direct access with a developer tool by a non-authorized person, to change the sensitive information (e.g., money transactions),.
To protect the database from access from non-authorized applications without encryption keys.
Of course, it depends on the encryption algorithm and computing power, but cracking AES256 will require too long time or too expensive computing resources. If an intruder steals the disk with a copy of the encrypted database or somehow obtains a copy of a database file, it will be not possible to read data from it without an appropriate key, as well as it will be not possible to use recovery software like FirstAID to extract the data.
To protect databases with sensitive/valuable data from "physical" stealing.
In this article, we consider the internals of database encryption on the basic level, to give developers of Firebird applications a better understanding of how database encryption works. However, it is not a panacea, and it is necessary to understand its strengths and weaknesses to use it properly. Why we need database encryption (and when we don't)?įirebird database encryption was introduced in Firebird 3.0 release (together with transfer protocol encryption, which is often confused with the discussed subject), and greatly increased capabilities to protect data from unauthorized access.
How Firebird encryption works on the client-sideġ.
What part of the database is being encrypted?.
How Firebird database encryption works on the server-side.
Why we need database encryption (and when we don't)?.
The article's examples are based on IBSurgeon Firebird Encryption Plugin Framework (FEPF) but can be adapted to the majority of currently available implementations of encryption plugins. It describes how Firebird database encryption works, on the server-level, on the client-side, how to configure database encryption, how to use it from the various types of applications (Delphi, Java. The article is based on the materials of the workshop "Database Encryption" at Firebird Conference 2019 in Berlin, Germany. (c) Alexey Kovyazin, IBSurgeon, Alex Peshkoff, Firebird Project, 2021
0 kommentar(er)
