WebDNA Software | DB encryption

Technical References - DB encryption

Database Automatic Encryption (from WebDNA 8.5)

The idea behind it is to transparently encrypt (using Government Grade AES) a database just by including "_encrypted" in the database name. The decrypted database will never appear on disk, only the encrypted copy. However, it is decrypted on the fly when you open the database in RAM, and it resides unencrypted in the RAM of the computer, until you write back your database to disk, where the older version will be entirely overwritten.
This allows all operations (writing, reading, searching...) to be executed as fast as usual.

An example name would be "userbase_encrypted.db"

Security: there is no seed to rely on, as if someone has access to the disk, he would also have access to the seed.

The encrypted databases can still use a .hdr file, but it has to be plain text. Otherwise you can just let WebDNA encrypt the header in the .db file by running [addfields] on an empty "_encrypted.db" file.

To create an encrypted database

[writefile] alone won't work because it writes out unencrypted. If WebDNA tries to decrypt an encrypted .db file, but is unable to, it is treated as an empty file. It doesn't try to convert it.

The way to create encrypted databases is with [addfields]:

[writefile test_encrypted.db][/writefile]
[addfields db=test_encrypted.db]zip=98765&city=Washington[/addfields]
[append db=test_encrypted.db]zip=12345&city=Boston[/append]

Do a [flushdatabases] and it will result in a small file full of gibberish on your hard drive.

Writing out a 150MB AES encrypted database takes about 3 seconds. Most of that time is spent waiting on disk IO.

You can use [spawn] to save these seconds:

[spawn][flushdatabases][/spawn]

[spawn][commitdatabase db=test_encrypted.db][/spawn]

DOWNLOAD WEBDNA NOW!

Technical References - DB encryption

To create an encrypted database

Top Articles:

Related Readings: