/2003 01:48 PM
Please respond to ORACLE-L
To: Multiple recipients of list ORACLE-L [EMAIL PROTECTED]
cc:
Subject:RE: storing credit card numbers in a database
Even a half-arsed encryption (e.g. 255-ascii(each_char) for 1-byte
languages) in your code can
Title: storing credit card numbers in a database
Look under DBMS_OBFUSCATION_TOOLKIT.
-Original Message-From: Chris Stephens
[mailto:[EMAIL PROTECTED]Sent: Friday, February 21, 2003
2:06 PMTo: Multiple recipients of list ORACLE-LSubject:
storing credit card numbers in a
Look into the DBMS_OBFUSCAITON package. I used it to encrypt
passwords for a system management app and it works well. The
only problem is that you need an encryption key for the
programs to use. If anybody knows how to read the ALL_SOURCE
view they will be able to find your key and decrypt the
Title: storing credit card numbers in a database
We
have been looking at a similar requirement..so far it seems if you want to use
oracle's encryption (DBMS_OBFUSCATION_TOOLKIT) tool kit encryption has to
be done in code and passed to the database and vice versa.
There
is a product called
Title: RE: storing credit card numbers in a database
Jeff,
I'd split the key in n pieces and then merge them to create the final key or store the ASCII representation of the key and store it in pieces ... in the wrapped code, it will be tough to put it together. Also put this in a package
]Sent: Friday,
February 21, 2003 3:25 PMTo: Multiple recipients of list
ORACLE-LSubject: RE: storing credit card numbers in a
database
We
have been looking at a similar requirement..so far it seems if you want to use
oracle's encryption (DBMS_OBFUSCATION_TOOLKIT) tool kit encryption
to the database.
-Original Message-From: Richard Ji
[mailto:[EMAIL PROTECTED]Sent: Friday, February 21, 2003
12:40 PMTo: Multiple recipients of list ORACLE-LSubject:
RE: storing credit card numbers in a database
Besides the DBMS_OBFUSCATION_TOOLKIT,
Application Security Inc also has
Even a half-arsed encryption (e.g. 255-ascii(each_char) for 1-byte
languages) in your code can make the wrapped procedure extremely difficult
to crack. Keep in mind that the assignment of the hashed value shouldn't be
in the DECLARE section, because it's location in the wrapped procedure will
:
Subject:RE: storing credit card numbers in a database
Even a half-arsed encryption (e.g. 255-ascii(each_char) for 1-byte
languages) in your code can make the wrapped procedure extremely difficult
to crack. Keep in mind that the assignment of the hashed value shouldn't
DBMS_OBFUSCATION
Dick Goulet
Chris Stephens [EMAIL PROTECTED] wrote on 2/21/03 11:05 am:
I've been asked to find out a way to encrypt credit card numbers and store that
encrypted string in the database. ...any oracle functions or functionality to
do this? or would we have to encrypt the
10 matches
Mail list logo