Salutations
Derek Atkins
warlord@MIT.EDU
10 Dec 2000 13:50:02 -0500
One of my personal requirements is strong security. This implies data
encryption, data integrity, and cryptographic user authentication
between the GnuCash engine and the Database datastore (especially if
they are on different machines). How does an application communicate
to the database? I want to make sure that GnuCash doesn't depend upon
e.g. PostgreSQL's network security model.
The architecture that I envision basically has three parts, the
Database filestore, the GnuCash Engine, and the GnuCash UI. The
network connection can be either between the UI and the Engine, or
between the Engine and the Filestore. (I suppose that there could be
a network connection between all three pieces, but I'm not sure why
one would do that).
I would like to have an architecture where "standard" access to the
data (i.e. not using the DB Admin interfaces) would require strong
cryptographic security. This implies that data stored in the database
would require ACL information tied to each object in order to
authorize access.
David, as your move forward with DB schema, I'd like to work with you
on a viable security model. Unfortunately I don't understand enough
about SQL or databases to really understand how we might interpose
ourselves across the network.
Thanks,
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
warlord@MIT.EDU PGP key available