How to encrypt data?
hi
I have this application thats very much data sensitive. I want that the data should appear in encrypted form for anyone who tries to view it from anywhere outside the application. Please note that the application is already been built. This thing needs to be applied on the db level so that there are no or minimum changes at the application level. It is a web based application with an oracle based back end and .net based front end.
Regards,
Mehwish
What version of Oracle? Depending on your version Oracle provides either one or two packages that provide data encryption/decryption routines. Generally speaking some changes will be necessary if this was not built-in as part of the application. You generally front the real tables with views that perform the decryption. Encryption may use views and instead of triggers or functions/procedures/packages to perform the inserts and updates.
See DBMS_OBFUSCATION_TOOLKIT ver 8 up
and DBMS_CRYPTO with 10g for better encryption
HTH -- Mark D Powell --
Similar Messages
-
How to encrypt data with PublicKey???
Hi, I need to know how I can encrypt data (in byte[ ]) with a PublicKey instance.... I'm using BouncyCastle....
THANKS...
Andreshttp://javaalmanac.com/egs/javax.crypto/pkg.html#Encrypting%20and%20Decrypting
-
HT201250 How to encrypt data on time machine?
I have already backed up my mac using time machine. How do I go back and uncheck the option encrypt data, so I can see the flies on windows computer too?
Zac. wrote:
What I have found is that the TM backup database is only accessible to the machine that created it. The individual accounts in the TM backup, assuming you have more than one account backed up, is only accessible to that individual account. While it is not Filevault level security, unless your home folder is filevault protected, you should be okay.
HTH
zac
When I disconnect the external drive with the Time Machine backup from my MacBook and connect it to my iMac at work, I can browse the TM folder and access just about any file for any user account that is backed up. Am I really the only one where the backup is not protected? -
** How to encrypt data when saving it in DB directly?
Hi All,
I want a method to encrypt data in the database when saving it directly
that is when any one enabled to see the data he will see it encrypted!Hi..
What is the oracle database version???
As you want the users to see the encypted data, the best option is use DBMS_CRYPTO to encrypt the data.
[http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_crypto.htm]
[http://www.oracle-base.com/articles/10g/DatabaseSecurityEnhancements10g.php]
HTH
Anand
Edited by: Anand... on Oct 19, 2009 2:11 PM -
How to encrypt data using DES in ABAP?
Hi Experts,
I need to do encryption/decryption between ABAP and JAVA.
Is there any function in ABAP world can do the DES or any other well known symmetrical encryption?
Thank you so much!
Best Regards,
Guo Guo QingA lot of SAP installations use Gnu-PGP for encryption.
When you have installed GPG software on your server and created the appropriate keys, you create an external command in SAP via SM69 to execute the GPG encryption command.
Finally, create a function module that builds the encryption command line as appropriate, then calls the external command defined in SM69.
GPG is free software licensed under the GNU General Public License umbrella, so won't cost you anything. See URL [http://www.gnupg.org] for full information and software download.
Regards,
D. -
How to encrypt data using GnuPg
Hello
I am unable do encryption using GPG public key encryption.
Can anyone help me in this.
THanks & RegardsA lot of SAP installations use Gnu-PGP for encryption.
When you have installed GPG software on your server and created the appropriate keys, you create an external command in SAP via SM69 to execute the GPG encryption command.
Finally, create a function module that builds the encryption command line as appropriate, then calls the external command defined in SM69.
GPG is free software licensed under the GNU General Public License umbrella, so won't cost you anything. See URL [http://www.gnupg.org] for full information and software download.
Regards,
D. -
How to handle HTTP-POST encrypted data for ECC Using proxy or RFC
I have a scenario HTTP-POST ->PI->ECC.sender is HTTP Post send encrypted data i need to handle the data and stored in to SAP ECC with out decrypt using PI .what should i take for receiver can i use inbound proxy or RFC and how can handle the encrypted data for decrypt.
Regards
Ravi1. my sender is HTTP POST . what should i configure in sender communication channel in SAP PI .like SOAP or HTTP .What are the parameters i need to pass .
>>>
If you are on PI 7.3 and above, configure the HTTP AAE adapter - Configuring the Java HTTP Adapter on the Sender Channel - Advanced Adapter Engine - SAP Library
2.while using inbound proxy for encrypted data i need store the data in to table , the same proxy can i call another outbound service for decrypt same data.
>>>>
Yes you can always a proxy within a proxy. -
How to insert encrypted data by using blowfish into mysql database
Hi
I have encrypted data using blowfish algorithm . And i tried to insert that encrypted data into mysql. it was stored but i dont know that it stores in the same encrypted formate
When i am trying to get the encrypted data from the mysql database and decrypting that data i am getting errors.
