| Subject | Re: [Firebird-Architect] Re: database encryption |
|---|---|
| Author | Dmitry Yemanov |
| Post date | 2010-11-06T12:34:36Z |
06.11.2010 15:19, Dimitry Sibiryakov wrote:
protecting temporary data. If we start seriously care about the latter,
then we may end with protecting page buffers from being swapped to disk,
etc.
Also there's a performance issue. Temporary files are being cached by
the operating system and you have no idea whether they will ever go to
disk or not. But you'll have to encrypt them anyway, just in case.
Spending extra CPU cycles every time I/O call happens is bad, but
spending CPU cycles without I/O is much worse.
That said, I'm not against encrypting temporary data in general, I'm
just outlining the weak points in the idea.
Dmitry
> Do you consider these points to be good?I just think that protecting persistent data is more important than
protecting temporary data. If we start seriously care about the latter,
then we may end with protecting page buffers from being swapped to disk,
etc.
Also there's a performance issue. Temporary files are being cached by
the operating system and you have no idea whether they will ever go to
disk or not. But you'll have to encrypt them anyway, just in case.
Spending extra CPU cycles every time I/O call happens is bad, but
spending CPU cycles without I/O is much worse.
That said, I'm not against encrypting temporary data in general, I'm
just outlining the weak points in the idea.
Dmitry