You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm evaluating firebird as a replacement for MS Access/Jet being used to publish genealogical databases on CD/DVD.
The missing feature in firebird which works so well in Jet is simple low level encryption that will discourage the casual user from browsing for keywords in our databases. What we require is more obfustication than encryption. This can be achieved by simple and efficient XORing at the block level down in the drivers. A database password would be the key, perhaps with some salt and a hash. The database user or the program which uses the data would supply the key. I understand that the security here is poor but high security is NOT a requirement.
Changes would be needed to the drivers of course and to the interfaces when creating and opening the database. The encryption would apply to all data in a database. A new metadata element needs to be provided so that a password supplied for opening a database can be confirmed as correct. This could be a hash of the original key.
In the U.S., the meaningful use rules(for the healthcare industry) now dictates that data encryption has to be an option that can be turned on. And, the encryption algorithm that is acceptable is AES.
Submitted by: John Perryn (johnperryn)
Is related to CORE657
Votes: 6
I'm evaluating firebird as a replacement for MS Access/Jet being used to publish genealogical databases on CD/DVD.
The missing feature in firebird which works so well in Jet is simple low level encryption that will discourage the casual user from browsing for keywords in our databases. What we require is more obfustication than encryption. This can be achieved by simple and efficient XORing at the block level down in the drivers. A database password would be the key, perhaps with some salt and a hash. The database user or the program which uses the data would supply the key. I understand that the security here is poor but high security is NOT a requirement.
Changes would be needed to the drivers of course and to the interfaces when creating and opening the database. The encryption would apply to all data in a database. A new metadata element needs to be provided so that a password supplied for opening a database can be confirmed as correct. This could be a hash of the original key.
The topic has been previously discussed (CORE657) and is mentioned in passing in the documentation. See http://www.firebirdsql.org/manual/fbmetasecur-low.html
The text was updated successfully, but these errors were encountered: