Site icon Embarcadero RAD Studio, Delphi, & C++Builder Blogs

InterBase Database Encryption – How To Do It

interbase encryption

InterBase Encryption is supported starting with InterBase 2009. InterBase enables you to encrypt information at one or both of the following levels:

Using InterBase Database Encryption you can also encrypt Database Backup Files. For more information about encrypting your data with InterBase, see Data Definition Guide.

Create Encryption with InterBase

To create specific encryption tasks in InterBase, you need to create the System Data Security Owner (SYSDSO). Both users, the SYSDSO and the SYSDBA (the database owner), have responsibilities for InterBase Encryption. The table below shows the differences between the user’s tasks:

Permissions Database  

Owner

SYSDSO
Create Encryption Keys NO YES
Set the SEP NO YES
Grant Encrypt Privileges NO YES
Encrypt Database YES NO
Encrypt Columns YES NO
Grant Decrypt Privileges YES NO

Also, encryption tasks can be performed by any individual table owner who is given permission to encrypt columns in a table.

Encrypt a Database with IBConsole

There are two ways to encrypt a database in InterBase. You can enable and implement encryption using isql or you can encrypt a database with IBConsole. For this specific topic, we use the second option – Encrypt a Database with IBConsole.

To perform encryption when creating a new database, follow these steps:

1. Open IBConsole.
2. Select Server > Login from the menu.
3. Login as a SYSDBA or as a database owner.
4. Select Database > Create Database from the menu.
5. In the Save In field, select the folder where you want to save the database.
6. Specify a file name, click Save, and the dialog closes.
7. Change the value in the Embedded User Authentication field to Yes.
8. Note: The Use Encryption field is now visible.
9. Change the value in the Use Encryption field to Yes.

 

 

 

 

 

 

 

 

 

 

9. Click the OK button to create a database.
10. Enter your connection information and click the Connect button.
11. On the Encryption Wizard, click the Next button.
12. Type the SYSDSO password and click the Next button.
13. Type the SEP password and click the Next button.

 

 

 

 

 

 

 

 

 

Note: The External option makes it more difficult for unauthorized users to access an encrypted database on a mobile device such as a laptop computer, or on an a poorly secured desktop computer.

14. Type a name for the Encryption Key.
15. Select DES for the Cipher option.
16. Click the OK button.

 

 

 

 

 

 

 

 

17. Type the BackupKey Name and password.

Note: To maintain the security and confidentiality of encrypted databases, you must also encrypt database backup files.

18. Click the OK button.

 

 

 

 

 

19. On the dialog opened, click the OK button.

System Encryption Password parameter in InterBase

When a database is encrypted in InterBase, the SEP can be set internal (the default, no keyword used) or external (keyword used).

Note: To set the external SEP, check the External option in the Encryption wizard or you can use the alter database set system encryption password <255-character string> [external] command.

System Encryption Password in dbExpress

With dbExpress, you can set the SEP value in the TSQLConnection Params collection or you can set the SEP value programmatically.

 

 

 

 

 

 

 

 
[crayon-676c358dedfdd238299062/]

System Encryption Password in FireDAC

With FireDAC, you can set the SEPassword parameter in the TFDConnection connection definition parameters.

 

 

 

 

 

 

 

 

 

 

 

 

 
[crayon-676c358dedfe4067560219/]

System Encryption Password in InterBase Express

With InterBase Express (IBX), the SysEncryptPassword TIBDatabase parameter is set programmatically.
[crayon-676c358dedfe5270152100/]

Curious About InterBase?

Download The Free Developer Version

Download The Full Version Trial

Exit mobile version