Selecting a Secure DBMS against direct disk access
https://stackoverflow.com/questions/10571175
-
08-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFrage
I'm going to create a Java Application for collecting some enterprise information.
My problem is the DBMS security.
EDIT: My Application is not connected to Network and the whole DB and App. are located on the system that app. is accessed from there; Users has ACL so I don't want a user be able to read data that hasn't access to them by using database files on the disk.
I need a DBMS that encrypt data on disk to protect data against someone with a Text/HEX editor or other SQL Browsing Tools (Like SQLite that has no security mechanism or ...)!
Which DBMS can I use to be sure that data are accessible only through my application (and of course DBMS itself) and not directly from the disk?
Does MySQL or PostgreSQL have such a direct disk access protection mechanism?
Thanks
Lösung
If the individual has access to the disk itself, there's a good chance that he will have access to the code and other data of your application. And the encryption key (used to encrypt the DB file) will be available as well. This problem doesn't have a universal solution (see one approach below) if the computer device gets into wrongdoer's hands.
Putting the above aside you have several options:
- SQLite has whole-DB encryption plugin.
- You can mount the disk using TrueCrypt or one of its alternatives
- We have several products (namely SolFS and CallbackFilter) which let you encrypt the DB file on the fly either using the virtual disk (SolFS) or by encrypting/decrypting files on the fly by filtering file I/O requests (CallbackFilter).
If you are able to have the user provide a password / key in some way, then you can use a session key to encrypt the database data, and then encrypt this session key using each user's password. Then, when the user wants to access the data, you ask him for a password, decrypt the session key and use the key to access the DB. In this way the key used to encrypt the data is not stored in "cleartext" and getting physical access to the disk doesn't reveal the data.
