Re: [R] encrypted RData file?
May I suggest that further discussion of this issue be directed to R-Devel. -- Bert Gunter Genentech Non-Clinical Statistics South San Francisco, CA The business of the statistician is to catalyze the scientific learning process. - George E. P. Box -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marc Schwartz (via MN) Sent: Thursday, October 27, 2005 2:56 PM To: Roger D. Peng; Na Li Cc: r-help@stat.math.ethz.ch; Duncan Temple Lang Subject: Re: [R] encrypted RData file? On Thu, 2005-10-27 at 16:15 -0500, Na Li wrote: On 27 Oct 2005, Duncan Temple Lang wrote: Yes, it is of interest and was sitting on my todo list at some time. If you want to go ahead and provide code to do it, that would be terrific. There are other areas where encryption would be good to have, so a general mechanism would be nice. D. Na Li wrote: Hi, I wonder if there is interest/intention to allow for encrypted .RData files? One can certainly do that outside R manually but that will leave a decrypted RData file somewhere which one has to remember to delete. I was hoping someone has already done it. ;-( One possibility is to implement an interface package to gpgme library which itself is an interface to GnuPG. But I'm not sure how the input of passphrase can be handled without using clear text. Michael Seems to me that a better option would be to encrypt the full partition such that (unless you write the files to a non-encrypted partition) these issues are transparent. This would include the use of save(), save.image() and write() type functions to save what was an encrypted dataset/object to a unencrypted file. Of course, you would also have to encrypt the swap and tmp partitions (as appropriate) for similar reasons. On Linuxen/Unixen, full encryption of partitions is available via loopback devices and other mechanisms and some distros have this available as a built-in option. I believe that the FC folks finally have this on their list of functional additions for FC5. Windows of course can do something similar. The other consideration here, is that if R Core builds in some form of encryption, there is the potential for import/export restrictions on such technology since R is available via international CRAN mirrors. It may be best to provide for a plug-in encryption black box of sorts, so that folks can use a particular encryption schema that meets various legal/regulatory requirements. Of course, simply encrypting the file or even a complete partition has to be considered within a larger security strategy (ie. network security, physical access control, etc.) that meets a particular functional requirement (such as HIPAA here in the U.S.) HTH, Marc Schwartz __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html
Re: [R] encrypted RData file?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yes, it is of interest and was sitting on my todo list at some time. If you want to go ahead and provide code to do it, that would be terrific. There are other areas where encryption would be good to have, so a general mechanism would be nice. D. Na Li wrote: Hi, I wonder if there is interest/intention to allow for encrypted .RData files? One can certainly do that outside R manually but that will leave a decrypted RData file somewhere which one has to remember to delete. Cheers, Michael __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html - -- Duncan Temple Lang[EMAIL PROTECTED] Department of Statistics work: (530) 752-4782 371 Kerr Hall fax: (530) 752-7099 One Shields Ave. University of California at Davis Davis, CA 95616, USA -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDYRme9p/Jzwa2QP4RAtdWAJ9xsBXYFpNQipw6szvSfcjuplCrHwCfe0iV avTkVUUFlolKsNKZmGtCbFw= =/JFv -END PGP SIGNATURE- __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html
Re: [R] encrypted RData file?
I would be interested in that, particularly with certain kinds of confidential data. What was the approach you had in mind (if you in fact had one in mind)? -roger Na Li wrote: Hi, I wonder if there is interest/intention to allow for encrypted .RData files? One can certainly do that outside R manually but that will leave a decrypted RData file somewhere which one has to remember to delete. Cheers, Michael __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html -- Roger D. Peng | http://www.biostat.jhsph.edu/~rpeng/ __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html
Re: [R] encrypted RData file?
On 27 Oct 2005, Duncan Temple Lang wrote: Yes, it is of interest and was sitting on my todo list at some time. If you want to go ahead and provide code to do it, that would be terrific. There are other areas where encryption would be good to have, so a general mechanism would be nice. D. Na Li wrote: Hi, I wonder if there is interest/intention to allow for encrypted .RData files? One can certainly do that outside R manually but that will leave a decrypted RData file somewhere which one has to remember to delete. I was hoping someone has already done it. ;-( One possibility is to implement an interface package to gpgme library which itself is an interface to GnuPG. But I'm not sure how the input of passphrase can be handled without using clear text. Michael __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html
Re: [R] encrypted RData file?
