Home » RDBMS Server » Security » TDE - Hiding a column in select (Oracle 10.2.0.2.0/ Centos 5.0)
TDE - Hiding a column in select [message #349033] Thu, 18 September 2008 11:40 Go to next message
glanson
Messages: 11
Registered: August 2008
Junior Member
I was using TDE and tried to select the column after encrypting and closing the wallet. Its shows me an error. Thats good. But my question is; Is there any way to restrict some users and allow other users using the same column?.

If i give the wallet key to those users then i won't have enough security for my data.

My scenario is i have some users whom i should give access to SSN column and certain users to restrict the same. Both of them has the previllage to use the select query. When the restricted users use "select *" query they should not be able to view the ssn column.

Please help i am a newbie in oracle
Re: TDE - Hiding a column in select [message #349041 is a reply to message #349033] Thu, 18 September 2008 12:26 Go to previous message
Michel Cadot
Messages: 68625
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Quote:
Is there any way to restrict some users and allow other users using the same column?.

You miss the purpose of TDE which is NOT controllong access right but prevent from theft.

Quote:
My scenario is i have some users whom i should give access to SSN column and certain users to restrict the same.

Use FGAC or DBMS_CRYPTO but not TDE.

Quote:
When the restricted users use "select *" query they should not be able to view the ssn column.

Once again FGAC or better and simpler VIEW.

Regards
Michel
Previous Topic: transparent Data encryption
Next Topic: Password Exp Warning
Goto Forum:
  


Current Time: Thu Mar 28 16:08:16 CDT 2024