"Tim Young [Elevate Software]" <timyoung@elevatesoft.com> wrote:

Sam,

<<< So how do you open an encrypted table that was sent in from a user? >>>

<<We ask them for the encryption password and use it in the test application
(TEDBEngine.EncryptionPassword).>>

Then wouldn't the user be exposing his encryption password for his entire database?
Often the developer/administrator may grant the user total access to a single table from
an application of 100 tables. The administrator/developer may allow him to decrypt the
single table, or send the encrypted table off to another branch etc..  If the database has
only 1 encryption password, whoever you send the table to will need to know your database
encryption password and with that he will be able to use it to break into your database
(you're not going to send the table unencrypted). Even if you trust the recipient of the
table, you have a problem with anyone else who may intercept the password either during
the transmission of the table, or after he receives it. He could post the password in a
post-it note on his computer for others to see.

Or am I missing something here?

TIA

Sam

Sam,

<< Then wouldn't the user be exposing his encryption password for his entire
database?  Often the developer/administrator may grant the user total access
to a single table from an application of 100 tables. The
administrator/developer may allow him to decrypt the single table, or send
the encrypted table off to another branch etc.. >>

First of all, if you plan on sending single tables from a database to
another location, you're going to run into trouble very fast.  Databases are
a single entity in EDB and are not intended to be split up or dealt with on
a per-table basis.  If you want to grant access to only one table in the
database, then you should use the provided SQL facilities for creating
users/roles and granting them privileges on the database and the tables
contained within.

The encryption is only intended to provide a means for a local application
to prevent someone from examining the data in the tables with a hex editor.
It is not a user-security mechanism.

<< If the database has only 1 encryption password, whoever you send the
table to will need to know your database encryption password and with that
he will be able to use it to break into your database (you're not going to
send the table unencrypted).>>

See above.  You're mixing the old-style Paradox/DBISAM table password
encryption as user security mechanism with the EDB file and messaging
encryption.

<< Even if you trust the recipient of the table, you have a problem with
anyone else who may intercept the password either during the transmission of
the table, or after he receives it. He could post the password in a post-it
note on his computer for others to see. >>

You've just described the human element of any encryption scheme.  There's
nothing specific about EDB in there.

--
Tim Young
Elevate Software
www.elevatesoft.com