On Thu, 2005-10-27 at 16:15 -0500, Na Li wrote: On 27 Oct 2005, Duncan Temple Lang wrote: Yes, it is of interest and was sitting on my todo list at some time. If you want to go ahead and provide code to do it, that would be terrific. There are other areas where encryption would be good to have, so a general mechanism would be nice. D. Na Li wrote: Hi, I wonder if there is interest/intention to allow for encrypted .RData files? One can certainly do that outside R manually but that will leave a decrypted RData file somewhere which one has to remember to delete. I was hoping someone has already done it. ;-( One possibility is to implement an interface package to gpgme library which itself is an interface to GnuPG. But I'm not sure how the input of passphrase can be handled without using clear text. Michael Seems to me that a better option would be to encrypt the full partition such that (unless you write the files to a non-encrypted partition) these issues are transparent. This would include the use of save(), save.image() and write() type functions to save what was an encrypted dataset/object to a unencrypted file. Of course, you would also have to encrypt the swap and tmp partitions (as appropriate) for similar reasons. On Linuxen/Unixen, full encryption of partitions is available via loopback devices and other mechanisms and some distros have this available as a built-in option. I believe that the FC folks finally have this on their list of functional additions for FC5. Windows of course can do something similar. The other consideration here, is that if R Core builds in some form of encryption, there is the potential for import/export restrictions on such technology since R is available via international CRAN mirrors. It may be best to provide for a plug-in encryption black box of sorts, so that folks can use a particular encryption schema that meets various legal/regulatory requirements. Of course, simply encrypting the file or even a complete partition has to be considered within a larger security strategy (ie. network security, physical access control, etc.) that meets a particular functional requirement (such as HIPAA here in the U.S.) HTH, Marc Schwartz __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html
Re: [R] encrypted RData file?
On 27 Oct 2005, Marc Schwartz uttered the following: Seems to me that a better option would be to encrypt the full partition such that (unless you write the files to a non-encrypted partition) these issues are transparent. I actually do that on a Mac via an encrypted sparse disk image. But I may occasionally need transfer some files to other people or put it on a machine without such support. Also the encryption options are quite limited. Michael __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html
Re: [R] encrypted RData file?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Na Li wrote: On 27 Oct 2005, Duncan Temple Lang wrote: Yes, it is of interest and was sitting on my todo list at some time. If you want to go ahead and provide code to do it, that would be terrific. There are other areas where encryption would be good to have, so a general mechanism would be nice. D. Na Li wrote: Hi, I wonder if there is interest/intention to allow for encrypted .RData files? One can certainly do that outside R manually but that will leave a decrypted RData file somewhere which one has to remember to delete. I was hoping someone has already done it. ;-( Me too. One possibility is to implement an interface package to gpgme library which itself is an interface to GnuPG. But I'm not sure how the input of passphrase can be handled without using clear text. For the Unix-like operating systems, a simple thing that we can use is to call gpg as a system program. When we save a file, we can put it in R's temporary directory which is readable only by the owner of the R process. Then we call gpg to encrypt it and put the resulting file in the appropriate directory. Similarly, when loading, we can decrypt into this secure area, load the file in the usual way and throw away the decrypted version. This is definitely the poor man's version and one that I don't like as it uses the file system. But it will get us around the import/export restrictions that Luke Tierney immediately raise with no problems. It is also the mechanism the gpg package in emacs uses (except they just use the current directory, regardless of whether it is readable by anyone else). And I have just written a very simple prototype that does this for R. Interfacing to a library is the way to go, and I might get to that soon, but it requires that we do it in a way that does not put any encryption code into the R source. I can see 2 options off hand, but some more thought is necessary. And if anyone wants to volunteer to write this, that would be much better than me doing it for a variety of different reasons. Michael __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html - -- Duncan Temple Lang[EMAIL PROTECTED] Department of Statistics work: (530) 752-4782 371 Kerr Hall fax: (530) 752-7099 One Shields Ave. University of California at Davis Davis, CA 95616, USA -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDYVA09p/Jzwa2QP4RAoYHAJ4i4Nnd/XtNx2O+zrjxF1nxwYJ4egCfQV4Q p1CaXFo1fiThNax7Afg9uco= =j3Hw -END PGP SIGNATURE- __ R-help@stat.math.ethz.ch mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide! http://www.R-project.org/posting-guide.html