Forum > Database
Encrypt and decrypt firebird (or other) databases
Groffy:
--- Quote from: Mike.Cornflake on April 10, 2016, 02:20:56 pm ---This answer implies that the database is already encrypted.
--- End quote ---
Accessing secured databases by a user/password combination means that the contents is encrypted?? Sorry, I don't get it. Maybe I didn't understand your reply correctly...(?)
You are right, there might be a reason for encrypting data inside the database for the case that somebody has physical access to the database file itsself and trying to analyse the file contents directly.
Mike.Cornflake:
--- Quote from: Groffy on April 10, 2016, 02:34:02 pm ---
--- Quote from: Mike.Cornflake on April 10, 2016, 02:20:56 pm ---This answer implies that the database is already encrypted.
--- End quote ---
Accessing secured databases by a user/password combination means that the contents is encrypted?? Sorry, I don't get it. Maybe I didn't understand your reply correctly...(?)
--- End quote ---
Apologies, I missed a step in my logic. I said "implies", not "means". To my way of thinking, your reply that a password is sufficient implied that direct file access to the database files wouldn't reveal anything.
Groffy:
@mike
just read my posting to the op. I used the term "direct access" to the database. That was my mistake and a bit unclear. I meant the access by a database client on the same computer and not reading the physical database binary dump. Well - anyway - the question was how can he do encrypton/decryption and not why and whether it makes sense.
teochris:
--- Quote from: Groffy on April 10, 2016, 01:57:42 pm ---@teochris:
just to be sure what you have in mind : You are looking for a way to encrypt the data inside the database to avoid that somebody can read the data when accessing the database directly? Or do you want to encrypt the data communication between the client application and the database server? Well both is currently unfortunately not implemented for the Firebird 2.5.x server, but the upcoming version 3.0 (which is already in RC2 state) will offer a plugin interface for encrypting the data communication between server and client which in my eyes is the more important case, because why encrypting data inside the database when using passwords for accessing the database?
In general, off cource your client application can encrypt/decrypt the data while writing/reading the data to/from any database.
Best regards
--- End quote ---
My app uses the database data to offer the app user some statistics - the database is updated regularly so I do not want the users to be able to update themselfs the database. Do i have to encrypt the database data or the data communication between the app and the database. I am afraid I have no idea yet what do I have to do exactly so I can protect my database from being updated by the app users :'(
vfclists:
You can encrypt the data via OnSetText and OnGetText routines, but you can only query the data in your application if that is good enough for you. This means that querying is only possible after the fields have been unencrypted via the OnSetText and GetText routines.
Navigation
[0] Message Index
[#] Next page
[*] Previous page