Key Management in Oracle Database 10g
You’ve learned the basics of how to use encryption and decryption, as well as how to generate keys. But that’s the easy part; for the most part, we’ve simply used Oracle’s supplied programs and built wrappers around them to get the job done. Now comes the more challenging aspect of the encryption infrastructure—managing the key. Our applications will need to have access to the key to decrypt the encrypted values, and this access mechanism should be as simple as possible. On the other hand, the key should not be so simple as to be accessible to hackers. A proper key management system balances the simplicity of key access against prevention of unauthorized access to the keys.
There are essentially three different types of key management:
A single key for the entire database
A different key for each row of tables with encrypted data
A combination approach
The following sections describe these different approaches to key management.
Get Oracle PL/SQL for DBAs now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.