Kexi/Security/Add password protecting to Kexi database files: Difference between revisions
No edit summary |
|||
| Line 25: | Line 25: | ||
==Notes== | ==Notes== | ||
*[https://forum.kde.org/viewtopic.php?f=221&t=102232&p=320343#p320343 Related discussion on Kexi Forum] | *[https://forum.kde.org/viewtopic.php?f=221&t=102232&p=320343#p320343 Related discussion on Kexi Forum] | ||
*See also [[../Add password protecting to individual objects in Kexi database file/]] | |||
Revision as of 16:36, 4 October 2014
Status: assigned, Target: 2.9, Wish #300625
Mentored by Jstaniek (talk) 13:22, 4 October 2014 (UTC)
Goal
Ability to encrypt .kexi database files (SQLite-based) with a password.
Scenario
- User shares the .kexi files (e.g. via email) but want reasonable security.
- He prefers to use passwords instead of public/private keys.
The choise of encryption solution for SQLite
- Selection of password protection solutions for SQLite. SQLCipher and botansqlite3 looks interesting (and FOSS).
- It's not clear if using QCA gives any benefits.
- SQLite Encryption Extension (SEE) is an official but non-FOSS solution.
Requirements
- R1. Password is used for a single session with Kexi, when database is closed the password is no longer in memory.
- R2. When database is closed, it's stays in an encrypted form.
- R3. .kexi files are not encrypted by default.
- R3.1. User can set password after successfull openining of .kexi file (encrypted or not encrypted).
- R3.2. Setting password to empty, effectively removes encryption.
- R4. The Kexi app should be able to detect that the .kexi file requires password on opening.