You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-user@db.apache.org by "Hohl, Gerrit" <g....@aurenz.de> on 2016/08/24 07:15:59 UTC
Use Apache Derby Network Server with encrypted database
Hello everyone,
I've used Apache Derby for years now as an embedded RDBMS.
BTW: Thanks to all developer doing a great job developing this database
system. :-D
But now I want to use it as a separate service running on Ubuntu Linux.
This is no problem.
But I haven't found any explanation or example how to create and use
encrypted database if I'm running Derby as a service.
I found only this page:
https://db.apache.org/derby/docs/10.0/manuals/develop/develop115.html
But it seems it only deals with an embedded Derby version.
Regards,
Gerrit
Re: AW: AW: Use Apache Derby Network Server with encrypted database
Posted by Michael Amanti <ma...@sbcglobal.net>.
On 8/25/2016 7:58 AM, Hohl, Gerrit wrote:
> Yes, but an attacker can't access the database if that person is not on the machine itself.
Is SELinux enabled ?
> And in this case I also don't have to encrypt it, right? ;-)
>
> Regards,
> Gerrit
> -----Urspr�ngliche Nachricht-----
> Von: John English [mailto:john.foreign@gmail.com]
> Gesendet: Donnerstag, 25. August 2016 10:14
> An: Derby Discussion
> Betreff: Re: AW: Use Apache Derby Network Server with encrypted database
>
> On 25/08/2016 10:58, Hohl, Gerrit wrote:
>> But if that person sniffs the IP traffic on 127.0.0.1, he/she may be
>> able to read the boot password as well as user and password.
> And of course IP traffic to 127.0.0.1 should *never* go outside the local machine, according to the spec. So any sniffer would have to be logged in on the local machine itself, in which case you're probably in trouble anyway.
> --
> John English
Re: AW: AW: Use Apache Derby Network Server with encrypted database
Posted by John English <jo...@gmail.com>.
On 25/08/2016 15:58, Hohl, Gerrit wrote:
> Yes, but an attacker can't access the database if that person is not
> on the machine itself.
Exactly.
> And in this case I also don't have to encrypt it, right? ;-)
As long as you don't allow remote shells or anything stupid like that.
And if an attacker does manage to get a shell running on your machine,
encrypting your DB connection is probably the least of your worries.
--
John English
AW: AW: Use Apache Derby Network Server with encrypted database
Posted by "Hohl, Gerrit" <g....@aurenz.de>.
Yes, but an attacker can't access the database if that person is not on the machine itself.
And in this case I also don't have to encrypt it, right? ;-)
Regards,
Gerrit
-----Ursprüngliche Nachricht-----
Von: John English [mailto:john.foreign@gmail.com]
Gesendet: Donnerstag, 25. August 2016 10:14
An: Derby Discussion
Betreff: Re: AW: Use Apache Derby Network Server with encrypted database
On 25/08/2016 10:58, Hohl, Gerrit wrote:
> But if that person sniffs the IP traffic on 127.0.0.1, he/she may be
> able to read the boot password as well as user and password.
And of course IP traffic to 127.0.0.1 should *never* go outside the local machine, according to the spec. So any sniffer would have to be logged in on the local machine itself, in which case you're probably in trouble anyway.
--
John English
Re: AW: Use Apache Derby Network Server with encrypted database
Posted by John English <jo...@gmail.com>.
On 25/08/2016 10:58, Hohl, Gerrit wrote:
> But if that person sniffs the IP traffic on 127.0.0.1, he/she may be
> able to read the boot password as well as user and password.
And of course IP traffic to 127.0.0.1 should *never* go outside the
local machine, according to the spec. So any sniffer would have to be
logged in on the local machine itself, in which case you're probably in
trouble anyway.
--
John English
AW: Use Apache Derby Network Server with encrypted database
Posted by "Hohl, Gerrit" <g....@aurenz.de>.
