On 21/08/15 20:40, James Starkey wrote: > First question: On a scale from 1 (don't care, wouldn't use it) to 5 (I > need it yesterday) how important to us is the ability to encrypt > database files. Assume a bobust encryption scheme and a moderately > civilized key management system. Please feel free to explain your > answer either way. > > Second question: If you would consider in-disk database encryption, on a > scale of 1 to 5 how important is unattended startup, i.e. no human to > enter a password, given that it's probably impossible to make such a > system robustly secure?
Q1 : 4, I don't expect NSA defeating crypto[0], but enough to keep casual eyes away from expensive data. Q2 : 5, It's a must. Whether the key is somehow held internal to the .FDB file (with it's own pswd, no system wide account access, naturally) or passed in via connection data, isn't an issue[1], but the DB must be available to the apps depending on it with zero user intervention. Scott [0] For deployment to sites out of our control, in the end there's no technical way to truly hide the data, obviously. But we're also not talking about skilled hackers either, just average users. Hell, XOR would probably suffice, but something like ChaCha would be preferred. [1] Although, would prefer things like GBAK, ISQL, etc. to still be usable. ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
