lucene-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colin Young" <>
Subject RE: Encryption
Date Mon, 08 May 2006 02:33:04 GMT
Rather than concentrating on the specific mechanisms, could you
elaborate a bit on the overall goals and features of the system? Who is
providing the documents? What are the threats you are guarding against?
How is the system going to be used?


-----Original Message-----
From: George Washington [] 
Sent: 7 May, 2006 03:38
Subject: Re: Encryption

Thank you all for your replies (and Otis and John for your lively sense
of humour as well).
I obviously accept the need to encrypt the index, but am not sure that
using the Windows (or Linux) file system encryption will solve the
problem. My understanding is that both cannot be under my application
control, they need to be part of the site policy. Hence cannot be relied
upon in all instances. 
I want the user to decide if encryption is required and then enable it
knowing that it will be done.
If my understanding above is correct, the other alternative is to use
the Java Cryptography Extension (JCE) to encrypt (and decode) the index
on the fly. This however is more complex, and where I was hoping your
knowledge of Lucene could help.
I suspect it would require careful choice of positioning of the
encryption and decoding calls so as not to interfere for instance with
segment optimisation and merging and many other such complications.
Searching through this mailing list has revealed no interest in
encryption at all.
Any suggestion as to how JCE could be embedded in Lucene? (or whether I
am on the right or wrong track!) Thanks Victor

New year, new job - there's more than 100,00 jobs at SEEK

To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message