Hello Peter,
my point is that I don't need SSL if I only use local connections (accept connections only on 127.0.0.1) as it may not add any extra security.
If I want to use SSL, I have to put the keys into a keystore in the filesystem.
And the password will also have to be stored somewhere in plaintext so I can pass it to the Derby process when it is started.
And the attacker may read that.
The data of the database would be encrypted. So the attacker can't read it.
But if that person sniffs the IP traffic on 127.0.0.1, he/she may be able to read the boot password as well as user and password.
And if the attacker has that, that person can encrypt the database.
So it's not 100% secure.
I hope I didn't misunderstood your mail.
Regards,
Gerrit
Von: Peter Ondruška [mailto:peter.ondruska@kaibo.eu]
Gesendet: Donnerstag, 25. August 2016 09:51
An: Derby Discussion
Betreff: Re: Use Apache Derby Network Server with encrypted database
Just a note on "If a person is already on the machine and would be able to sniff the local IP traffic, that person may also have access on the files of Derby.". To prevent this you encrypt the database and carefully manage encryption key. But if somebody interepts unencrypted network traffic (be it local or remote) he can also intercept the encryption key used to boot database and all encryption is useless, besides attacher will have username and password to log in to started database and can export data over network.
On 25 August 2016 at 08:47, Hohl, Gerrit <g....@aurenz.de> wrote:
Hello Peter,
hello George,
thank you for your 2 mails. And sorry I didn't reply earlier.
Yes, I also realized that there is no difference between the embedded and the standalone version.
The only exception is that you have to put the encryption library in the CLASSPATH of the network server if you want to use one.
Everything else can be passed to the database via the connection.
About SSL: As I use it as a local database, but in a different process than then application (this way I can do some maintenance even independent from the application) I guess I don't need it.
Or let's put it this way: If a person is already on the machine and would be able to sniff the local IP traffic, that person may also have access on the files of Derby.
And somewhere there is also the password for the keystore as well as the path to the keystore which contains the certificate(s). I guess from there to the boot password it is only a short way.
Or I'm wrong?
For a database installed on a different machine I definitely would recommend using SSL, of course.
Thanks for your mails again. :-)
Gruß
Gerrit
Von: toma.george89@yahoo.com [mailto:toma.george89@yahoo.com]
Gesendet: Mittwoch, 24. August 2016 22:13
An: derby-user@db.apache.org
Betreff: Re: Use Apache Derby Network Server with encrypted database
Hi Gerrit,
Based on Apache Derby page, between the embedded mode and network mode there is no difference, https://db.apache.org/derby/docs/10.0/manuals/admin/hubprnt19.html#Differences+between+running+Derby+in+embedded+mode+and+using+the+Network+Server
Have you tried to create an encrypted database via the network mode using the steps mentioned in your link ? It should work, otherwise can you please post your errors/stacktrace/exceptions.
What I did on my side to try your scenario :
1. Start Apache Derby in network mode
2. Create a dummy encrypted database and connect to it via ij:
a. connect 'jdbc:derby://localhost:1527/MyDbTest;create=true;dataEncryption=true';
3. After that I’ve started to create tables and to execute SQL queries (select), just to play with the database.
4. It worked, no difference between embedded vs network mode.
a. Remember to append to the URL the host and the port where Apache Derby server is started ( in my case it was localhost : 1527).
What I’ve followed in order to achieve the above:
1. http://db.apache.org/derby/papers/DerbyTut/ns_intro.html#ij_ns_client
2. http://db.apache.org/derby/papers/DerbyTut/ij_intro.html#ij_connect
3. https://db.apache.org/derby/docs/10.0/manuals/develop/develop15.html
4. If you want a more custom example regarding the algorithm that can be used to encrypt the database, please have a look into this page :
a. https://db.apache.org/derby/docs/10.2/ref/rrefattribencryptkey.html
If you need more information, please let me know.
