Hi Charlie: Thanks for the quick response! I think I can use the encrypt=true flag when database is created. This will prevent user from opening the database files in OS and dumping them to see data. Somehow I need to protect the data structures (tables/relationships etc) in the database.
Charlie Kelly wrote: > > Hi Tushar, > > You are describing a difficult task. > > One approach is to encrypt data before they are stored in a database. > In this case, you need a secure method creating and distributing keys. > > See http://www.bouncycastle.org/ for encryption libraries that are > written in Java. > > HTH > > Charlie > > > Tushar Kale wrote: >> The use case is as follows. >> >> The application uses embedded derby. The information in the database >> needs >> to be secured. Users should not be able to list tables and table columns >> or >> get the data using select statements. >> >> My original thought was to implement the application logic as stored >> procedures, create a user in the database and give this user (who is not >> a >> database owner) the execute permission on stored procedures. Java >> application will use the CALL statements only and not select statements. >> I >> need to use connection authorization and SQL authorization both. >> >> In the JAva program, user name and password will be used to connect to >> the >> database. My problem is, if I start the database with user name and >> password, this user cannot shutdown the database as he is not the >> database >> owner. I don't want to use the database owner name and password in the >> Java >> program as user can decompile the Java program and get the database owner >> name and password. >> >> In short, here is what I am trying to achieve: >> >> Create and encrypt database with database owner name and password. >> Create user in the database with user name and password >> Grant Execute permission to user on stored procedures >> In the Java program, use user name and password to start the database >> Use Call statements to execute business logic >> Shutdown the database when done. >> >> I am not sure how to proceed. Any guidance in implementing will be >> appreciated. >> >> > > > -- View this message in context: http://old.nabble.com/Need-help-in-designing-secure-database-application-tp27572103p27572272.html Sent from the Apache Derby Users mailing list archive at Nabble.com.
