Subject Re: [ib-support] protecting database
Author Andreas Pohl
I would like to inform that solved my own problem how to protect an
Interbase database for "unwanted" copy (even it is physically accessibly).

First I tried e4m ( It is providing an encrypted drive so an
Interbase file is only available if this protected drive is mounted. Very
fast, cheap and a "software only" solution :). But database file is
available/readable if my app is unable to dismount this protected drive :(

My final solution is a software/hardware combination. I'm already using
hardlock devices (, ). There is a protection
system ("Hardlock Bistro") for patching binaries only run if hardlock is
present. I applied this patch to IBserver without any problems. Second step
is to assign file extensions to include with or without encryption. I
decided that *.gdb files should be readable and *.gds files should be
encrypted. Last step was to run a backup from an existing gdb file and
building an gds file via GBAK's restore.

Finally I've got a database running only with patched ibserver version (that
is only running with right hardlock device). A copy of this database is
completely useless on other Interbase systems. But running GBAK will produce
a full accessibly database if it restored with gdb extension.

BTW if protected extension is *.* then this patched IBserver version would
not provide a decrypted database at all!

This a solution what I'm looking for because I've to provide a
briefcase/replication system offline on clients pc and security of data was
"first priority". Maybe these are useful informations to others, for me - at
least - it was:)

Mit freundlichem Gruss & Best Regards

Andreas Pohl

> I've to deploy my app/database to ensure offline searching capabilities.
> do I avoid "unwanted copies" of database. I tought about using protected
> drives ( I would enable it at starting my
> app and disabling it when I should down my app.
> Is there a better way to do it?