Guys, I want to encourage you to stay on topic. The issue here is encryption for data store in App Engine. As several posters have pointed out, there are no easy solutions for this. A shift towards the cloud has all the implications of not being able to physically secure the data. Using a service such as App Engine, something we common describe as a platform-as-a-service, you have much less control over your data, though we will bear the responsibility of providing as much security as we can. There is probably a workable compromise somewhere involving where we store cryptographic keys and ACLs, but for the foreseeable future, you will have to accept that if you are running your software on Google's platform, then Google's platform will be able to access your data. If you build a rich client, you can encrypt the data on the client.
-- Ikai Lan Developer Relations, Google App Engine Twitter: http://twitter.com/ikai Delicious: http://delicious.com/ikailan ---------------- Google App Engine links: Blog: http://googleappengine.blogspot.com Twitter: http://twitter.com/app_engine Reddit: http://www.reddit.com/r/appengine -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
