> Can someone see any drawbacks?
What if a satellite falls out of the
sky and hits you on the head?
Or your significant other can't stand
your face for one more day and whacks
you with a frying pan?
( narcissists need not worry )
The point being of course, who will know
how to access the data if you don't show
up for work?
At our site the SA's have a master password
database for that kind of stuff.
Many folks put this kind of thing on a
piece of paper and seal it in an envelope,
and hand it to damagement for safe keeping.
Jared
"Jamadagni,
Rajendra" To: Multiple recipients of list
ORACLE-L <[EMAIL PROTECTED]>
<Rajendra.Jamadagni cc:
@espn.com> Subject: RE: Encryption - Question
about the key
Sent by:
[EMAIL PROTECTED]
12/18/01 01:55 PM
Please respond to
ORACLE-L
Believe it or not Jared, one of your script gave me following idea (the
wrapper sql for decrypt/encrypt on your site).
1. I have a system users table, I can add a column to store user's key in a
column that only that user has access to.
2. Create a DBA owned package to handle encryption/decryption.
3. The key will be picked up in this package and used (maybe I'll use user
key is used to derive the actual key).
4. The package will be deployed as 'wrapped' in production, so by looking
at
dba_source you won't find much.
I'll have to test this though but I think this will make it a bit more
secure.
The question is "Can I trust myself?" The answer is 'Yes".
Can someone see any drawbacks?
Raj
______________________________________________________
Rajendra Jamadagni MIS, ESPN Inc.
Rajendra dot Jamadagni at ESPN dot com
Any opinion expressed here is personal and doesn't reflect that of ESPN
Inc.
QOTD: Any clod can have facts, but having an opinion is an art!
(See attached file: ESPN_Disclaimer.txt)
ESPN_Disclaimer.txt
Description: Binary data
