AW: db encryption and multiuser question

Luis luis at anachreon.co.uk
Tue Feb 5 11:16:11 EST 2008


Hiya,

You could opt for www.firebirdsql.org

It has both server and local versions available,  you can backup and  
manage the updates with your own app, instead of waiting for the  
updated Rev version.

Regarding security/encryption:

http://www.firebirdsql.org/manual/qsg2-config.html#qsg2-config-security

http://www.firebirdsql.org/manual/fbmetasecur-solution.html

Other than that it depends on your app: If the communication is a  
security issue and it's a company database you could consider a VPN.
If the client base is wider then possibly connecting to the database  
though SSL.

Cheers,

Luis.



On 5 Feb 2008, at 15:35, Tiemo Hollmann TB wrote:

> Hi Trevor,
> yes, I have to do search and filter sqls on the datas, so there  
> would only
> be the external encryption, but I don't know yet, if I could use  
> one of the
> tools, like sqlite-crypt, or as Eric was pointing, Rev still has do  
> some
> work on sqlite, before you could use encryption.
> Tiemo
>
>> -----Ursprüngliche Nachricht-----
>> Von: use-revolution-bounces at lists.runrev.com [mailto:use-revolution-
>> bounces at lists.runrev.com] Im Auftrag von Trevor DeVore
>> Gesendet: Dienstag, 5. Februar 2008 16:10
>> An: How to use Revolution
>> Betreff: Re: db encryption and multiuser question
>>
>> On Feb 5, 2008, at 5:21 AM, Tiemo Hollmann TB wrote:
>>
>>> 1. I have read a few times that you can't / should not use sqlite
>>> for a
>>> multiuser environment, instead you should take a "bigger" db as
>>> valentine.
>>> My question is, are there any hard facts to not use sqlite in a
>>> multi user
>>> environment? What would happen if my customers would read my db with
>>> multiple users - just a little slow down or wouldn't it work at all?
>>> Does
>>> this point affect only if you have write statements on the db or
>>> also if you
>>> only have a read db?
>>
>> <http://sqlite.org/whentouse.html>
>>
>> Scroll down to "Situations Where Another RDBMS May Work Better" and
>> look at "Client/Server Applications". If you have many users  
>> trying to
>> write to the database file then you should probably look for a
>> different solution. Multiple reads won't corrupt your database  
>> though.
>>
>>> 2. What about encryption (just read Victoras answer). ... My
>>> question: Is this because
>>> I am not a db specialist and for any advanced "specialist" it
>>> wouldn't be
>>> any problem to get my datas out of my db with structure and "sence"
>>> and
>>> everybody should encrypt his data to avoid dumping or is it really
>>> "only" a
>>> question of securing private datas?
>>
>> As Eric said your data is not safe as anyone could open the database
>> and take a peak or perform a dump of the data. You can encrypt the
>> data in Rev before storing in the database and then decrypt it when
>> pulling the data out but be aware that you lose the ability to  
>> perform
>> searches on that data using SQL. I believe encryption at the database
>> level is really needed if you want to search the data.
>>
>> Regards,
>>
>> --
>> Trevor DeVore
>> Blue Mango Learning Systems
>> www.bluemangolearning.com    -    www.screensteps.com
>>
>> _______________________________________________
>> use-revolution mailing list
>> use-revolution at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-revolution
>
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your  
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>




More information about the Use-livecode mailing list