To work with encrypted database file we need a tool to encrypt database.
I see 3 possible solutions for it. In all 3 cases some plugin dependent
parameter may be passed to plugin. In all cases one may use decrypt
instead encrypt to make
1. ALTER DATABASE ENCRYPT WITH <PLUGIN_NAME> { ('PARAMETER') }
This SQL implementation has one main advantage - it looks (I think) very
native for SQL server.
2. gfix -encrypt <plugin> {-cryptpar <parameter>} database
gfix passes plugin name and parameter in DPB, the rest of activity are
like in database validation. This implementation looks like most simple
to implement.
3. Use of special utility: fbdbcrypt -encrypt <plugin> {-cryptpar
<parameter>} {-verbose} local-database
Certainly, appropriate support in services will be present.
This method looks ugly at first, but it has one great advantage -
ability to have switch 'verbose' and let user watch progress with
database encryption.
I like method 3 best of all - long silent validation in gfix is
definitely not good thing. With SQL it's also not clear how to make
crypt report progress. But I'd like to know what do others think.
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
