrique_aeo
ID: 38334667
we want to prevent any user could see the value of SELECT that column
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 38

Assisted Solution

by:Gerwin Jansen, EE MVE
Gerwin Jansen, EE MVE earned 400 total points
ID: 38334683
Create a view that the users access to read application id and change the password for the schema that contains the master key column?
0
 

Author Comment

by:enrique_aeo
ID: 38334689
Can you explain me with code
0
 
LVL 78

Assisted Solution

by:slightwv (䄆 Netminder)
slightwv (䄆 Netminder) earned 800 total points
ID: 38336207
Depending on your licensing you can use Transparent Data Encryption or Label Security.

If you don't have the license you can use DBMS_CRYPTO to encrypt the column.

TDE: 3.4.2 Create a Table with an Encrypted Column
http://docs.oracle.com/cd/E11882_01/network.112/e10746/asotrans.htm#ASOAG9566

Label Security:
http://docs.oracle.com/cd/E11882_01/network.112/e10745/intro.htm#OLSAG001

DBMS_CRYPTO:
http://docs.oracle.com/cd/E11882_01/appdev.112/e25788/d_crypto.htm#ARPLS65669
0
 
LVL 32

Assisted Solution

by:awking00
awking00 earned 400 total points
ID: 38336501
Do not give privilege to users on the table, but create a view of the table that doesn't include the master_key column and give privileges on the view.
0
 

Author Comment

by:enrique_aeo
ID: 38339322
Is there any way to protect the table from database administrators?
remember that this column can not be encrypted
0
 
LVL 78

Accepted Solution

by:
slightwv (䄆 Netminder) earned 800 total points
ID: 38340629
If you don't trust your DBAs to see the data, maybe you need new DBAs.

>>Is there any way to protect the table from database administrators?

Oracle Database Vault:
http://www.oracle.com/us/products/database/options/database-vault/overview/index.html

Privileged User Access Control for Oracle Database
 
Oracle Database Vault helps organizations increase the security of existing applications and address regulatory mandates that call for separation-of-duties, least privilege and other preventive controls to ensure data integrity and data privacy. Oracle Database Vault proactively protects application data stored in the Oracle database from being accessed by privileged database users.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring and using Oracle Database Gateway for ODBC Introduction First, a brief summary of what a Database Gateway is.  A Gateway is a set of driver agents and configurations that allow an Oracle database to communicate with other platforms…
How to Unravel a Tricky Query Introduction If you browse through the Oracle zones or any of the other database-related zones you'll come across some complicated solutions and sometimes you'll just have to wonder how anyone came up with them.  …
This video shows information on the Oracle Data Dictionary, starting with the Oracle documentation, explaining the different types of Data Dictionary views available by group and permissions as well as giving examples on how to retrieve data from th…
This video shows how to configure and send email from and Oracle database using both UTL_SMTP and UTL_MAIL, as well as comparing UTL_SMTP to a manual SMTP conversation with a mail server.
Suggested Courses
Course of the Month16 days, 16 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question