Regards,
George
Sent from Windows Mail
Von: Peter Ondruška [mailto:peter.ondruska@kaibo.eu]
Gesendet: Mittwoch, 24. August 2016 12:32
An: Derby Discussion
Betreff: Re: Use Apache Derby Network Server with encrypted database
Dear Gerrit,
from my understanding the only difference with Derby network server and embedded is relevant part of connection string. The rest where you put parameters after semicolon and where you would specify encryption properties is the same. Just start network server and then connect using network url with decryption parameters, subsequent connections should also use those parameters because you do not know if database has already booted or not. I strongly recommend using SSL to connect to encrypted database ;)
On 24 August 2016 at 09:15, Hohl, Gerrit <g.hohl@aurenz.de <ma...@aurenz.de> > wrote:
Hello everyone,
I've used Apache Derby for years now as an embedded RDBMS.
BTW: Thanks to all developer doing a great job developing this database system. :-D
But now I want to use it as a separate service running on Ubuntu Linux.
This is no problem.
But I haven't found any explanation or example how to create and use encrypted database if I'm running Derby as a service.
I found only this page:
https://db.apache.org/derby/docs/10.0/manuals/develop/develop115.html
But it seems it only deals with an embedded Derby version.
Regards,
Gerrit
--
Peter Ondruška
kaibo, s.r.o., ID 28435036, registered with the commercial register administered by the Municipal Court in Prague, section C, insert 141269.
Registered office and postal address: kaibo, s.r.o., Kališnická 379/10, Prague 3, 130 00, Czech Republic.
https://www.kaibo.eu
--
Peter Ondruška
kaibo, s.r.o., ID 28435036, registered with the commercial register administered by the Municipal Court in Prague, section C, insert 141269.
Registered office and postal address: kaibo, s.r.o., Kališnická 379/10, Prague 3, 130 00, Czech Republic.
https://www.kaibo.eu
Re: Use Apache Derby Network Server with encrypted database
Posted by Peter Ondruška <pe...@kaibo.eu>.
Just a note on "If a person is already on the machine and would be able to
sniff the local IP traffic, that person may also have access on the files
of Derby.". To prevent this you encrypt the database and carefully manage
encryption key. But if somebody interepts unencrypted network traffic (be
it local or remote) he can also intercept the encryption key used to boot
database and all encryption is useless, besides attacher will have username
and password to log in to started database and can export data over network.
On 25 August 2016 at 08:47, Hohl, Gerrit <g....@aurenz.de> wrote:
> Hello Peter,
>
> hello George,
>
>
>
> thank you for your 2 mails. And sorry I didn't reply earlier.
>
> Yes, I also realized that there is no difference between the embedded and
> the standalone version.
>
> The only exception is that you have to put the encryption library in the
> CLASSPATH of the network server if you want to use one.
>
> Everything else can be passed to the database via the connection.
>
>
>
> About SSL: As I use it as a local database, but in a different process
> than then application (this way I can do some maintenance even independent
> from the application) I guess I don't need it.
>
> Or let's put it this way: If a person is already on the machine and would
> be able to sniff the local IP traffic, that person may also have access on
> the files of Derby.
>
> And somewhere there is also the password for the keystore as well as the
> path to the keystore which contains the certificate(s). I guess from there
> to the boot password it is only a short way.
>
> Or I'm wrong?
>
>
>
> For a database installed on a different machine I definitely would
> recommend using SSL, of course.
>
>
>
> Thanks for your mails again. :-)
>
>
>
> Gruß
>
> Gerrit
>
>
>
> *Von:* toma.george89@yahoo.com [mailto:toma.george89@yahoo.com]
> *Gesendet:* Mittwoch, 24. August 2016 22:13
> *An:* derby-user@db.apache.org
> *Betreff:* Re: Use Apache Derby Network Server with encrypted database
>
>
>
> Hi Gerrit,
>
>
>
> Based on Apache Derby page, between the embedded mode and network mode
> there is no difference, https://db.apache.org/derby/
> docs/10.0/manuals/admin/hubprnt19.html#Differences+
> between+running+Derby+in+embedded+mode+and+using+the+Network+Server
>
>
>
> Have you tried to create an encrypted database via the network mode using
> the steps mentioned in your link ? It should work, otherwise can you please
> post your errors/stacktrace/exceptions.
