Is it possible to configure the Oracle database so that all of the following statements are true:
a) some columns, possibly all columns are encrypted, so direct access to the database file will not allow the attacker to retrieve any records
b) encrypted columns are transparently decrypted for the authorized user, where the authorization takes place, for example. having a specific role or privilege
c) an administrator who has the privileges available to perform the “usual” administrator tasks (setting up, creating / deleting schema objects, restarting the database, selecting from the data dictionary) can select tables, but will see only encrypted data in encrypted columns.
If possible, how can I do it. If this is not possible, what parameters do I need to at least “close” these requirements?
a) + b) seems possible with Oracle Transparent Data Encryption, but I'm not sure about c)
source
share