Common security practices when an app reads/writes an encrypted database file
I'm writing an app that needs to read/write important datas from/to an encrypted local database file.
What are the best practices to ensure a great level of security while performing the following tasks?
1) Read the database while asking the password only once : right now when started the program asks to the user the password needed to decrypt the database, then it decrypts and reads the database and assign a clear version of it to a variable for future readings and manipulations. I know that while a program doesn't use swap memory its variables should not be accessible by other processes, but is there a way to make it more secure?
2) Write a modified version of the encrypted database without asking the password again : right now once the user provides the password to decrypt the database the app saves the password to a local variable so that it could write a modified, encrypted, version of the database to a file. Is there a way to do the same without saving the password in a clear form? I thought that I could simply use an hash of the password as the key for encryption/decryption, but still I would need to assign the hashed version of the password to a variable, and I would like to do it better.
Thank you all.
链接地址: http://www.djcxy.com/p/67696.html上一篇: 在java中加密文本文件的最简单方法