>
>
>
> What I did on my side to try your scenario :
>
> 1. Start Apache Derby in network mode
>
>
> 1. Create a dummy encrypted database and connect to it via *ij*:
>
>
> 1. connect 'jdbc:derby://*localhost:1527*/MyDbTest;create=true;
> dataEncryption=true';
>
>
> 1. After that I’ve started to create tables and to execute SQL queries
> (select), just to play with the database.
>
>
> 1. It worked, no difference between embedded vs network mode.
>
>
> 1. Remember to append to the URL the host and the port where Apache
> Derby server is started ( in my case it was localhost : 1527).
>
>
>
> What I’ve followed in order to achieve the above:
>
> 1. http://db.apache.org/derby/papers/DerbyTut/ns_intro.html#
> ij_ns_client
>
>
> 1. http://db.apache.org/derby/papers/DerbyTut/ij_intro.html#ij_connect
>
>
> 1. https://db.apache.org/derby/docs/10.0/manuals/develop/develop15.html
>
>
> 1. If you want a more custom example regarding the algorithm that can
> be used to encrypt the database, please have a look into this page :
>
>
> 1. https://db.apache.org/derby/docs/10.2/ref/rrefattribencryptkey.html
>
>
>
> If you need more information, please let me know.
>
>
>
> Regards,
>
> George
>
>
>
>
>
> Sent from Windows Mail
>
>
>
> *Von:* Peter Ondruška [mailto:peter.ondruska@kaibo.eu]
> *Gesendet:* Mittwoch, 24. August 2016 12:32
> *An:* Derby Discussion
> *Betreff:* Re: Use Apache Derby Network Server with encrypted database
>
>
>
> Dear Gerrit,
>
> from my understanding the only difference with Derby network server and
> embedded is relevant part of connection string. The rest where you put
> parameters after semicolon and where you would specify encryption
> properties is the same. Just start network server and then connect using
> network url with decryption parameters, subsequent connections should also
> use those parameters because you do not know if database has already booted
> or not. I strongly recommend using SSL to connect to encrypted database ;)
>
>
>
> On 24 August 2016 at 09:15, Hohl, Gerrit <g....@aurenz.de> wrote:
>
> Hello everyone,
>
>
>
> I've used Apache Derby for years now as an embedded RDBMS.
>
> BTW: Thanks to all developer doing a great job developing this database
> system. :-D
>
>
>
> But now I want to use it as a separate service running on Ubuntu Linux.
>
> This is no problem.
>
>
>
> But I haven't found any explanation or example how to create and use
> encrypted database if I'm running Derby as a service.
>
>
>
> I found only this page:
>
> https://db.apache.org/derby/docs/10.0/manuals/develop/develop115.html
>
> But it seems it only deals with an embedded Derby version.
>
>
>
> Regards,
>
> Gerrit
>
>
>
>
>
>
> --
>
> Peter Ondruška
>
>
> kaibo, s.r.o., ID 28435036, registered with the commercial register
> administered by the Municipal Court in Prague, section C, insert 141269.
> Registered office and postal address: kaibo, s.r.o., Kališnická 379/10,
> Prague 3, 130 00, Czech Republic.
> https://www.kaibo.eu
>
>
>
--
Peter Ondruška
--
kaibo, s.r.o., ID 28435036, registered with the commercial register
administered by the Municipal Court in Prague, section C, insert 141269.
Registered office and postal address: kaibo, s.r.o., Kališnická 379/10,
Prague 3, 130 00, Czech Republic.
https://www.kaibo.eu
AW: Use Apache Derby Network Server with encrypted database
Posted by "Hohl, Gerrit" <g....@aurenz.de>.
