Page 1 of 1

Encryption

Posted: Thu Sep 13, 2012 9:50 pm
by esgici
Hi All

Followers surely knows, for a last days a hot discussion in Harbour Users Group is encryption.
The Book wrote:Database security denotes the system, process, and procedures that protect a database from unindented activity.

Enforcing security is one of the major tasks of the database administrator. DMBSs usually enforce security through

- access control,
- auditing, and
- encryption.
As a database programmer, which encryption schema / function you are using ;)

Re: Encryption

Posted: Fri Sep 14, 2012 1:45 am
by Rathinagiri
Hi Esgici,

I use SQLCipher for AES encrypted database.

I use MySQL for larger systems, where in database as such is not encrypted, but entry is restricted to the server except via encrypted password.

Re: Encryption

Posted: Fri Sep 14, 2012 12:34 pm
by esgici
rathinagiri wrote:I use SQLCipher for AES encrypted database.
SQLCipher is for SQLite ( only ? ), right ?

Is this means you are using SQLite for non-large systems ?

If so, this include local and remote networks ?
rathinagiri wrote:I use MySQL for larger systems, where in database as such is not encrypted, but entry is restricted to the server except via encrypted password.
In your opinion encrypted password is sufficient for all security needs ?

Sorry for too many questions, I have decide for a DBMS for future use and I don't know almost anything about DBMSs other than native DBF-NTX/CDX systems :(

TIA

Re: Encryption

Posted: Fri Sep 14, 2012 12:39 pm
by esgici
Hi All

Found some modules in Harbour :

Code: Select all

RDDADS:

	ADSDECRYPTRECORD
	ADSDECRYPTTABLE
	ADSDISABLEENCRYPTION
	ADSENABLEENCRYPTION	
	ADSENCRYPTRECORD
	ADSENCRYPTTABLE
	ADSISENCRYPTIONENABLED
	ADSISRECORDENCRYPTED
	ADSISTABLEENCRYPTED
	
HBCT:

	CRYPT
	
HARBOUR:

	hb_blowfishDecrypt	
	hb_blowfishEncrypt
	hb_MD5Encrypt( <cText>, <cPasswd> ) -> <cCipher>          // Newly added ( 2012.09.13 )	
	hb_MD5Decrypt( <cCipher>, <cPasswd> ] ) -> <cText>	     // Newly added ( 2012.09.13 )	
	
XHB:

	HB_CRYPT
	HB_DECRYPT
	
HSCDX:

	sx_DbfDecrypt	
	sx_DbfEncrypt
	sx_Decrypt	
	sx_Encrypt
Any addition ?

Re: Encryption

Posted: Fri Sep 14, 2012 2:10 pm
by esgici
Hi all

A little joke on security etc :)
XP_firewall.jpg
A little joke on security
XP_firewall.jpg (95.68 KiB) Viewed 5672 times

Re: Encryption

Posted: Fri Sep 14, 2012 4:11 pm
by Rathinagiri
esgici wrote:
rathinagiri wrote:I use SQLCipher for AES encrypted database.
SQLCipher is for SQLite ( only ? ), right ?

Is this means you are using SQLite for non-large systems ?

If so, this include local and remote networks ?
rathinagiri wrote:I use MySQL for larger systems, where in database as such is not encrypted, but entry is restricted to the server except via encrypted password.
In your opinion encrypted password is sufficient for all security needs ?

Sorry for too many questions, I have decide for a DBMS for future use and I don't know almost anything about DBMSs other than native DBF-NTX/CDX systems :(

TIA
Yes. SQLCipher is for SQLite only.

I am using SQLCipher for both large and non-large single user systems. SQLite is ok for local networks but not good for simultaneous operations.

Regarding MySQL, yes, encrypted password is sufficient. The username and password for the SQL connection are kept secret. However, if a person can access to the server admin/root level, he can see and manipulate the whole data.

(For example, even though you have the access to our forum's database, since you don't know about the username and password of the SQL connection which the php configuration script knows, you can't access the database beyond your limit.)

Re: Encryption

Posted: Fri Sep 14, 2012 4:12 pm
by Rathinagiri
Sorry for too many questions, I have decide for a DBMS for future use and I don't know almost anything about DBMSs other than native DBF-NTX/CDX systems
Dear Esgici,

Nothing to worry. I too was in a position just like you two years back. I slowly switched to SQLite and/or MySQL and now I feel comfortable. I didn't know anything about SQL commands. But as time went by I could manage the show and have converted all the software into SQL based. Even for a person like me who needs a long learning period if it is possible, then for a person like you can learn in a very short span.

Actually I am using MariaDB (MySQL distribution from the original developer).

Re: Encryption

Posted: Fri Sep 14, 2012 4:17 pm
by esgici
Hi Rathi
rathinagiri wrote: if a person can access to the server admin/root level, he can see and manipulate the whole data.
Is this an acceptable situation ?

Best regards

Re: Encryption

Posted: Fri Sep 14, 2012 4:20 pm
by Rathinagiri
For mission critical environments, NO if the server is not secured properly and Yes if the server is secured properly.

Re: Encryption

Posted: Fri Sep 14, 2012 4:22 pm
by esgici
Thanks a lot Rathi :)

I'm going to download MariaDB now :D

TIA