Hans,
While I've seen other responses here, you haven't indicates exactly
^what^ constitutes "unauthorized access". Does that mean someone who can
authenticate against the domain to be a certain user, or some other
criteria?
You need to define the threats, the surface area for attacks, etc,
etc.
It would seem like you want to use an additional shared-secret in
order to access the data, which would mean that you have to query for this
shared secret in your application, no matter what encryption technology is
used. If you are using passwords, then you need to enforce password
strength; things such as minimum lengths, use of non-alpha-numeric
characters, checks against frequency of characters in the password and
dictionary checks should be standard.
Or, you could use a smart card with a client certificate as the
shared secret, or any combination of things (biometrics, etc, etc).
The point is, until you define what you have, and what the
requirements are ("protect the index from unauthorized index" is just way to
vague), you're just stabbing in the dark.
- Nick
-----Original Message-----
From: Hans Merkl [mailto:[email protected]]
Sent: Thursday, February 25, 2010 4:17 PM
To: [email protected]
Subject: How to secure/encrypt a Lucene index?
Hi, I am working on a desktop app that will use Lucerne as search engine.
The app will be installed on the user's machine and the index will be stored
on the local hard disk.
The data is potentially confidential so I would like to protect the index
from unauthorized access. The data needs to be secure even when the user's
machine gets stolen.
2 approaches I have come up with so far:
- Use Windows NTFS encryption. Should be secure unless the unauthorized
person knows how log in as the user that created the index.
- Use TrueCrypt. This should be very safe but it requires the installation
of TrueCrypt and administrative rights to install the encrypted drive.
The application will be distributed to many users so I would like to keep
the installation as simple as possible.
Does anybody have experience with this scenario? Right now I think the
easiest approach would be NTFS encryption. What do you think?
Thanks!
smime.p7s
Description: S/MIME cryptographic signature
