Subject Re: [Firebird-Architect] Re: database encryption
Author Geoff Worboys
Jim Starkey wrote:
> On 11/6/2010 9:08 AM, Dimitry Sibiryakov wrote:
>> 06.11.2010 13:58, Geoff Worboys wrote:
>>> Dimitry Sibiryakov wrote:
>>>> Do you consider these points to be good? From this point
>>>> of view, encryption on client side is an absolute winner
>>>> as it solves all problems at once: network, memory, swap,
>>>> hibernate, sort and storage are protected automatically. You
>>>> just have to find encryption function which comply one rule:
>>>> for every x1< x2, f(x1)< f(x2) must be also true.
>>> I am not aware of any encryption that will satisfy your rule
>>> and still provide good security.

Just to be clear: When I wrote that I was referring to the rule
if x1 < x2 then f(x1) < f(x)
NOT to the general concept of encryption. (In the clear light of
morning I can see where Dimitry may have misunderstood my intent.)

>> In this topic we seemed to agree that "good security" is
>> impossible and some level of obscurity may be enough. [...]

> No, this is not agreed. Good security is indeed possible.
> The question is whether it is sufficiently desirable to implement.

I agree. A good level of security is very possible. It is so
possible that people already have a choice of products and ways
to achieve excellent security. It is the availability of these
ready alternatives that calls the "sufficiently desirable to
implement" into question.

The main argument in favour of needing encryption as part of
Firebird itself, that I have found at all convincing so far, is
Daniel Rail's post wanting to be certified for a US Healthcare
application. I can certainly see where such an app would prefer
not to rely on the acceptance of third-party products as part of
the process (it does complicate such things).

The curious thing is that the need for security in such an app
is so great that I personally would find it difficult to justify
anything less than full system encryption - and that's rather
difficult to do from inside Firebird ;-).

But that curiosity aside, it may be an application like that that
could help to drive/specify the requirements for Firebird. See
what is considered "good enough" for such an application and see
how difficult that is to achieve. Such a app might provide more
definite boundaries to what is acceptable - rather than making
the sorts of guesses and assumptions that we are now.

Daniel, are you still watching?

Geoff Worboys
Telesis Computing