Hello Peter,
hello George,
thank you for your 2 mails. And sorry I didn't reply earlier.
Yes, I also realized that there is no difference between the embedded and the standalone version.
The only exception is that you have to put the encryption library in the CLASSPATH of the network server if you want to use one.
Everything else can be passed to the database via the connection.
About SSL: As I use it as a local database, but in a different process than then application (this way I can do some maintenance even independent from the application) I guess I don't need it.
Or let's put it this way: If a person is already on the machine and would be able to sniff the local IP traffic, that person may also have access on the files of Derby.
And somewhere there is also the password for the keystore as well as the path to the keystore which contains the certificate(s). I guess from there to the boot password it is only a short way.
Or I'm wrong?
For a database installed on a different machine I definitely would recommend using SSL, of course.
Thanks for your mails again. :-)
Gruß
Gerrit
Von: toma.george89@yahoo.com [mailto:toma.george89@yahoo.com]
Gesendet: Mittwoch, 24. August 2016 22:13
An: derby-user@db.apache.org
Betreff: Re: Use Apache Derby Network Server with encrypted database
Hi Gerrit,
Based on Apache Derby page, between the embedded mode and network mode there is no difference, https://db.apache.org/derby/docs/10.0/manuals/admin/hubprnt19.html#Differences+between+running+Derby+in+embedded+mode+and+using+the+Network+Server
Have you tried to create an encrypted database via the network mode using the steps mentioned in your link ? It should work, otherwise can you please post your errors/stacktrace/exceptions.
What I did on my side to try your scenario :
1. Start Apache Derby in network mode
2. Create a dummy encrypted database and connect to it via ij:
a. connect 'jdbc:derby://localhost:1527/MyDbTest;create=true;dataEncryption=true';
3. After that I’ve started to create tables and to execute SQL queries (select), just to play with the database.
4. It worked, no difference between embedded vs network mode.
a. Remember to append to the URL the host and the port where Apache Derby server is started ( in my case it was localhost : 1527).
What I’ve followed in order to achieve the above:
1. http://db.apache.org/derby/papers/DerbyTut/ns_intro.html#ij_ns_client
2. http://db.apache.org/derby/papers/DerbyTut/ij_intro.html#ij_connect
3. https://db.apache.org/derby/docs/10.0/manuals/develop/develop15.html
4. If you want a more custom example regarding the algorithm that can be used to encrypt the database, please have a look into this page :
a. https://db.apache.org/derby/docs/10.2/ref/rrefattribencryptkey.html
If you need more information, please let me know.
Regards,
George
Sent from Windows Mail
Von: Peter Ondruška [mailto:peter.ondruska@kaibo.eu]
Gesendet: Mittwoch, 24. August 2016 12:32
An: Derby Discussion
Betreff: Re: Use Apache Derby Network Server with encrypted database
Dear Gerrit,
from my understanding the only difference with Derby network server and embedded is relevant part of connection string. The rest where you put parameters after semicolon and where you would specify encryption properties is the same. Just start network server and then connect using network url with decryption parameters, subsequent connections should also use those parameters because you do not know if database has already booted or not. I strongly recommend using SSL to connect to encrypted database ;)
On 24 August 2016 at 09:15, Hohl, Gerrit <g.hohl@aurenz.de <ma...@aurenz.de> > wrote:
Hello everyone,
I've used Apache Derby for years now as an embedded RDBMS.
BTW: Thanks to all developer doing a great job developing this database system. :-D
But now I want to use it as a separate service running on Ubuntu Linux.
This is no problem.
But I haven't found any explanation or example how to create and use encrypted database if I'm running Derby as a service.
I found only this page:
https://db.apache.org/derby/docs/10.0/manuals/develop/develop115.html
But it seems it only deals with an embedded Derby version.
Regards,
Gerrit
--
Peter Ondruška
kaibo, s.r.o., ID 28435036, registered with the commercial register administered by the Municipal Court in Prague, section C, insert 141269.
