backend encryption / security

[Herbert Thoma]

We have a FAQ on this issue:

http://wiki.gnucash.org/wiki/FAQ#Security:_Encryption.2C_Password_Feature.2C_...

Am 07.05.2014 00:40, schrieb Michalis Kamprianis:
> Hi,
> I can see in uservoice, and I think frequently asked in lists, the request for encryption or password protection of the datafile.
>
> Regarding database backends, I believe that database encryption should be used if required, (although I understand that dbi may not be up to the task).
>
> Nevertheless, for xml backend, I think that I could try to implement an AES based encryption (on saving) and decryption (on opening), based on code from aescrypt.
> Aescrypt is available for unix, windows, mac, so the implementation should probably be portable across platforms. The code is some gpl and some freeware.
> Of course such a solution only protects data at rest (i.e. when data is read in memory it is not protected. Log files are not protected. User configuration files are not protected - at least initially, and so on) so it's not transforming gnucash to the most secure accounting software out there, but solves the problem with datafile misplacement or unwanted access.
>
> The thing is, (a) I don't know if you're interested and / or agree in implementing something like that, and (b) although I will probably manage to code the open and save routines, I'm not sure I will not get stuck somewhere, in which case it will either remain as an unfinished project, or I will need some help from somebody more experienced.
>
> Your thoughts?
>
> Regards
> Michalis
> _______________________________________________
> gnucash-devel mailing list
> gnucash-devel at gnucash.org
> https://lists.gnucash.org/mailman/listinfo/gnucash-devel
>

-- 
Herbert Thoma
Dipl.-Ing., MBA
Head of Video Group
Multimedia Applications Department
Fraunhofer IIS
Am Wolfsmantel 33, 91058 Erlangen, Germany
Phone: +49-9131-776-6130
Fax:   +49-9131-776-6099
email: herbert.thoma at iis.fraunhofer.de
www: http://www.iis.fraunhofer.de/