Exception are like
input length should be multiple of 8 bits
or Given block are not properly padded
and when i am displaying the data using system.out.println ();
the string is not similar to the string which is in database.
what is the problem how can i solve my problem
thank youIt sounds like your column is a VARCHAR so you need to Base64 or Hex encode the cipertext bytes before putting them in the database.
-
How to make encrypted data more secure?
Hi All,
We are using Oracle 9i database. We have a task to encrypt some of data before storing into database. We have developed a function to encrypt the data using Dbms_Obfuscation toolkit. But, the user who has access to that function source code can easily decrypt the data. Now we need to have the solution so that we can securely save/store Encryption Key, which can be accessed by Application User only.
One alternative we are thinking is creating a table in SYS user and storing the value there. We can grant SELECT privileges to Application User Only.
We are looking for other alternatives if we have any. Do you have any idea?
Thanks in Advance.
Thanks and Best Regards,
Dharmesh Patel
Database Server:
Oracle9i Enterprise Edition Release 9.2.0.1.0 - 64bit Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.1.0 - Production
******************************************************/I had a look at this conundrum a while back, when we wanted to store credit card details in a database. Basically, there are two choices:
(1) Don't store the key in the database and make the users type it in whenever they want to see encrypted data; or
(2) Store the key in the database and accept the risk that it might be abused by privileged users (i.e. DBAs).
As many users have difficulty remembering their password when it's MOM123 I think it's unlikely they will be able to cope with a properly secure PKI string.
You can mitigate the risks inherent in option 2 by having very strong auditing of the function's execution, but I'm sure knowledgeable, black-hatted DBAs will be able to find workarounds.
But, if you can't trust your DBAs you're probably stuffed anyway.
Cheers, APC -
How to decrypt data when you can't get the private key in Windows?
I'm very confuse. My english is poor, but I try to say my question clearly.
When browser connects to a https website which needs client certificate to authenticate the identity, the browser will send client certificate to web server.
Then the web server will use the certificate to encrypt some data and send it to browser.
Then broswer should have private key to decrypt that.
But as I know, if I install a pfx format personal certificate, I can set can't export private key, which means you can't get the private key to use it. So how can
the browser decrypt the data without private key?
By the way, what is CSP, use CSP's interface can we use CryptoAPI
to decrypt data without private key?Answer for question is "you cant"..
"How to decrypt data when you can't get the private key in Windows?"
Read more
http://msdn.microsoft.com/en-us/library/windows/desktop/aa387460(v=vs.85).aspx
http://msdn.microsoft.com/en-us/library/windows/desktop/bb427432(v=vs.85).aspx
http://technet.microsoft.com/en-us/library/dd277320.aspx
http://en.wikipedia.org/wiki/Public-key_cryptography -
How to encrypt column of some table with the single method ?
How to encrypt column of some table with the single method ?
How to encrypt column of some table with the single
method ?How to encrypt column of some table with the single
method ?
using dbms_crypto package
Assumption: TE is a user in oracle 10g
we have a table need encrypt a column, this column SYSDBA can not look at, it's credit card number.
tha table is
SQL> desc TE.temp_sales
Name Null? Type
CUST_CREDIT_ID NOT NULL NUMBER
CARD_TYPE VARCHAR2(10)
CARD_NUMBER NUMBER
EXPIRY_DATE DATE
CUST_ID NUMBER
1. grant execute on dbms_crypto to te;
2. Create a table with a encrypted columns
SQL> CREATE TABLE te.customer_credit_info(
2 cust_credit_id number
3 CONSTRAINT pk_te_cust_cred PRIMARY KEY
4 USING INDEX TABLESPACE indx
5 enable validate,
6 card_type varchar2(10)
7 constraint te_cust_cred_type_chk check ( upper(card_type) in ('DINERS','AMEX','VISA','MC') ),
8 card_number blob,
9 expiry_date date,
10 cust_id number
11 constraint fk_te_cust_credit_to_cust references te.customer(cust_id) deferrable
12 )
13 storage (initial 50k next 50k pctincrease 0 minextents 1 maxextents 50)
14 tablespace userdata_Lm;
Table created.
SQL> CREATE SEQUENCE te.customers_cred_info_id
2 START WITH 1
3 INCREMENT BY 1
4 NOCACHE
5 NOCYCLE;
Sequence created.
Note: Credit card number is blob data type. It will be encrypted.