Registered office and postal address: kaibo, s.r.o., Kališnická 379/10, Prague 3, 130 00, Czech Republic.
https://www.kaibo.eu
Re: Use Apache Derby Network Server with encrypted database
Posted by to...@yahoo.com.
Hi Gerrit,
Based on Apache Derby page, between the embedded mode and network mode there is no difference, https://db.apache.org/derby/docs/10.0/manuals/admin/hubprnt19.html#Differences+between+running+Derby+in+embedded+mode+and+using+the+Network+Server
Have you tried to create an encrypted database via the network mode using the steps mentioned in your link ? It should work, otherwise can you please post your errors/stacktrace/exceptions.
What I did on my side to try your scenario :
Start Apache Derby in network mode
Create a dummy encrypted database and connect to it via ij:
connect 'jdbc:derby://localhost:1527/MyDbTest;create=true;dataEncryption=true';
After that I’ve started to create tables and to execute SQL queries (select), just to play with the database.
It worked, no difference between embedded vs network mode.
Remember to append to the URL the host and the port where Apache Derby server is started ( in my case it was localhost : 1527).
What I’ve followed in order to achieve the above:
http://db.apache.org/derby/papers/DerbyTut/ns_intro.html#ij_ns_client
http://db.apache.org/derby/papers/DerbyTut/ij_intro.html#ij_connect
https://db.apache.org/derby/docs/10.0/manuals/develop/develop15.html
If you want a more custom example regarding the algorithm that can be used to encrypt the database, please have a look into this page :
https://db.apache.org/derby/docs/10.2/ref/rrefattribencryptkey.html
If you need more information, please let me know.
Regards,
George
Sent from Windows Mail
From: Hohl, Gerrit
Sent: Wednesday, August 24, 2016 10:15 AM
To: derby-user@db.apache.org
Hello everyone,
I've used Apache Derby for years now as an embedded RDBMS.
BTW: Thanks to all developer doing a great job developing this database system. :-D
But now I want to use it as a separate service running on Ubuntu Linux.
This is no problem.
But I haven't found any explanation or example how to create and use encrypted database if I'm running Derby as a service.
I found only this page:
https://db.apache.org/derby/docs/10.0/manuals/develop/develop115.html
But it seems it only deals with an embedded Derby version.
Regards,
Gerrit
Re: Use Apache Derby Network Server with encrypted database
Posted by Peter Ondruška <pe...@kaibo.eu>.
Dear Gerrit,
from my understanding the only difference with Derby network server and
embedded is relevant part of connection string. The rest where you put
parameters after semicolon and where you would specify encryption
properties is the same. Just start network server and then connect using
network url with decryption parameters, subsequent connections should also
use those parameters because you do not know if database has already booted
or not. I strongly recommend using SSL to connect to encrypted database ;)
On 24 August 2016 at 09:15, Hohl, Gerrit <g....@aurenz.de> wrote:
> Hello everyone,
>
>
>
> I've used Apache Derby for years now as an embedded RDBMS.
>
> BTW: Thanks to all developer doing a great job developing this database
> system. :-D
>
>
>
> But now I want to use it as a separate service running on Ubuntu Linux.
>
> This is no problem.
>
>
>
> But I haven't found any explanation or example how to create and use
> encrypted database if I'm running Derby as a service.
>
>
>
> I found only this page:
>
> https://db.apache.org/derby/docs/10.0/manuals/develop/develop115.html
>
> But it seems it only deals with an embedded Derby version.
>
>
>
> Regards,
>
> Gerrit
>
>
>
--
Peter Ondruška
--
kaibo, s.r.o., ID 28435036, registered with the commercial register
administered by the Municipal Court in Prague, section C, insert 141269.
Registered office and postal address: kaibo, s.r.o., Kališnická 379/10,
Prague 3, 130 00, Czech Republic.
https://www.kaibo.eu