Subject Re: [ib-support] Re: crypted data
Author Ann W. Harrison
At 09:58 AM 2/3/2003 +0000, duilio_fos <irel_llc@...> wrote:

>If the same low level Read/Write functions are used along the whole
>program (both for table data and keys), the effort should be minimal.

Well, yes and no. The physical I/O, except for sort files reading
the configuration file and a few other odds and ends, is done
through routines called PIO_xxx. They're found in modules called
unix.c, win32.c, vms.c, etc., one for each I/O style.

You could certainly intercept those operations so the data would
be encrypted as it went to disk and decrypted as it came back.
But that doesn't solve anything if your system manager can use
the server, since the data will be presented to him decrypted.
Alternately, you could encrypt data at the client side, though
that makes indexing and things like that work badly.


We have answers.