I've using Firebird in development database applications.
I've using Firebird in development database applications.
Now I my project needs to have a closed/encrypted database (content and structure). I've seen a solution at IBSurgeon but it is much too expensive for me.
What solutions do you all use for "closing" the database?
Maybe another database system (I've been looking at MongoDB and Postgress)?
https://ib-aid.com/en/firebird-encryption-plugin-framework/
Now I my project needs to have a closed/encrypted database (content and structure). I've seen a solution at IBSurgeon but it is much too expensive for me.
What solutions do you all use for "closing" the database?
Maybe another database system (I've been looking at MongoDB and Postgress)?
https://ib-aid.com/en/firebird-encryption-plugin-framework/
There are lots of links for Postgres. Search, postgres encryption database
ReplyDeleteOne example:
https://www.postgresql.org/docs/8.1/static/encryption-options.html
R Gosp that is discouraging indeed. Do i correctly understand that your researchs' conclusion is that you need to pay up in order to host an FB DB encrypted on disc?
ReplyDeleteMarkus Kinzler i cannot find info on ibexperts solution. Says it's coming. One IBExpert licence per server... that'll cost too.
You can implement such an plugin fir yourself. The sample provided by the FireBird project should help.
ReplyDeleteMarkus Kinzler, this i knew. Now... to find the time to just assess the work. Well.
ReplyDeleteDany Marmur not for hosting but for the encryption plugin to be used.
ReplyDeleteIBExpert has that plugin included in "IBExpert Server Tools".
After some research I found that such a plugin can be written for Firebird 3.x from scratch and firebird has a example in its distribution.
R Gosp, host/deploy/run, yes, sorry for my bad nomenclature.
ReplyDeleteWhat i react on is; "you would rather switch to a document DB (a completely new architecture) than write or pay for that plugin".
If my quote above holds true than that is very sad. So i post to ask; did you research it? Did you try it? Anyway in order not to get more confused: if you write or fail to write such a plugin it would be highly appreciated with some kind of blog about it. I have not seen such hitherto. And good luck.
The interface for the plugin is very "lite":
ReplyDeleteType
TMyPluginModule = class(IPluginModuleImpl)
private
FRegistered: Boolean;
public
constructor Create;
destructor Destroy; override;
procedure registerMe;
// TPluginModule implementation
procedure doClean; override;
end;
TMyCrypt = class(IDbCryptPluginImpl)
private
FCounter: Integer;
FOwner: IReferenceCounted;
FConfig: IPluginConfig;
public
constructor Create(config: IPluginConfig);
destructor Destroy; override;
// TRefCounted implementation
procedure addRef; override;
function release: Integer; override;
// TPluginBase implementation
procedure setOwner(ref: IReferenceCounted); override;
function getOwner: IReferenceCounted; override;
// TCryptPlugin implementation
procedure setKey(status: IStatus; length: Cardinal; sources: IKeyHolderPluginPtr; keyName: PAnsiChar); override;
procedure encrypt(status: IStatus; length: Cardinal; src, dst: Pointer); override;
procedure decrypt(status: IStatus; length: Cardinal; src, dst: Pointer); override;
private
procedure doCrypt(length: Cardinal; mem: Pointer);
end;
TMyFactory = class(IPluginFactoryImpl)
public
constructor Create(module: IPluginModule);
destructor Destroy; override;
// TPluginFactory implementation
function createPlugin(status: IStatus; factoryParameter: IPluginConfig): IPluginBase; override;
end;
Thanks Markus Kinzler, I found this example, implementing our own ciphering seems not hard to do, but where can I find the definitions for IPluginModuleImpl, IDbCryptPluginImpl, etc. ?
ReplyDelete