I still don't really get it. Maybe it is just me, but I don't get the concept. ".NET Triple DES encryption" to me is just a standard encryption algorithm and does not describe any concept to me (I have no knowledge of .NET, but google didn't indicate otherwise).
It seems like you don't want your users to directly access your XML documents, at least that is the point of encryption in your case I guess. But why do you not simply not give them access to the data? The user can't do anything with encrypted data, so it should be sufficient if the user simply has no access to the data.
Encrypting them on the server seems not very beneficial to me. If you encrypt XML files, they will not be XML anymore, so you would have to store them as binary (hence, you couldn't use XQuery anymore to access the data directly, instead for each query you would have to decrypt the data, parse it and than you could query it).
So if just your application should be able to access the XML documents, simply just give your application user credentials to access the documents on the server. What would be the point of your users being able to access the server, when they are unable to do anything with the encrypted data?!
Cheers, Dirk
On 25/09/14 14:12, Nilanjan Dutta wrote:
Not exactly.. Idea is to generate those Db files in server by feeding the XML . And I'd zip the resulting database files and push it to the client through wcf service.
Here I want to encrypt these DB files in server and send and while reading those DB files in the client I want to decrypt it programmatically. For user, without running my application, it must remains encrypted. By doing this, I want to prevent my users playing with those DB files by any mean. Something similar to .NET Triple DES encryption.
Regards, N.D.
On Thu, Sep 25, 2014 at 5:33 PM, Dirk Kirsten dk@basex.org wrote:
Hi Nilanjan,
double praise for Marco is well-deserved - We always appreciate user feedback on the mailing list!
I don't really get what you want to achieve with this kind of encryption. Do you want your user to be unable to modify the XML documents at your server? Then you could simply give them an account with read permissions only.
Cheers, Dirk
On 25/09/14 13:55, Nilanjan Dutta wrote:
My bad. I meant Marco and Dirk. Thanks once again :)
Regards, N.D.
On Thu, Sep 25, 2014 at 5:24 PM, Nilanjan Dutta < nilanjan.dutta.india@gmail.com> wrote:
Thanks Marco and Marco for your prompt response. So that is OK now - I have to configure the client instance with a db
path
for those files and it should work. Now one more concern is, is there a way I can encrypt those files while pushing them to clients from the server? And decrypt in the client
code? Or
do I rely on some 3rd party tool to do that? I don't want my users to
play
around those files at all.
Regards, N.D.
On Thu, Sep 25, 2014 at 4:04 PM, Marco Lettere <
marco.lettere@dedalus.eu>
wrote:
Hi Nilanjan, I've done something similar and it works. I even use rsync for synchronizing database directories calling it from the xquery proc module. Just it has to be done when no access to the data is occurring because there could be consistency issues arising. Regards, M.
On 25/09/2014 12:16, Nilanjan Dutta wrote:
Hello Team,
In our project we are planning to use BaseX as XML DB.
My main concern is, we don't want to create DB again and again to different machines with same XML file as input and would like to reuse
the
DB that we'd generate in a server.
I see in the "data" directory of my BaseX installation these files are generated when I create a DB by importing an XML:
[image: Inline image 1] Would like to know if these can be zipped and ported into different machines and can be used to recreate the DB. Please do let me know how
this
can be done .
Regards, N ilanjan Dutta
-- Dirk Kirsten, BaseX GmbH, http://basex.org |-- Firmensitz: Blarerstrasse 56, 78462 Konstanz |-- Registergericht Freiburg, HRB: 708285, Geschäftsführer: | Dr. Christian Grün, Dr. Alexander Holupirek, Michael Seiferle `-- Phone: 0049 7531 28 28 676, Fax: 0049 7531 20 05 22