Section 4.8. Conclusion


4.8. Conclusion

In this chapter, we have looked at encryption, key management, hashing, and related concepts. Let's summarize the key concepts here: Encryption of data is the disguising of the data so its true meaning is not visible. It requires three basic ingredientsthe input data, an encryption key, and an encryption algorithm. There are two fundamental methods of encryption: asymmetric or public key encryption, where the keys used to encrypt and decrypt are different; and symmetric key encryption, where the keys are the same. The former is typically used in data transmission and requires elaborate setup, while the latter is relatively simple to implement.

The most important and challenging aspect of building an encryption infrastructure is not using the APIs themselves, but building a reliable and secure key-management system. There are a variety of different ways to do that: you can use the database, the filesystem, or both as a key store. You can use a single key for the entire database, one key per row of the table, or something in between. You can use two different keys: one regular key stored somewhere and a master key stored at a different location. The key that is used to encrypt data is not the one stored, but is a bitwise XOR operation of the master and stored keys. If either one is compromised, the encrypted data still cannot be decrypted unless the other one is accessible as well.

Sometimes it is not necessary to hide data, but we nevertheless have to ensure that it has not changed. This is done by cryptographic hashing. A hash function will always return the same value for a given input value. Thus, if we determine that a calculated hash value differs from the value originally calculated, we know that the source data has changed. A variation of hashing, Message Authentication Code (MAC), involves hashing with a key.

Oracle Database 10g Release 2 introduced a feature called Transparent Database Encryption (TDE) that transparently encrypts and decrypts data before storing it in data files. With TDE, sensitive columns in datafiles, archived log files, and database backups are stored encrypted, so a theft of the files will not reveal the sensitive data. Note, however, that TDE is not designed to be a real encryption system so far as user control is concerned. You still need to build your own infrastructure if you want to control who will see the decrypted values and who will not.




Oracle PL(s)SQL For DBAs
Oracle PL(s)SQL For DBAs
ISBN: N/A
EAN: N/A
Year: 2005
Pages: 122

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net