Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » ElevateDB Technical Support » Support Forums » ElevateDB General » View Thread |
Messages 1 to 9 of 9 total |
Data Scrambling |
Thu, Jun 23 2016 7:13 AM | Permanent Link |
Hershcu Sorin | Hello
I've been requested from a client to check the option of Data Scrambling on the data. Is there any thing regarded this issue on ElavateDB? Thanks Sorin |
Thu, Jun 23 2016 7:48 AM | Permanent Link |
Matthew Jones | Hershcu Sorin wrote:
> requested from a client to check the option of Data Scrambling > on the data. For what purpose? And what sort of data? On one of my products, which deals with confidential data, I have a command that changes all the characters in the text to use only a small sub-set of characters (chosen to be a bit of a match in width), so that it becomes irreversible. That way they can send me the files without risking confidentiality being broken. "Hello mum" thus becomes "Thhhh hih" or something like that. Not sure how that would apply to a database in any useful form though, as they are much more complicated. Hence asking the purpose... -- Matthew Jones |
Thu, Jun 23 2016 8:19 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Hershcu
I would suggest going back to them and offering encryption - ElevateDB does have encryption eg from the manual <<ElevateDB uses the Blowfish block cipher encryption algorithm with 128-bit MD5 hash keys for encryption. Please see the Encryption topic for more information.>> In addition there's an engine signature which can be further used to secure access to the data - I use both encryption on some of the tables plus the engine signature to secure the database as a whole. If they really want data scrambling replace every character in the database with Char(Max(Random(128)-32)) - that will totally scramble it really beyond hope of recovery <VBG> Roy Lambert |
Thu, Jun 23 2016 10:51 AM | Permanent Link |
Hershcu Sorin | Thanks for the reply
I want a copy of their data on my computer for error checking. Their request all kind of security means including Data scrambling. What you suggest is irreversible and that's not wath I want. I try to encrypt the catalog but still if I open the tables with an editor I still can read some data and that what they want to avoid |
Thu, Jun 23 2016 11:19 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Hershcu
>I want a copy of their data on my computer for error checking. >Their request all kind of security means including Data scrambling. > >What you suggest is irreversible and that's not wath I want. Maybe not but its what you're asking for >I try to encrypt the catalog but still if I open the tables with an editor I still can read some data >and that what they want to avoid If all you're encrypting is the catalog then you'll be able to read pretty much everything in the tables. What you need to do is encrypt the tables eg CREATE TABLE "Career" ( "_ID" INTEGER GENERATED BY DEFAULT AS IDENTITY (START WITH 0, INCREMENT BY 1) NOT NULL, "_fkContacts" INTEGER, "_fkCompanies" INTEGER, "_fkSites" INTEGER, "_Started" SMALLINT, "_Left" SMALLINT, "_fkContacts_Manager" INTEGER, "_UnlistedCompany" VARCHAR(60) COLLATE "ANSI_CI", "_Secretary" VARCHAR(50) COLLATE "ANSI_CI", "_SecEMail" VARCHAR(60) COLLATE "ANSI_CI", "_SecPhone" VARCHAR(25) COLLATE "ANSI_CI", "_MainPhone" VARCHAR(25) COLLATE "ANSI_CI", "_Email" VARCHAR(60) COLLATE "ANSI_CI", "_OkForEmail" BOOLEAN DEFAULT FALSE, "_fkJobCodes" VARCHAR(10) COLLATE "ANSI_CI", "_JobTitle" VARCHAR(50) COLLATE "ANSI_CI", "_Created" DATE DEFAULT CURRENT_DATE, "_Autocclist" CLOB COLLATE "ANSI_CI" COMPRESSION 6, "_ChangeLog" CLOB COLLATE "ANSI_CI" COMPRESSION 6, CONSTRAINT "PK" PRIMARY KEY ("_ID") ) VERSION 1.00 READWRITE ENCRYPTED INDEX PAGE SIZE 4096 BLOB BLOCK SIZE 512 PUBLISH BLOCK SIZE 512 PUBLISH COMPRESSION 0 MAX ROW BUFFER SIZE 32768 MAX INDEX BUFFER SIZE 65536 MAX BLOB BUFFER SIZE 32768 MAX PUBLISH BUFFER SIZE 32768 When you create a session (assuming you're using EDBManager) then in the Customizations tab make sure you set the Encryption Password to something other than the default. Then when you create the table just tick the box for encryption. If you do it after tables have been created, and especially after they've been encrypted it gets quite a bit more difficult. There are instructions in another post telling you how to do it in EDBManager and I can help with doing the change in code. If you can read the stuff in an encrypted table using a hex editor I suggest we get together and beat Tim up! Roy Lambert |
Thu, Jun 23 2016 11:32 AM | Permanent Link |
Hershcu Sorin | Thanks Roy
I can do this on existing table "ALTER Table..."? Sorin |
Thu, Jun 23 2016 12:01 PM | Permanent Link |
Matthew Jones | Hershcu Sorin wrote:
> but still if I open the tables with an editor I still can read some > data and that what they want to avoid If they want the data to be encrypted, so it cannot be easily looked at, but you can still see it all with the right software, then Roy's solution is ideal. If they actually don't want *you* to ever see their data, then I don't think it can be done except by some fancy export coding with some inherent risk that you end up scrambling their copy of the data. -- Matthew Jones |
Thu, Jun 23 2016 8:44 PM | Permanent Link |
Richard Harding Wise Nutrition Coaching | <<What you suggest is irreversible and that's not wath I want.
I try to encrypt the catalog but still if I open the tables with an editor I still can read some data and that what they want to avoid.>> A reversible way of scrambling data is to XOR each character of a string with a key. If you do the same process on the scrambled string you get the original string back. Below is a scramble function from Systools. // stStr unit function ScrambleS(const S, Key : ShortString) : ShortString; {-Encrypt / Decrypt string with enhanced XOR encryption.} var J, LKey, LStr : Byte; I : Cardinal; begin Result := S; LKey := Length(Key); LStr := Length(S); if LKey = 0 then Exit; if LStr = 0 then Exit; I := 1; J := LKey; while I <= LStr do begin if J = 0 then J := LKey; if (S[I] <> Key[J]) then Result[I] := AnsiChar(Byte(S[I]) xor Byte(Key[J])); inc(I); dec(J); end; end; Richard |
Fri, Jun 24 2016 2:21 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Hershcu
This is the thread that discussed how to do it in EDBManager http://www.elevatesoft.com/forums?action=view&category=edb&id=edb_general&page=1&msg=15480#15480 If you want to do it in code the process is the same - give me an email address and I'll send you my form to do it - it'll take a bit of time since I'll have to replace my homebrew components. Roy Lambert |
This web page was last updated on Tuesday, April 30, 2024 at 03:55 PM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |