Difference between revisions of "Kexi/Security/Add password protecting to Kexi database files"
(Created page with "https://bugs.kde.org/show_bug.cgi?id=300625") |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | https:// | + | '''Status: assigned to W. Kosowicz <[email protected]>''', '''Target: 3.?''', {{Wish|300625}} |
| + | |||
| + | Mentored by [[User:Jstaniek|Jstaniek]] ([[User talk:Jstaniek|talk]]) 13:22, 4 October 2014 (UTC) | ||
| + | |||
| + | ==Goal== | ||
| + | Ability to encrypt .kexi database files (SQLite-based) with a password. | ||
| + | |||
| + | ==Scenario== | ||
| + | *User shares the .kexi files (e.g. via email) but want reasonable security. | ||
| + | *He prefers to use passwords instead of public/private keys. | ||
| + | |||
| + | ==The choise of encryption solution for SQLite== | ||
| + | *[http://stackoverflow.com/questions/5669905/sqlite-with-encryption-password-protection Selection of password protection solutions for SQLite]. SQLCipher and botansqlite3 looks interesting (and FOSS). | ||
| + | *It's not clear if using QCA gives any benefits. | ||
| + | *[http://www.sqlite.org/see/doc/trunk/www/readme.wiki SQLite Encryption Extension (SEE)] is an official but non-FOSS solution. | ||
| + | |||
| + | ==Requirements== | ||
| + | *R1. Password is used for a single session with Kexi, when database is closed the password is no longer in memory. | ||
| + | *R2. When database is closed, it's stays in an encrypted form. | ||
| + | *R3. .kexi files are not encrypted by default. | ||
| + | *R3.1. User can set password after successfull openining of .kexi file (encrypted or not encrypted). | ||
| + | *R3.2. Setting password to empty, effectively removes encryption. | ||
| + | *R4. The Kexi app should be able to detect that the .kexi file requires password on opening. | ||
| + | |||
| + | ==Notes== | ||
| + | *[https://forum.kde.org/viewtopic.php?f=221&t=102232&p=320343#p320343 Related discussion on Kexi Forum] | ||
| + | *See also [[../Add password protecting to individual objects in Kexi database file/]] | ||
| + | *Related: Since 3.8.7 SQLite supports '''user authentication''': http://www.sqlite.org/src/doc/trunk/ext/userauth/user-auth.txt | ||
Latest revision as of 10:21, 8 January 2015
Status: assigned to W. Kosowicz <[email protected]>, Target: 3.?, Wish #300625
Mentored by Jstaniek (talk) 13:22, 4 October 2014 (UTC)
Goal
Ability to encrypt .kexi database files (SQLite-based) with a password.
Scenario
- User shares the .kexi files (e.g. via email) but want reasonable security.
- He prefers to use passwords instead of public/private keys.
The choise of encryption solution for SQLite
- Selection of password protection solutions for SQLite. SQLCipher and botansqlite3 looks interesting (and FOSS).
- It's not clear if using QCA gives any benefits.
- SQLite Encryption Extension (SEE) is an official but non-FOSS solution.
Requirements
- R1. Password is used for a single session with Kexi, when database is closed the password is no longer in memory.
- R2. When database is closed, it's stays in an encrypted form.
- R3. .kexi files are not encrypted by default.
- R3.1. User can set password after successfull openining of .kexi file (encrypted or not encrypted).
- R3.2. Setting password to empty, effectively removes encryption.
- R4. The Kexi app should be able to detect that the .kexi file requires password on opening.
Notes
- Related discussion on Kexi Forum
- See also Add password protecting to individual objects in Kexi database file
- Related: Since 3.8.7 SQLite supports user authentication: http://www.sqlite.org/src/doc/trunk/ext/userauth/user-auth.txt
This page was last edited on 8 January 2015, at 10:21. Content is available under Creative Commons License SA 4.0 unless otherwise noted.