Encryption means that the data is scrambled when you look at it but it can be "unscrambled". There are two points of scrambling:

  • During transmission across the network (especially the Internet)
  • Within the data itself, when it is "at rest"

Encrypted Transmission#

We can encrypt the data transmission using the HTTP Secure Socket Layer (HTTPS) protocol from the application server to the client. Follow the directions in Configuring SSL for your application server. In addition, as part of the Oracle Advanced Security Option, Network Encryption is also available with the Enterprise Edition of the application server software.

Encrypting Data at Rest#

Encrypting sensitive data in the database when it is not being used (known as data at rest) prevents it from being viewed or otherwise used by an unauthorized user who has gained access to the database files. Having the data encrypted does bring a performance consideration. The more data that the system has to encrypt and decrypt en route to/from the database, the more of an impact it will have on your performance.

Data is encrypted using a key and when examined without the key, is scrambled. The key is required to decrypt it to make it readable. The key is stored outside the database so that if the database files are compromised, the data is still encrypted. The key becomes part of the backup strategy, but (for a best practice of security) must be backed up on a separate medium than the data base.

Oracle offers a mechanism known as Transparent Data Encryption (TDE) as part of the Advanced Security Option in the Enterprise Edition of the database server software. TDE allows you to encrypt any number of fields without modification of the application. It is not recommended that columns on transaction-oriented mass updatable tables be encrypted. Columns that are part of an index (like PERSON_CODE) cannot be encrypted.

The application also supports encryption of select often-secured fields. The columns that are available for encryption are: BIRTH_DATE, GOVERNMENT_CODE, DRIVERS_LICENSE, and BANK_ACCOUNT, in all the places within the system that they reside.

Encryptable Columns#

When a column is encrypted, that actual column will then be blanked out to NULL, and the encrypted value is stored on a RAW type of field on the same record. This ensures that the data cannot be read in clear text. The columns that may be encrypted (you control this with the IMCE screen) are:

Table Column Encrypted Column
P2K_HR_CONTACTS BIRTH_DATE RAW_BIRTH_DATE
P2K_HR_CONTACTS GOVERNMENT_CODE RAW_GOVERNMENT_CODE
P2K_HR_IDENTITIES BIRTH_DATE RAW_BIRTH_DATE
P2K_HR_IDENTITIES DRIVERS_LICENSE RAW_DRIVERS_LICENSE
P2K_HR_IDENTITIES GOVERNMENT_CODE RAW_GOVERNMENT_CODE
P2K_PR_DEPOSITS BANK_ACCOUNT RAW_BANK_ACCOUNT
P2K_PR_PAYMENT_RULE_DETAILSBANK_ACCOUNT RAW_BANK_ACCOUNT
P2K_RE_CANDIDATES BIRTH_DATE RAW_BIRTH_DATE
P2K_RE_CANDIDATES DRIVERS_LICENSE RAW_DRIVERS_LICENSE
P2K_RE_CANDIDATES GOVERNMENT_CODE RAW_GOVERNMENT_CODE

The views provided with the application handle the decryption of data, so if you are creating reports using external tools with these views, there is nothing more to be done. If you are accessing the fields above directly, then you will need to modify your reports to handle the decryption of the data. A database function, P2K_PMSEC.CHECKANDDECRYPT is provided to help your external reports with the decryption of the data.

Oracle Reports limitation#

Note that any Oracle Report that reports on or utilizes a field that has been encrypted will now show that field to be blank.

Notes#

Click to create a new notes page