< Kexi | SecurityRevision as of 12:58, 10 December 2014 by Jstaniek (talk | contribs) (→Notes)(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff) Status: assigned to W. Kosowicz <[email protected]>, Target: 2.9, Wish #300625 Mentored by Jstaniek (talk) 13:22, 4 October 2014 (UTC) Contents 1 Goal 2 Scenario 3 The choise of encryption solution for SQLite 4 Requirements 5 Notes Goal Ability to encrypt .kexi database files (SQLite-based) with a password. Scenario User shares the .kexi files (e.g. via email) but want reasonable security. He prefers to use passwords instead of public/private keys. The choise of encryption solution for SQLite Selection of password protection solutions for SQLite. SQLCipher and botansqlite3 looks interesting (and FOSS). It's not clear if using QCA gives any benefits. SQLite Encryption Extension (SEE) is an official but non-FOSS solution. Requirements R1. Password is used for a single session with Kexi, when database is closed the password is no longer in memory. R2. When database is closed, it's stays in an encrypted form. R3. .kexi files are not encrypted by default. R3.1. User can set password after successfull openining of .kexi file (encrypted or not encrypted). R3.2. Setting password to empty, effectively removes encryption. R4. The Kexi app should be able to detect that the .kexi file requires password on opening. Notes Related discussion on Kexi Forum See also Add password protecting to individual objects in Kexi database file Related: Since 3.8.7 SQLite supports user authentication: http://www.sqlite.org/src/doc/trunk/ext/userauth/user-auth.txt Retrieved from "https://community.kde.org/index.php?title=Kexi/Security/Add_password_protecting_to_Kexi_database_files&oldid=40768" Content is available under Creative Commons License SA 4.0 unless otherwise noted.