Common security practices when an app reads/writes an encrypted database file

I'm writing an app that needs to read/write important datas from/to an encrypted local database file.

What are the best practices to ensure a great level of security while performing the following tasks?

1) Read the database while asking the password only once : right now when started the program asks to the user the password needed to decrypt the database, then it decrypts and reads the database and assign a clear version of it to a variable for future readings and manipulations. I know that while a program doesn't use swap memory its variables should not be accessible by other processes, but is there a way to make it more secure?

2) Write a modified version of the encrypted database without asking the password again : right now once the user provides the password to decrypt the database the app saves the password to a local variable so that it could write a modified, encrypted, version of the database to a file. Is there a way to do the same without saving the password in a clear form? I thought that I could simply use an hash of the password as the key for encryption/decryption, but still I would need to assign the hashed version of the password to a variable, and I would like to do it better.

Thank you all.

链接地址: http://www.djcxy.com/p/67696.html

上一篇: 在java中加密文本文件的最简单方法

下一篇: 应用程序读取/写入加密的数据库文件时的常见安全措施