Forum Stats

  • 3,824,937 Users
  • 2,260,441 Discussions
  • 7,896,354 Comments

Discussions

Application Level Encryption for sensitive columns in a Table

Emad Al-Mousa
Emad Al-Mousa Member Posts: 716 Bronze Trophy
edited Aug 30, 2020 1:14PM in Database Ideas - Ideas

Encryption is always one of the main topics when it comes to security , and best security strategies to secure your "data".  So far in Oracle there is Network Encryption, and TDE (Transparent Data Encryption).

TDE will encrypt data at rest (physical layer- data files) which is a good thing.... but data identified as sensitive in a specific columns can still be viewed un-encrypted when queried through SQL (especially from the DBA-SYS user)....i understand there other security options for limiting data exposures such as label security, dbms_redact, virtual private database, database vault.....however the DBA and an attacker who successfully becomes a DBA can over-pass some of these features restrictions.

What i am proposing is application side level encryption where sensitive data in columns are pushed encrypted from (application-side) and stored encrypted within the database. The management of the key store and implementation will be from application tier. what is the benefit here ? the data will be stored inside the database encrypted so even from "SQL" level the super-user which is the DBA will see "garbage data" (encrypted) and will not be able to decrypt it....this data remains encrypted with backups, and of course on the physical level if someone stole the data files [sensitive columns data are encrypted],....etc and can be ONLY decrypted from application level. I believe its end-to-end protection compared to TDE and is a good feature to be added.

1 votes

Active · Last Updated

Comments

  • Billy Verreynne
    Billy Verreynne Software Engineer Member Posts: 28,816 Red Diamond

    Why make your application layer encryption an Oracle database problem??

    If you want the app layer to store encrypted data in the database, then do it  in the app layer!

    But say goodbye to database constraints, foreign keys, triggers, VPDB/FGAC, and other database features requiring to use the encrypted data columns.

    And say hello to developers who can now access this encrypted data in decrypted format in the app layer code, and do ANYTHING with it. And of course, there are fewer developers than DBAs to deal with now having access to decrypted data - not.

    It is stupid to simply move the so-called security problem from the database to the application, and then call it solved.

  • Emad Al-Mousa
    Emad Al-Mousa Member Posts: 716 Bronze Trophy

    Why make your application layer encryption an Oracle database problem??

    If you want the app layer to store encrypted data in the database, then do it  in the app layer!

    But say goodbye to database constraints, foreign keys, triggers, VPDB/FGAC, and other database features requiring to use the encrypted data columns.

    And say hello to developers who can now access this encrypted data in decrypted format in the app layer code, and do ANYTHING with it. And of course, there are fewer developers than DBAs to deal with now having access to decrypted data - not.

    It is stupid to simply move the so-called security problem from the database to the application, and then call it solved.

    i disagree with you...its not "stupid" idea....in fact other database vendors are now implementing it such as SQL Server Always Encrypted and MongoDB field level encryption. it seems you are not up to date with latest security trends & features !

  • Billy Verreynne
    Billy Verreynne Software Engineer Member Posts: 28,816 Red Diamond

    i disagree with you...its not "stupid" idea....in fact other database vendors are now implementing it such as SQL Server Always Encrypted and MongoDB field level encryption. it seems you are not up to date with latest security trends & features !

    You can encrypt all the data you want in the app layer, and store the encrypted data in the Oracle db layer. Right now. The Oracle database will not prevent you from doing that. So WHY make this encryption request (done in the app layer), an Oracle database layer issue? It seems that you are not up to date with client-server architecture fundamentals.

    If you want to protect data inside the Oracle database, e.g. from a SYSDBA, use Database Vault. It seems that you are not up to date with basic Oracle database concepts.