| Subject | Re: [ib-support] Re: DB Security |
|---|---|
| Author | Paul Vinkenoog |
| Post date | 2003-05-23T12:03:40Z |
Hello Paolo,
somewhere else - and in the process become owner of the restored copy.
There's nothing you can do about this except make sure that noone can
get to the database or the backup.
If this is difficult or if you still feel paranoid about
what-might-happen-if, you can do one or two more things:
- Encrypt the .gbk as soon as it is made, then store it on the cdrom.
Make sure noone can get to your encryption key(s). And make sure YOU
can, or else you have a problem ;-)
- Encrypt any sensitive data that go into the database. Now people
might be able to restore a backup if they can get their hands on it,
but the data will look like gibberish to them.
Of course this means that either the app or the legitimate user(s)
must have the key(s). Storing the key in the app is dangerous,
because if someone retrieves your .gbk *and* your app, he can still
get to the data.
Have the users type a key or password might be annoying to them.
Also, human beings are known to scribble down passwords on pieces
of paper which they then stick to the monitor etc... ;-)
Whatever your strategy, there's always an element of physical and/or
human protection involved.
Greetings,
Paul Vinkenoog
> so there's no other way to preserve db than put on a phisical secureIf someone can retrieve the .gbk, he or she can _always_ restore it
> place?
somewhere else - and in the process become owner of the restored copy.
There's nothing you can do about this except make sure that noone can
get to the database or the backup.
If this is difficult or if you still feel paranoid about
what-might-happen-if, you can do one or two more things:
- Encrypt the .gbk as soon as it is made, then store it on the cdrom.
Make sure noone can get to your encryption key(s). And make sure YOU
can, or else you have a problem ;-)
- Encrypt any sensitive data that go into the database. Now people
might be able to restore a backup if they can get their hands on it,
but the data will look like gibberish to them.
Of course this means that either the app or the legitimate user(s)
must have the key(s). Storing the key in the app is dangerous,
because if someone retrieves your .gbk *and* your app, he can still
get to the data.
Have the users type a key or password might be annoying to them.
Also, human beings are known to scribble down passwords on pieces
of paper which they then stick to the monitor etc... ;-)
Whatever your strategy, there's always an element of physical and/or
human protection involved.
Greetings,
Paul Vinkenoog