3. Loading data encrypt the credit card number
truncate table TE.customer_credit_info;
DECLARE
input_string VARCHAR2(16) := '';
raw_input RAW(128) := UTL_RAW.CAST_TO_RAW(CONVERT(input_string,'AL32UTF8','US7ASCII'));
key_string VARCHAR2(8) := 'AsDf!2#4';
raw_key RAW(128) := UTL_RAW.CAST_TO_RAW(CONVERT(key_string,'AL32UTF8','US7ASCII'));
encrypted_raw RAW(2048);
encrypted_string VARCHAR2(2048);
BEGIN
for cred_record in (select upper(CREDIT_CARD) as CREDIT_CARD,
CREDIT_CARD_EXP_DATE,
to_char(CREDIT_CARD_NUMBER) as CREDIT_CARD_NUMBER,
CUST_ID
from TE.temp_sales) loop
dbms_output.put_line('type:' || cred_record.credit_card || 'exp_date:' || cred_record.CREDIT_CARD_EXP_DATE);
dbms_output.put_line('number:' || cred_record.CREDIT_CARD_NUMBER);
input_string := cred_record.CREDIT_CARD_NUMBER;
raw_input := UTL_RAW.CAST_TO_RAW(CONVERT(input_string,'AL32UTF8','US7ASCII'));
dbms_output.put_line('> Input String: ' || CONVERT(UTL_RAW.CAST_TO_VARCHAR2(raw_input),'US7ASCII','AL32UTF8'));
encrypted_raw := dbms_crypto.Encrypt(
src => raw_input,
typ => DBMS_CRYPTO.DES_CBC_PKCS5,
key => raw_key);
encrypted_string := rawtohex(UTL_RAW.CAST_TO_RAW(encrypted_raw)) ;
dbms_output.put_line('> Encrypted hex value : ' || encrypted_string );
insert into TE.customer_credit_info values
(TE.customers_cred_info_id.nextval,
cred_record.credit_card,
encrypted_raw,
cred_record.CREDIT_CARD_EXP_DATE,
cred_record.CUST_ID);
end loop;
commit;
end;
4. Check credit card number script
DECLARE
input_string VARCHAR2(16) := '';
raw_input RAW(128) := UTL_RAW.CAST_TO_RAW(CONVERT(input_string,'AL32UTF8','US7ASCII'));
key_string VARCHAR2(8) := 'AsDf!2#4';
raw_key RAW(128) := UTL_RAW.CAST_TO_RAW(CONVERT(key_string,'AL32UTF8','US7ASCII'));
encrypted_raw RAW(2048);
encrypted_string VARCHAR2(2048);
decrypted_raw RAW(2048);
decrypted_string VARCHAR2(2048);
cursor cursor_cust_cred is select CUST_CREDIT_ID, CARD_TYPE, CARD_NUMBER, EXPIRY_DATE, CUST_ID
from TE.customer_credit_info order by CUST_CREDIT_ID;
v_id customer_credit_info.CUST_CREDIT_ID%type;
v_type customer_credit_info.CARD_TYPE%type;
v_EXPIRY_DATE customer_credit_info.EXPIRY_DATE%type;
v_CUST_ID customer_credit_info.CUST_ID%type;
BEGIN
dbms_output.put_line('ID Type Number Expiry_date cust_id');
dbms_output.put_line('-----------------------------------------------------');
open cursor_cust_cred;
loop
fetch cursor_cust_cred into v_id, v_type, encrypted_raw, v_expiry_date, v_cust_id;
exit when cursor_cust_cred%notfound;
decrypted_raw := dbms_crypto.Decrypt(
src => encrypted_raw,
typ => DBMS_CRYPTO.DES_CBC_PKCS5,
key => raw_key);
decrypted_string := CONVERT(UTL_RAW.CAST_TO_VARCHAR2(decrypted_raw),'US7ASCII','AL32UTF8');
dbms_output.put_line(V_ID ||' ' ||
V_TYPE ||' ' ||
decrypted_string || ' ' ||
v_EXPIRY_DATE || ' ' ||
v_CUST_ID);
end loop;
close cursor_cust_cred;
commit;
end;
/ -
Insert an encrypt data in a Table
Hi all,
i have encrypted a data with HmacMD5, all its fine. but when i've tried to insert encrypt data in my table, hash code may return symbols like �?��Z��x��. then when i do a select data has been corrupted. how can i encrypted in stardand symbols( like mysql passwords). here is my code:
KeyGenerator kg = KeyGenerator.getInstance("HmacMD5");
SecretKey sk = kg.generateKey();
// Get instance of Mac object implementing HMAC-MD5, and
// initialize it with the above secret key
Mac mac = Mac.getInstance("HmacMD5");
mac.init(sk);
byte[] result = mac.doFinal(dirMAC.getBytes());
String macenc=new String(result);
String x = "jdbc:mysql://localhost/"+
"mydatabase?user="+user+"&password="+
pass;
Class.forName("com.mysql.jdbc.Driver").newInstance();
conn = DriverManager.getConnection(x);
conn.createStatement().executeUpdate("insert into user " +
"(User,Password) values('system','"+myPass+"')");
java.sql.ResultSet rs=conn.createStatement().executeQuery("select password "+
"from " +"user where user ='system' ");
rs.next();
if((rs.getString(1).equals(macenc))) {
System.out.println(rs.getString(1)+" YES "+macenc);
} else {
System.out.println(rs.getString(1)+" NO "+macenc);
}Output NO. and sometimes when hash has (') character Query not found.
