I need to do this on both Oracle 8i and SQL2K and was looking for some pointers and suggestions.
I am the database owner of a database called MyDB but not the database
adminisitrator for the oracle/sql2k server. The information that is
contained in MyDB is sensitive needs to be secured from prying eyes.
The only access to the database would be via a set of stored
procedures.
So is it possible to:
- Encrypt the data in the database
- Still write SQL such as SELECT * FROM MyTable WHERE AField = 'blah'
within the stored procedures
- Encrypt the stored procedures
In short I don't want the dba or any other super user to be able to
interact or see the data in the db in any way (tables, stored procs
etc) and only want external users to access the data from a stored
procedure interface. Users would be granted access to the stored
procedure interface via a specified user name and password. The only
things they would be able to see would be the stored procedures and
execute them, but not the content of the stored procedures. If this is
achievable then are there any other additional considerations should
this database participate in replication?
TIA
----------------------------------------------------------------------
Donovan J. Edye [www.edye.wattle.id.au]
Namadgi Systems [www.namsys.com.au]
Voice: +61 2 6285-3460
Fax: +61 2 6285-3459
TVisualBasic = Class(None);
Heard just before the 'Big Bang': "...Uh Oh...."
----------------------------------------------------------------------
GXExplorer [http://www.gxexplorer.org] Freeware Windows Explorer
replacement. Also includes freeware delphi windows explorer components.
----------------------------------------------------------------------
