SDE and DBMS_CRYPTO

starting from ArcGIS version 10.1 while upgrading your ArcSDE Geodatabase in Oracle, one of the pre-requisite required “sde” user privilege is direct execution to the Package DBMS_CRYPTO.

grant execute on SYS.DBMS_CRYPTO to sde;

according to esri documentation: http://resources.arcgis.com/en/help/main/10.1/index.html#//002n0000002v000000

This granting has a relation to st_geometry configuration:

1. Allows the creation of a map member function for the ST_Geometry type, which is called whenever a spatial union or intersection is performed.

2. Upgrade a map member function for the ST_Geometry type, which is called whenever a spatial union or intersection is performed.

the question is: has this privilege has any relation with data encryption ?

Most Probably ‘YES ‘ : according to Oracle Documentation “DBMS_CRYPTO provides an interface to encrypt and decrypt stored data, and can be used in conjunction with PL/SQL programs running network communications. It provides support for several industry-standard encryption and hashing algorithms, including the Advanced Encryption Standard (AES) encryption algorithm.”

So, if you enable data encryption at rest on your database management system, then sde will be able to decrypt data for your geodatabase system.

Oracle Reference Link:http://docs.oracle.com/cd/B19306_01/appdev.102/b14258/d_crypto.htm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s