Subject Re: [firebird-support] Re: Embedded Firebird Security - Basic Questions
Author Noprianto
Hi Adam,

> Hmm, that is a very hard requirement to meet. You
> want it impossible
> for a malicious person to gain access to your data
> yet you have
> eliminated the possibility of protecting the private
> key on the file
> system. You have also put restrictions on the data
> access that says
> that the client application (report engine in this
> case) must have the
> ability to run arbitrary queries and not have to
> decrypt it.
Yes. But I am trying to 'compromise' and see how i can
make it more simple requirement :)

> If the user knows the key, then why is any security
> required? After
> all, if they are malicious, they can use the key
> that they know to
> unlock it when they need to access or manipulate
> data.
I see i see :) So, if i implement this kind of
security, then i must not let the users know the key.
Thanks :)

> Stupid is too strong a word, it is a common mistake
> when coming from
> a desktop database to think that tables must be
> shared. Think of the
> server as an agent. The client application is not
> allowed to read from
> the file, nor is it allowed to write to the file,
> only the agent can
> do that. All the client application can do is to ask
> the agent to do
> something (via a SQL query). So the agent needs
> complete access to the
> file, but the client application only needs access
> to the agent. You
> can take this even further my developing a data
> abstraction layer, a
> service that is allowed to connect to the agent and
> your client
> application must then go through that data
> abstraction layer. (Like
> having a client talking to an agent which talks to
> another agent which
> finally reads or writes to the file.

I totally agree. But, in very simple application,
using server based database would make it so
complicated, particularly when some troubles raised.
Let say, if firebird server is halted, but users dont
know, then he/she has to start it up again. But, not
all users are having this skill.

> Access doesn't have this problem?
> Google for data recovery from MS Access if you think
> it is really
> bullet proof. If you want it to be "as secure" as MS
> Access (but do
> not confuse this with secure), then you should be
> able to emulate it
> using some third party file system level encryption
> utility, of which
> their are many.

Hehehe :) Thanks :) I used to think that MS Access DB
is cool:
- single file (although need MDAC to access)
- has a password protection (although crackable
- can be shared using SMB

May be not all of these 'features' is correct. But,
however, i see people are doing that.

> I also wrote a paper a while back that actually
> started from a similar
> question. It contains attack vectors that you may
> want to also consider.

Thank you very much. I am reading it now. Thank you.


Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around