Encryption

Issues and Discussions related to Harbour

Moderator: Rathinagiri

Post Reply
User avatar
esgici
Posts: 4324
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Has thanked: 209 times
Been thanked: 76 times
Contact:

Encryption

Post by esgici » Thu Sep 13, 2012 9:50 pm

Hi All

Followers surely knows, for a last days a hot discussion in Harbour Users Group is encryption.
The Book wrote:Database security denotes the system, process, and procedures that protect a database from unindented activity.

Enforcing security is one of the major tasks of the database administrator. DMBSs usually enforce security through

- access control,
- auditing, and
- encryption.
As a database programmer, which encryption schema / function you are using ;)
Viva INTERNATIONAL HMG :D

User avatar
Rathinagiri
Posts: 5148
Joined: Tue Jul 29, 2008 6:30 pm
DBs Used: MariaDB, SQLite, SQLCipher and MySQL
Location: Sivakasi, India
Has thanked: 124 times
Been thanked: 126 times
Contact:

Post by Rathinagiri » Fri Sep 14, 2012 1:45 am

Hi Esgici,

I use SQLCipher for AES encrypted database.

I use MySQL for larger systems, where in database as such is not encrypted, but entry is restricted to the server except via encrypted password.
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.

User avatar
esgici
Posts: 4324
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Has thanked: 209 times
Been thanked: 76 times
Contact:

Post by esgici » Fri Sep 14, 2012 12:34 pm

rathinagiri wrote:I use SQLCipher for AES encrypted database.
SQLCipher is for SQLite ( only ? ), right ?

Is this means you are using SQLite for non-large systems ?

If so, this include local and remote networks ?
rathinagiri wrote:I use MySQL for larger systems, where in database as such is not encrypted, but entry is restricted to the server except via encrypted password.
In your opinion encrypted password is sufficient for all security needs ?

Sorry for too many questions, I have decide for a DBMS for future use and I don't know almost anything about DBMSs other than native DBF-NTX/CDX systems :(

TIA
Viva INTERNATIONAL HMG :D

User avatar
esgici
Posts: 4324
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Has thanked: 209 times
Been thanked: 76 times
Contact:

Post by esgici » Fri Sep 14, 2012 12:39 pm

Hi All

Found some modules in Harbour :

Code: Select all

RDDADS:

	ADSDECRYPTRECORD
	ADSDECRYPTTABLE
	ADSDISABLEENCRYPTION
	ADSENABLEENCRYPTION	
	ADSENCRYPTRECORD
	ADSENCRYPTTABLE
	ADSISENCRYPTIONENABLED
	ADSISRECORDENCRYPTED
	ADSISTABLEENCRYPTED
	
HBCT:

	CRYPT
	
HARBOUR:

	hb_blowfishDecrypt	
	hb_blowfishEncrypt
	hb_MD5Encrypt( <cText>, <cPasswd> ) -> <cCipher>          // Newly added ( 2012.09.13 )	
	hb_MD5Decrypt( <cCipher>, <cPasswd> ] ) -> <cText>	     // Newly added ( 2012.09.13 )	
	
XHB:

	HB_CRYPT
	HB_DECRYPT
	
HSCDX:

	sx_DbfDecrypt	
	sx_DbfEncrypt
	sx_Decrypt	
	sx_Encrypt
Any addition ?
Viva INTERNATIONAL HMG :D

User avatar
esgici
Posts: 4324
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Has thanked: 209 times
Been thanked: 76 times
Contact:

Post by esgici » Fri Sep 14, 2012 2:10 pm

Hi all

A little joke on security etc :)
XP_firewall.jpg
A little joke on security
XP_firewall.jpg (95.68 KiB) Viewed 2625 times
Viva INTERNATIONAL HMG :D

User avatar
Rathinagiri
Posts: 5148
Joined: Tue Jul 29, 2008 6:30 pm
DBs Used: MariaDB, SQLite, SQLCipher and MySQL
Location: Sivakasi, India
Has thanked: 124 times
Been thanked: 126 times
Contact:

Post by Rathinagiri » Fri Sep 14, 2012 4:11 pm

esgici wrote:
rathinagiri wrote:I use SQLCipher for AES encrypted database.
SQLCipher is for SQLite ( only ? ), right ?

Is this means you are using SQLite for non-large systems ?

If so, this include local and remote networks ?
rathinagiri wrote:I use MySQL for larger systems, where in database as such is not encrypted, but entry is restricted to the server except via encrypted password.
In your opinion encrypted password is sufficient for all security needs ?

Sorry for too many questions, I have decide for a DBMS for future use and I don't know almost anything about DBMSs other than native DBF-NTX/CDX systems :(

TIA
Yes. SQLCipher is for SQLite only.

I am using SQLCipher for both large and non-large single user systems. SQLite is ok for local networks but not good for simultaneous operations.

Regarding MySQL, yes, encrypted password is sufficient. The username and password for the SQL connection are kept secret. However, if a person can access to the server admin/root level, he can see and manipulate the whole data.

(For example, even though you have the access to our forum's database, since you don't know about the username and password of the SQL connection which the php configuration script knows, you can't access the database beyond your limit.)
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.

User avatar
Rathinagiri
Posts: 5148
Joined: Tue Jul 29, 2008 6:30 pm
DBs Used: MariaDB, SQLite, SQLCipher and MySQL
Location: Sivakasi, India
Has thanked: 124 times
Been thanked: 126 times
Contact:

Post by Rathinagiri » Fri Sep 14, 2012 4:12 pm

Sorry for too many questions, I have decide for a DBMS for future use and I don't know almost anything about DBMSs other than native DBF-NTX/CDX systems
Dear Esgici,

Nothing to worry. I too was in a position just like you two years back. I slowly switched to SQLite and/or MySQL and now I feel comfortable. I didn't know anything about SQL commands. But as time went by I could manage the show and have converted all the software into SQL based. Even for a person like me who needs a long learning period if it is possible, then for a person like you can learn in a very short span.

Actually I am using MariaDB (MySQL distribution from the original developer).
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.

User avatar
esgici
Posts: 4324
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Has thanked: 209 times
Been thanked: 76 times
Contact:

Post by esgici » Fri Sep 14, 2012 4:17 pm

Hi Rathi
rathinagiri wrote: if a person can access to the server admin/root level, he can see and manipulate the whole data.
Is this an acceptable situation ?

Best regards
Viva INTERNATIONAL HMG :D

User avatar
Rathinagiri
Posts: 5148
Joined: Tue Jul 29, 2008 6:30 pm
DBs Used: MariaDB, SQLite, SQLCipher and MySQL
Location: Sivakasi, India
Has thanked: 124 times
Been thanked: 126 times
Contact:

Post by Rathinagiri » Fri Sep 14, 2012 4:20 pm

For mission critical environments, NO if the server is not secured properly and Yes if the server is secured properly.
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.

User avatar
esgici
Posts: 4324
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Has thanked: 209 times
Been thanked: 76 times
Contact:

Post by esgici » Fri Sep 14, 2012 4:22 pm

Thanks a lot Rathi :)

I'm going to download MariaDB now :D

TIA
Viva INTERNATIONAL HMG :D

Post Reply