||Oracle Tips by Burleson
Chapter 6 Oracle Encryption
But what does that achieve? If the user has to
supply the input vector (IV), the value could as well be unsecured.
That's where the design excels. The user never
has to supply his or her IV in the process. It will be set
automatically as a context attribute by the password authentication
process. The function will have a call similar to:
This will set the attribute INPUT_VECTOR in the
context claim_app_ctx to a value some_string_that_can_be_set_here.
Inside the encryption and decryption routines shown earlier in this
chapter, we will make additional calls to check this value by:
sys_context ('claim_app_ctx', 'input_vector')
This will store the value of the attribute, if
set, to the variable V_IV, which could then be converted to raw and
used in the encryption and decryption. The modified decryption
process is shown in Fig 6.2.
The above text is
an excerpt from:
Oracle Privacy Security Auditing
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only
and has an
immediate download of working security scripts: