Hi Patrick, OK, thanks for the clarification regarding the potential role for gSSO.
What you say about sqlite databases raises a broader question for me. In general, should Tizen's approach to data-at-rest security be fine-grained and use-case specific ( i.e. different techniques according to circumstance ), or would it be preferable ( if performance requirements are not compromised ) to take a cruder but simpler approach e.g. store any data that should be secured on a loop-AES device ? Perhaps the needs of the underlying system/middleware and the needs of Application level entities are sufficiently different that different approaches are justified. So for example, rather than use sqlcipher for individual databases maintained by the system/middleware, just store any system databases that must be protected on a loop-AES device. The argument being that these databases are all owned by the system, and keying them differently would serve no useful purpose. Using loop-AES would also be ( to a large degree ) transparent to most data sources/sinks. On the other hand, the system cannot really discern the purpose/needs of an Application, and so secure storage of Application specific data ( whatever form that data may take ) should be more flexible ( i.e. use gSSO/eCryptfs ). Mark. MARK DE ROUSSIER Team Lead Symphony Teleca Sunley House, 46 Jewry Street, Winchester, Hampshire, SO23 8RY Phone: +441962891219, Fax: +441962868867 mailto:[email protected] http://www.symphonyteleca.com Teleca Limited, a company registered in England & Wales, registration number 2773878, registered office at Sunley House, 46 Jewry Street, Winchester, Hampshire SO23 8RY. VAT registration number GB 674 6583 90 Follow what's going on at Symphony Teleca's blog on http://www.symphonyteleca.com/blog. Please consider the environment before you print. Notice to recipient: This e-mail (including any attachments) is meant for the intended recipient only, may contain confidential and proprietary information, and is protected by law. If you received this e-mail in error, please immediately notify the sender of the error by return e-mail, delete this communication and any attachments, and shred any printouts. Unauthorized review, use, dissemination, distribution, copying or taking of any action based on this communication is strictly prohibited. _______________________________________________ IVI mailing list [email protected] https://lists.tizen.org/listinfo/ivi