thanks.Thie is most probably the offending line
String macenc=new String(result);
It is never a good idea to try to convert arbitrary bytes into a String using this approach. Not all byte sequences have valid char representation. If you must have a String representation use Base64 or Hex encoding of your Hmac. Google for Jakarta Commons Codec to get a library to assist you with this. -
Export and Import encrypted data
Hi,
I have a database table with encryped data (encrypted using DBMS_OBFUSCATION_TOOLKIT.DES3Encrypt). I am having an issue when I export this table and import it into a new schema. The encrypted data seems to have changed after import. I am unable to decrypt it from the new schema.
Below is the character set details from export/import.
"Export done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set. Server uses WE8ISO8859P1 character set (possible charset conversion)."
"Import done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set."
Has anybody had this issue before? Does it have anything to do with the character set? If so, how do I fix it?
Thank you!Hello,
since this question is about using the export utility, you might better ask this in {forum:id=61} or {forum:id=732}.
Regards
Marcus -
How to encrypt sqllite Database
Hello,
Can anyone please guide me how to encrypt sqlite database in flex?
Thanks.You can try this example: http://www.adobe.com/devnet/air/flex/quickstart/articles/encrypted_database.html
I'm not sure if it also encrypts the actual data, though. -
Hi
I am developing a number of applications using J2ME. They run on mobile phones and need to be able to send data to a server. I need to encrypt this data as it contains personal information about the user. I cant use HTTPS because some of the applications use MIDP 1.0 and only support HTTP.
So I want to encrypt the data myself and I was wondering if you could help me with my approach and answer some questions...
I think the best way is to use RSA public/private keys in combination with a symmetric encrypting algorithm. So the mobile will have the public key part and the server will have the private key. The data will be encrypted using a symmetric algorithm. The key used in the encryption will then be encrypted using the public key. Both the encrypted key and the encrypted data will then be sent to the server. The server uses its private key to decrypt the key and then use the key to decrypt the data.
How does that sound? I will be using Bouncy Castle crypto. What is the best way to generate a public/private key pair? I then need to somehow include the public key with the application. Should I randomly generate the symmetric key myself?
Also what algorithm would you suggest for encrypting the data. Remember that it is on a resource constrained mobile device.
If you have any other comments I would like to hear them. Thanks for your time.Thanks for the pointer. The thing is we changed our minds. We discovered strong encryption was not needed since our scheme is like the DVD encryption. The data is unencrypted by the application used by the person that does not have to know the data.
We went with Rot13. jeje
Thanks anyway.
Maybe you are looking for
-
How to delete all favorites in here maps at once?
How can i delete all favorites in here maps at once? On my Nokia lumnia 920 maps is not working due long synchronisation time. Arnold Solved! Go to Solution.
-
Mac OS X Lion displays grey (No background) login screen before Apple boot screen
Macbook Pro 13" (2011) Upon startup, displays a grey screen, then after a few seconds, the logon screen, I would logon, then it would show the Apple White boot screen, then it would ask me to log on again (sometimes) Anyone else have this problem? an
-
Extracting "File Properties" metadata
After processing scanned images in Photoshop CS3, I am uploading them to a DAM solution that has the capability to extract embedded metadata using custom defined keys. I would like to know the syntax/structure of embedded metadata labels that display
-
SoftReference and WeakReference clearing
According to the javadoc of SoftReference: http://java.sun.com/javase/6/docs/api/java/lang/ref/SoftReference.html: Suppose that the garbage collector determines at a certain point in time that an object is softly reachable. At that time it may choose
-
How to Locate Drop Down Menu for Adding Password to Website
When I add my password information to a new website after site accepts the same, all is well. However, on frequent occasions I have wanted to change the password manually, or, perhaps there was some delay or flub and the finished password does not ge