Just getting started with EDB and trying to figure out the
encryption options.  As I understand it all the tables within a
database will be encrypted with the same key (?)

Where do I define the key for for a database?

Perhaps someone could provide a mini-tutorial on the whole issue?

I believe I need to set up user(s) and/or roles for
access but I'm not clear how this works with the encryption
to secure the tables within the database.

Background (from DBISAM application):
   - I have encrypted files within a database with different
     passwords/keys
   - I've used
            session.addpassword
            session.RemoveAllPasswords
            etc

JonD

Jon,

<< Just getting started with EDB and trying to figure out the encryption
options.  As I understand it all the tables within a database will be
encrypted with the same key (?) >>

Actually, everything is encrypted with the same key - configuration files,
catalog files, table files, etc.

<< Where do I define the key for for a database? >>

In the TEDBEngine component - EncryptionPassword property.

<< I believe I need to set up user(s) and/or roles for access but I'm not
clear how this works with the encryption
to secure the tables within the database. >>

That's a separate issue unrelated to the encryption.  Encryption in EDB is
only a file security construct, it does not serve as a user security
construct:

http://www.elevatesoft.com/edb1sql_user_security.htm

--
Tim Young
Elevate Software
www.elevatesoft.com

Yes... I had seen  EncryptionPassword property...

I guess I should have said that I didn't see how
ElevateDB manager set the encryption key.

Jon

Tim Young [Elevate Software] wrote:
>
> In the TEDBEngine component - EncryptionPassword property.

Jon,

<< I guess I should have said that I didn't see how ElevateDB manager set
the encryption key. >>

For now you have to recompile the EDB Manager with your own encryption key
if you want to use a special encryption password.

--
Tim Young
Elevate Software
www.elevatesoft.com

Tim,

OK... I'm a little slow here

If my database and (say) Roy's database are encrypted with the same
key what stops me from opening up a database created by Roy?

Jon

Tim Young [Elevate Software] wrote:
> Jon,
>
> << I guess I should have said that I didn't see how ElevateDB manager set
> the encryption key. >>
>
> For now you have to recompile the EDB Manager with your own encryption key
> if you want to use a special encryption password.
>

Jon

>If my database and (say) Roy's database are encrypted with the same
>key what stops me from opening up a database created by Roy?

Easy - I'll beat you up if you do

And on a more serious note that's going to be the case anywhere. Don't forget as well as the encryption you have the engine signature so if you alter that to "Jon Lloyd Duerdoth" I'm very unlikely to be using the same one <vbg>

You could, for instance, use a GUID to create your encryption key and since they're supposed to be unique the odds of someone else using the same key are going to be pretty remote.

Roy Lambert

Roy,

Ah! that's how you make the encryption secure

I think I get the process but it seems to me that as soon as you move
to a different key you have to fiddle the manager (as opposed to DBISAM)

I think I now understand the issue that was discussed in another thread
about having an option to change the key for the manager.

Just to summarize:
If you send me a table that was encrypted (with the out of the box key)
I would be able to read it?

Jon

Roy Lambert wrote:
> Jon
>
>> If my database and (say) Roy's database are encrypted with the same
>> key what stops me from opening up a database created by Roy?
>
> Easy - I'll beat you up if you do
>
> And on a more serious note that's going to be the case anywhere. Don't forget as well as the encryption you have the engine signature so if you alter that to "Jon Lloyd Duerdoth" I'm very unlikely to be using the same one <vbg>
>
> You could, for instance, use a GUID to create your encryption key and since they're supposed to be unique the odds of someone else using the same key are going to be pretty remote.
>
> Roy Lambert
>

Jon


>Just to summarize:
>If you send me a table that was encrypted (with the out of the box key)
>I would be able to read it?


Correct.

Roy Lambert

Roy,

Thanks... I guess I have to compile Manager with my own key.

Well I guess I have my summer projects all lined up (converting
my apps to edb)!

Jon

Roy Lambert wrote:
> Jon
>
>
>> Just to summarize:
>> If you send me a table that was encrypted (with the out of the box key)
>> I would be able to read it?
>
>
> Correct.
>
> Roy Lambert