Internal security of Rev?
dsc at swcp.com
Wed Jul 12 14:24:49 EDT 2006
On Jul 12, 2006, at 2:27 AM, John Tregea wrote:
> Yes my original question was about protecting classified
> information within a database where the front end may end up being
> Rev based.
You are mixing two levels.
If the information is encrypted and decrypted with a "hardwired" key,
it is virtually part of the application. It is subject to the
However, if it is encrypted using a user supplied key, then it stands
alone as encrypted information. The user supplied key might be a
certificate, a passphrase, or a passphrase to get to a certificate.
You can mix the user key with "hardwired" key to slow down decrypting
without the user supplied key.
So, you need a user-supplied key.
> But the structure of the stand alone rev application is my
> remaining concern. (unless you all think of some stuff I haven't
> thought of.)
> The classified information would specifically be for supply chain
> risk assessments under ISO 28000 and 28001. We hope to use Rev to
> build a front end to a proprietary database structure, but have to
> know we can certify the resulting application under ISO 17799
> (Information Security Management) before clients would be prepared
> to use the product/service.
Revolution uses good cryptographic functions. It uses a library that
has undergone review and has a controlled build distribution process.
However, 1) you don't know what kinds of sneaking things folks at
RunRev have put into their code. I don't think they have done
anything sneaky, I mean you are not able to demonstrate that they
have not, without going to extra effort. Also, 2) I would not be
surprised if there are RAM info leaks through Revolution's memory
management. That is, unused memory might be returned to the system
without being written over. Rev does a lot of copying. (I do some
things to mitigate this, but I have no idea if they really do any
good.) If those are not a concern for ISO 17799, I think you are OK.
Rev encryption is based on openSSL libraries and you need to make
sure you have a good copy of a reviewed version. Don't ship with
what you get from RunRev for Windows; download a new copy and check
SSL is normally app to app, so you should be OK there, too. However,
at this time, you cannot supply a cert from the client side with
Rev. (Unless something happened when I was asleep.) Hmmm. There
should be an enhancement request for this.
More information about the Use-livecode