![]() |
Cloudscape and Security
|
Reference Manual |
Encrypting Databases on DiskOverviewCloudscape provides a way for you to encrypt your data on disk. Typically, database systems encrypt and decrypt data in transport over the network, using industry-standard systems such as SSL. This system works well for client/server databases; the server is assumed to be in a trusted, safe environment, managed by a system administrator. In addition, the recipient of the data is trusted and is assumed to be capable of protecting the data. The only risk comes when transporting data over the wire, and data encryption happens during network transport only. However, Cloudscape databases are platform-independent files that are designed to be easily shared in a number of ways, including transport over the Internet. Recipients of the data may not know how, or may not have the means, to properly protect the data. This data encryption feature provides the ability to store user data in an encrypted form. The user who boots the database must provide a boot password. NOTE: Jar files stored in the database are not encrypted. Requirements for Cloudscape EncryptionCloudscape supports disk encryption, but you must supply the following:
Working with EncryptionEncrypting Databases on CreationCloudscape allows you to configure a database for encryption when you create it. To do so, you specify dataEncryption=true on the database connection URL. The default encryption provider is com.sun.crypto.provider.SunJCE. You have the option of specifying an alternate encryption provider; see Specifying an Alternate Encryption Provider. The default encryption algorithm is DES, but you have the option of specifying an alternate algorithm; see Specifying an Alternate Encryption Algorithm. Creating the Boot PasswordWhen you encrypt a database you must also specify a boot password, which is an alpha-numeric string used to generate the encryption key. The length of the encryption key depends on the algorithm used: NOTE: The boot password should have at least as many characters as the length of the encryption key. The minimum number of characters for the boot password allowed by Cloudscape is eight. It is a good idea not to use words that would be easily guessed, such as a login name or simple words or numbers. A bootPassword, like any password, should be a mix of numbers and upper- and lowercase letters. You turn on and configure encryption and specify the corresponding boot password on the database connection URL for a database when you create it: jdbc:cloudscape:encryptionDB1;create=true;dataEncryption=true;
NOTE: Specifying an Alternate Encryption ProviderBy default, Cloudscape uses the encryption provider that comes with the JCE package, com.sun.crypto.provider.SunJCE. You can specify an alternate provider when you create the database with the encryptionProvider=providerName attribute. You must specify the full package and class name of the provider, and you must also add the libraries to the application's class path. NEW: The ability to specify an alternate encryption provider is new in 3.6. Specifying an Alternate Encryption AlgorithmCloudscape supports the following encryption algorithms:
By Java convention, an encryption algorithm is specified like this: algorithmName/feedbackMode/padding The only feedback modes allowed are: By default, Cloudscape uses the DES algorithm of DES/CBC/NoPadding. Specify an alternate encryption algorithm when you create a database with the encryptionAlgorithm=algorithm attribute. If the algorithm you specify is not supported by the provider you have specified, Cloudscape throws an exception. NOTE: After you create a database, you cannot change the encryption provider or encryption algorithm. NEW: The ability to specify an alternate encryption algorithm is new in 3.6. Booting an Encrypted DatabaseOnce you have created an encrypted database, you must supply the boot password to reboot it. Encrypted databases cannot be booted automatically along with all other system databases on system startup (see cloudscape.system.bootAll of Tuning Cloudscape). Instead, you boot encrypted databases when you first connect to them. For example, to access an encrypted database called wombat, created with the boot password cloudscape, you would use the following database connection URL: jdbc:cloudscape:wombat;bootPassword=clo760uds2caPe Once the database is booted, all connections can access the database without the boot password. Only a connection that boots the database requires the key. For example, the following connections would boot the database and thus require the boot password:
NOTE: The boot password is not meant to prevent unauthorized connections to the database once it has been booted. To protect a database once it has been booted, turn on user authentication (see Working with User Authentication). Changing the Boot PasswordYou can change the boot password for the current database.
CALL PropertyInfo.setDatabaseProperty( where oldbpw is the current boot password and newbpw is the new boot password. This call commits immediately; it is not transactional. NOTE: getDatabaseProperty does not actually return the boot password. |
|
![]() Cloudscape Version 3.6 For information about Cloudscape technical support, go to: www.cloudscape.com/support/.Copyright © 1998, 1999, 2000 Informix Software, Inc. All rights reserved. |