Encryption provides secure representation of the data whereas obfuscation provides a simplistic level of security that is intended to prevent casual observation of the database contents. Data stored in UltraLite Java edition databases is not encrypted by default.
You must supply your own encryption control to encrypt data in an UltraLite Java edition database. The encryption control is set using the ConfigPersistent.setEncryption method, which accepts an EncryptionControl object to encrypt and decrypt pages.
Encryption is not available for non-persistent database stores.
Create and customize UltraLite Java edition database encryption or obfuscation API techniques in a BlackBerry application with the EncryptionControl interface.
Prerequisites
An existing Java application for a BlackBerry smartphone that implements the UltraLiteJ API.
Context and remarks
Many.
Create a class that implements the EncryptionControl interface.
The following example creates a new class named Encryptor that implements the encryption interface:
static class Encryptor implements EncryptionControl { |
Implement the initialize, encrypt, and decrypt methods in the new class.
Your class should now look similar to the following:
static class Encryptor implements EncryptionControl { /** Decrypt a page stored in the database. * @param page_no the number of the page being decrypted * @param src the encrypted source page which was read from the database * @param tgt the decrypted page (filled in by method) */ public void decrypt( int page_no, byte[] src, byte[] tgt ) throws ULjException { // Your decryption method goes here. } /** Encrypt a page stored in the database. * @param page_no the number of the page being encrypted * @param src the unencrypted source * @param tgt the encrypted target page which will be written to the database (filled in by method) */ public void encrypt( int page_no, byte[] src, byte[] tgt ) throws ULjException { // Your encryption method goes here. } /** Initialize the encryption control with a password. * @param password the password */ public void initialize(String password) throws ULjException { // Your initialization method goes here. } } |
Update your API code so that the new encryption control class is specified prior to connecting to the database.
You specify the encryption control with the Configuration.setEncryption method. The following example illustrates how to set the encryption control, assuming that you have a Configuration object named config that references your database:
config.setEncryption(new Encryptor()); |
The UltraLiteJ Security on BlackBerry Devices white paper contains information about the security options and concerns for UltraLiteJ applications on BlackBerry devices, including how the built-in security of the device can work for and against applications. For more information, see UltraLiteJ Security on BlackBerry Devices.
Discuss this page in DocCommentXchange.
|
Copyright © 2012, iAnywhere Solutions, Inc. - SQL Anywhere 12.0.1 |