Encryption [message #679300] |
Thu, 20 February 2020 07:20 |
|
shawaj
Messages: 89 Registered: January 2016
|
Member |
|
|
Hi All,
i need to store encrypted data(social security or PAN) in database table for security purpose so i tried the following command
CREATE TABLE customer(
cust_id NUMBER,
cust_name VARCHAR2(100),
so_securityno VARCHAR2(30) encrypt,
cust_phone NUMBER encrypt,
cust_pan VARCHAR2(20) encrypt
);
but got error - ERROR at line 1:
ORA-00439: feature not enabled: Transparent Data Encryption
|
|
|
Re: Encryption [message #679301 is a reply to message #679300] |
Thu, 20 February 2020 07:27 |
John Watson
Messages: 8962 Registered: January 2010 Location: Global Village
|
Senior Member |
|
|
You are trying to use Transparent Data Encryption, which needs to be separately licensed option on top of Enterprise Edition. It also requires some configuration: you need to create a wallet to store the keys. Have you done all that?
|
|
|
Re: Encryption [message #679306 is a reply to message #679301] |
Thu, 20 February 2020 11:20 |
|
Michel Cadot
Messages: 68728 Registered: March 2007 Location: Saint-Maur, France, https...
|
Senior Member Account Moderator |
|
|
... In addition, once the wallet is opened the data are visible to everyone who has access to the table.
TDE only protects against disk or backup thief not against database intruders.
You have to first define what you want to protect, against what/who and when.
You have to then define who/what is allowed to see the data, how and when.
Only then you can define which strategy you may implement (which may not be encryption).
[Updated on: Fri, 21 February 2020 00:56] Report message to a moderator
|
|
|
|
|
|
Re: Encryption [message #679314 is a reply to message #679312] |
Fri, 21 February 2020 01:33 |
John Watson
Messages: 8962 Registered: January 2010 Location: Global Village
|
Senior Member |
|
|
shawaj wrote on Fri, 21 February 2020 06:47Thanks John Watson,
i don't have additional licence for TDE and configuration. So use DBMS_CRYPTO. To make the encryption and decryption transparent, cover the tables with views that will decrypt when you SELECT and have INSTEAD OF triggers to encrypt when you INSERT or UPDATE.
|
|
|
|
|
|
|
|
Re: Encryption [message #679955 is a reply to message #679954] |
Tue, 14 April 2020 11:39 |
John Watson
Messages: 8962 Registered: January 2010 Location: Global Village
|
Senior Member |
|
|
Olexandr Siroklyn wrote on Tue, 14 April 2020 17:27Alas. Proposed way doesn't allow to insert encrypted data into number field. Well, no - the column (please don't say "field" when you mean "column"!) has to be data type raw. What you probably need to do (as I suggested before) is cover the table with a view that does all the work.
|
|
|
|
|
|
Re: Encryption [message #679959 is a reply to message #679958] |
Tue, 14 April 2020 12:50 |
John Watson
Messages: 8962 Registered: January 2010 Location: Global Village
|
Senior Member |
|
|
I suppose, Olexandr, it would have been better to make your product affiliation clear earlier.
Suggestion - you could redeem yourself! Create another Marketplace topic describing your product in greater detail. This comment on your websiteQuote:Restrictions
There are no ways to store asymmetrically encrypted data in Oracle table data types like date, timestamp, float, number. is interesting, you could explain a bit more about how you actually do this.
|
|
|
Re: Encryption [message #679965 is a reply to message #679958] |
Tue, 14 April 2020 14:47 |
|
Michel Cadot
Messages: 68728 Registered: March 2007 Location: Saint-Maur, France, https...
|
Senior Member Account Moderator |
|
|
Olexandr Siroklyn wrote on Tue, 14 April 2020 19:43If you find out my last response as inappropriate to this topic I have no objections to have that response as deleted.
What I found inappropriate is that you introduced yourself in the topic asking how OP did it, ignored the answers that have been provided to you and claimed there is a solution in the Marketplace forum.
In short, you came masked to promote your product.
There won't be no problem if you just posted something like "a solution might be this product" with a link to your post in Marketplace forum.
And to add to John's post, you can give a short description in our Wiki Commercial products page and create a page in the Wiki describing in details your product. You can also create your user page.
|
|
|