Subject Re: [Firebird-Architect] Re: Does the database 'need' encryption?
Author Sijun Kang
Agree - points valid and well presented. Thank you very much!

On Mon, Nov 8, 2010 at 5:49 PM, ettotev <emilt@...> wrote:

> --- In<>,
> Lester Caine <lester@...> wrote:
> >
> > Just as a little sanity check here ...
> >
> <.......>
> > The situation of data being stored on a laptop or even a desktop machine
> and
> > lost may be a case for encrypting the data, but it has become common
> practice
> > NOT to allow the data to be retained on portable devices? With good
> quality
> > wireless/mobile connections, the relevant data can be displayed on a
> remote
> > machine, but it is simply stored in a secure environment, and all access
> TO the
> > data is logged and restricted as required?
> >
> > So this does beg the question as to the need to spend a lot of time
> reinventing
> > the wheel, when in reality if the data is so sensitive as to need
> encryption,
> > then it is the paths to the data that need to be securely managed, rather
> than
> > simply the data itself?
> >
> It seems every time the "database encryption" question shows up, it gets
> quickly drowned into complicated discussions about what real security is and
> how many different aspects have to be considered.
> Let's not mix different things:
> -- First and simplest, there is an application using embedded and I want to
> password-protect my database so that if anyone gets hold of the file they
> will not be able to read MY data without knowing the password or investing
> time and qualified effort in breaking the encryption.
> -- Another reasonable requirement that is absolutely unrelated: I want to
> create encrypted protected backups of my database. This is valid also for
> full server deployments.
> -- Also completely unrelated: I don't want anyone to be able to see my data
> while in transit on the network - either LAN or the internet. Part of this -
> I want to be sure that I'm connecting to my server and not to someone
> pretending to be.
> -- Another one, also unrelated and much more complicated - I would want to
> be sure that no one is able to get to my data even if they break into my
> server - that's about encrypting temporary storage, protecting from
> in-memory attacks, clearing swap space and many more things that I confess I
> don't understand ;-)
> So please let's try to keep things separated. A page-level encryption API
> is requested and though some believe it is not needed, most agree that it is
> possible and not too complicated. Then when the first encryption plug-ins
> appear, we may start another round of discussions on their merits and flaws.
> The fact that many of you don't have requirements for encrypted database
> files or secure encrypted network protocol does not mean that anyone who
> require these simply do not know what they want.
> Of course, all these problems can be solved using additional tools, but
> then we could also keep our data in text files and not bother with a DBMS...
> And last but not least - most competing products already have these
> features.

[Non-text portions of this message have been removed]