Hello
I've been requested from a client to check the option of Data Scrambling
on the data.
Is there any thing regarded this issue on ElavateDB?
Thanks Sorin

Hershcu Sorin wrote:

> requested from a client to check the option of Data Scrambling
> on the data.

For what purpose? And what sort of data?

On one of my products, which deals with confidential data, I have a
command that changes all the characters in the text to use only a small
sub-set of characters (chosen to be a bit of a match in width), so that
it becomes irreversible. That way they can send me the files without
risking confidentiality being broken. "Hello mum" thus becomes "Thhhh
hih" or something like that.

Not sure how that would apply to a database in any useful form though,
as they are much more complicated. Hence asking the purpose...

--

Matthew Jones

Hershcu


I would suggest going back to them and offering encryption - ElevateDB does have encryption eg from the manual

<<ElevateDB uses the Blowfish block cipher encryption algorithm with 128-bit MD5 hash keys for
encryption. Please see the Encryption topic for more information.>>

In addition there's an engine signature which can be further used to secure access to the data - I use both encryption on some of the tables plus the engine signature to secure the database as a whole.

If they really want data scrambling replace every character in the database with Char(Max(Random(128)-32)) - that will totally scramble it really beyond hope of recovery <VBG>

Roy Lambert

Thanks for the reply

I want a copy of their data on my computer for error checking.
Their request all kind of security means including Data scrambling.

What you suggest is irreversible and that's not wath I want.
I try to encrypt the catalog but still if I open the tables with an editor I still can read some data
and that what they want to avoid

Hershcu


>I want a copy of their data on my computer for error checking.
>Their request all kind of security means including Data scrambling.
>
>What you suggest is irreversible and that's not wath I want.

Maybe not but its what you're asking for

>I try to encrypt the catalog but still if I open the tables with an editor I still can read some data
>and that what they want to avoid

If all you're encrypting is the catalog then you'll be able to read pretty much everything in the tables. What you need to do is encrypt the tables eg

CREATE TABLE "Career"
(
"_ID" INTEGER GENERATED BY DEFAULT AS IDENTITY (START WITH 0, INCREMENT BY 1) NOT NULL,
"_fkContacts" INTEGER,
"_fkCompanies" INTEGER,
"_fkSites" INTEGER,
"_Started" SMALLINT,
"_Left" SMALLINT,
"_fkContacts_Manager" INTEGER,
"_UnlistedCompany" VARCHAR(60) COLLATE "ANSI_CI",
"_Secretary" VARCHAR(50) COLLATE "ANSI_CI",
"_SecEMail" VARCHAR(60) COLLATE "ANSI_CI",
"_SecPhone" VARCHAR(25) COLLATE "ANSI_CI",
"_MainPhone" VARCHAR(25) COLLATE "ANSI_CI",
"_Email" VARCHAR(60) COLLATE "ANSI_CI",
"_OkForEmail" BOOLEAN DEFAULT FALSE,
"_fkJobCodes" VARCHAR(10) COLLATE "ANSI_CI",
"_JobTitle" VARCHAR(50) COLLATE "ANSI_CI",
"_Created" DATE DEFAULT CURRENT_DATE,
"_Autocclist" CLOB COLLATE "ANSI_CI" COMPRESSION 6,
"_ChangeLog" CLOB COLLATE "ANSI_CI" COMPRESSION 6,
CONSTRAINT "PK" PRIMARY KEY ("_ID")
)
VERSION 1.00
READWRITE
ENCRYPTED
INDEX PAGE SIZE 4096
BLOB BLOCK SIZE 512
PUBLISH BLOCK SIZE 512
PUBLISH COMPRESSION 0
MAX ROW BUFFER SIZE 32768
MAX INDEX BUFFER SIZE 65536
MAX BLOB BUFFER SIZE 32768
MAX PUBLISH BUFFER SIZE 32768

When you create a session (assuming you're using EDBManager) then in the Customizations tab make sure you set the Encryption Password to something other than the default. Then when you create the table just tick the box for encryption. If you do it after tables have been created, and especially after they've been encrypted it gets quite a bit more difficult. There are instructions in another post telling you how to do it in EDBManager and I can help with doing the change in code.


If you can read the stuff in an encrypted table using a hex editor I suggest we get together and beat Tim up!


Roy Lambert

Thanks Roy
I can do this on existing table "ALTER Table..."?
Sorin

Hershcu Sorin wrote:

>  but still if I open the tables with an editor I still can read some
> data and that what they want to avoid

If they want the data to be encrypted, so it cannot be easily looked
at, but you can still see it all with the right software, then Roy's
solution is ideal. If they actually don't want *you* to ever see their
data, then I don't think it can be done except by some fancy export
coding with some inherent risk that you end up scrambling their copy of
the data.

--

Matthew Jones

<<What you suggest is irreversible and that's not wath I want.
I try to encrypt the catalog but still if I open the tables with an editor I still can read some data
and that what they want to avoid.>>

A reversible way of scrambling data is to XOR each character of a string with a key.  If you do the same process on the scrambled string you get the original string back.

Below is a scramble function from Systools.

// stStr unit
function ScrambleS(const S, Key : ShortString) : ShortString;
 {-Encrypt / Decrypt string with enhanced XOR encryption.}
var
 J, LKey, LStr : Byte;
 I : Cardinal;
begin
 Result := S;
 LKey := Length(Key);
 LStr := Length(S);
 if LKey = 0 then Exit;
 if LStr = 0 then Exit;
 I := 1;
 J := LKey;
 while I <= LStr do begin
   if J = 0 then
     J := LKey;
   if (S[I] <> Key[J]) then
     Result[I] := AnsiChar(Byte(S[I]) xor Byte(Key[J]));
   inc(I);
   dec(J);
 end;
end;


Richard

Hershcu


This is the thread that discussed how to do it in EDBManager

http://www.elevatesoft.com/forums?action=view&category=edb&id=edb_general&page=1&msg=15480#15480

If you want to do it in code the process is the same - give me an email address and I'll send you my form to do it - it'll take a bit of time since I'll have to replace my homebrew components.

Roy Lambert