3

I'm going to create a Java Application for collecting some enterprise information.
My problem is the DBMS security.
EDIT: My Application is not connected to Network and the whole DB and App. are located on the system that app. is accessed from there; Users has ACL so I don't want a user be able to read data that hasn't access to them by using database files on the disk.
I need a DBMS that encrypt data on disk to protect data against someone with a Text/HEX editor or other SQL Browsing Tools (Like SQLite that has no security mechanism or ...)!

Which DBMS can I use to be sure that data are accessible only through my application (and of course DBMS itself) and not directly from the disk?

Does MySQL or PostgreSQL have such a direct disk access protection mechanism?

Thanks

Ariyan
  • 14,760
  • 31
  • 112
  • 175
  • Why is the disk available to an attacker? This should be the first question! – Asherah May 13 '12 at 11:06
  • Please specify the read protection a bit further, do you need protection against theft (then you could use pretty much any encrypted filesystem like TrueCrypt or the internal mechanism of Postgre etc.) or do you need read protection during runtime (when the FileSystem is mounted)? – Christian Uhl May 13 '12 at 11:06
  • @Len: I edited question and described reason. – Ariyan May 13 '12 at 11:25
  • @ChristianUhl: When FileSystem is Mounted. – Ariyan May 13 '12 at 11:26
  • 1
    Why don't you use the user separation of the OS? Run the database using a diferent account and the ACLs so that only the database user has access. Or do you consider administrators as attackers? – Robert May 13 '12 at 17:35

1 Answers1

3

If the individual has access to the disk itself, there's a good chance that he will have access to the code and other data of your application. And the encryption key (used to encrypt the DB file) will be available as well. This problem doesn't have a universal solution (see one approach below) if the computer device gets into wrongdoer's hands.

Putting the above aside you have several options:

  1. SQLite has whole-DB encryption plugin.
  2. You can mount the disk using TrueCrypt or one of its alternatives
  3. We have several products (namely SolFS and CallbackFilter) which let you encrypt the DB file on the fly either using the virtual disk (SolFS) or by encrypting/decrypting files on the fly by filtering file I/O requests (CallbackFilter).

If you are able to have the user provide a password / key in some way, then you can use a session key to encrypt the database data, and then encrypt this session key using each user's password. Then, when the user wants to access the data, you ask him for a password, decrypt the session key and use the key to access the DB. In this way the key used to encrypt the data is not stored in "cleartext" and getting physical access to the disk doesn't reveal the data.

Eugene Mayevski 'Callback
  • 45,135
  • 8
  • 71
  • 121