Kexi/Security/Add password protecting to Kexi database files: Difference between revisions

From KDE Community Wiki
< Kexi‎ | Security
(Created page with "https://bugs.kde.org/show_bug.cgi?id=300625")
 
No edit summary
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
https://bugs.kde.org/show_bug.cgi?id=300625
'''Status: assigned to W. Kosowicz <[email protected]>''', '''Target: 3.?''', {{Wish|300625}}
 
Mentored by [[User:Jstaniek|Jstaniek]] ([[User talk:Jstaniek|talk]]) 13:22, 4 October 2014 (UTC)
 
==Goal==
Ability to encrypt .kexi database files (SQLite-based) with a password.
 
==Scenario==
*User shares the .kexi files (e.g. via email) but want reasonable security.
*He prefers to use passwords instead of public/private keys.
 
==The choise of encryption solution for SQLite==
*[http://stackoverflow.com/questions/5669905/sqlite-with-encryption-password-protection Selection of password protection solutions for SQLite]. SQLCipher and botansqlite3 looks interesting (and FOSS).
*It's not clear if using QCA gives any benefits.
*[http://www.sqlite.org/see/doc/trunk/www/readme.wiki SQLite Encryption Extension (SEE)] is an official but non-FOSS solution.
 
==Requirements==
*R1. Password is used for a single session with Kexi, when database is closed the password is no longer in memory.
*R2. When database is closed, it's stays in an encrypted form.
*R3. .kexi files are not encrypted by default.
*R3.1. User can set password after successfull openining of .kexi file (encrypted or not encrypted).
*R3.2. Setting password to empty, effectively removes encryption.
*R4. The Kexi app should be able to detect that the .kexi file requires password on opening.
 
==Notes==
*[https://forum.kde.org/viewtopic.php?f=221&t=102232&p=320343#p320343 Related discussion on Kexi Forum]
*See also [[../Add password protecting to individual objects in Kexi database file/]]
*Related: Since 3.8.7 SQLite supports '''user authentication''': http://www.sqlite.org/src/doc/trunk/ext/userauth/user-auth.txt

Latest revision as of 10:21, 8 January 2015

Status: assigned to W. Kosowicz <[email protected]>, Target: 3.?, Wish #300625

Mentored by Jstaniek (talk) 13:22, 4 October 2014 (UTC)

Goal

Ability to encrypt .kexi database files (SQLite-based) with a password.

Scenario

  • User shares the .kexi files (e.g. via email) but want reasonable security.
  • He prefers to use passwords instead of public/private keys.

The choise of encryption solution for SQLite

Requirements

  • R1. Password is used for a single session with Kexi, when database is closed the password is no longer in memory.
  • R2. When database is closed, it's stays in an encrypted form.
  • R3. .kexi files are not encrypted by default.
  • R3.1. User can set password after successfull openining of .kexi file (encrypted or not encrypted).
  • R3.2. Setting password to empty, effectively removes encryption.
  • R4. The Kexi app should be able to detect that the .kexi file requires password on opening.

Notes