db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Matrigali <mikem_...@sbcglobal.net>
Subject Re: derby encryption
Date Tue, 10 May 2005 21:40:35 GMT
I don't totally understand your requirement.

Your application can be built to require the user to provide some
sort of authentication which can then be used to boot the database.
Straight forward would be to require the client to provide the boot
password, and then have the java classes dynamically build the 
connection url to pass the boot password.  Any number of schemes could 
be used to somehow encrypt the
boot password based on whatever authentication scheme your application
is using.

Sorry if this is not what you are looking for, I am likely missing
something obvious here.

Paul Byford wrote:
> hi,
> i intend to deploy derby in embedded form as part of an application. to 
> protect the data i would like to use the disk encryption feature.
>  
> the issue i have is that for my application to have access to the 
> encrypted database data I must also deploy the bootPassword with the 
> application in among one of my application java classes. i am concerned 
> someone with access to the java classes will have access to the 
> password, and if theydesire they can therefore access the encrypted 
> database.
>  
> my requirement is that the data is only made available if the 
> bootPassword is provided by my application.
>  
> is this possible in derby at present? the documentation does not 
> explicitly cover this.
>  
> thank you
>  
> paul


Mime
View raw message