| Subject | Re: [Firebird-Architect] Encryption |
|---|---|
| Author | Geoff Worboys |
| Post date | 2004-10-12T21:36:14Z |
> To follow-up on the discussion we had on encryption a while...
> ago, it seems to me that there are two different situations,
> which need to be handled differently: FireBird embedded, and
> FireBird server:
> 1) Embedded engine
The arguments against this are much the same as those I
presented for encryption of SP source.
Having a developer embed encryption keys in the executable or
configuration files is (at best) security by obscurity, not
real security at all.
If a user wants the database encrypted there are various
mountable file systems (for Linux and Windows) that allow you
to create encrypted storage. These give a user good
functionality and these are solutions that the user can use
for things other than Firebird making them much more useful
than providing encryption in Firebird itself.
> 2) Full server configurationI agree that file encryption is even less useful in full server
> In the case of a full server configuration, things are
> different. For starters, I think encrypting the DB file
> would be less useful in such cases. And besides, passing the
> key in the DB connect params over the network, entirely
> defeats the security. So in such cases, what I think would
> be more useful, would be an SSL-style encryption of all
> communication over the wire.
configs, but also suggest that if it is needed then an external
solution is preferable.
The same for over the wire comms. There are several external
solutions available that do this better than what we can hope
to offer in Firebird, solutions that again let the user make
use of the capability for other purposes as well.
Secure encryption and comms are big issues. It will be quite
hard enough for Firebird to do authentication securely. Let
the specialists provide and maintain more complete solutions,
and keep Firebird developers working on database solutions.
It is quite rare for security to involve just the database, if
encryption is necessary there are often other factors to be
considered. External solutions allow a single solution be used
to solve the other factors as well.
The request for file or comms encryption seems to turn up quite
often. Perhaps what we could do is identify some existing
products that provide these features, test Firebird configs
over such solutions and then provide appropriate links from the
Firebird website. IMO this would be a better way to "solve"
this issue - rather than spending the time and resources needed
to develop and maintain such features inside Firebird.
All IMHO of course :-)
--
Geoff Worboys
Telesis Computing