This is not a web2py issue. This is a general design issue. Unless you encrypt each record with a different key that is only known to the owner of each individual records (his password for example), than the web app has access to all records because has the ability decrypt them all. In this case I do not see why encrypting each record with the same key or encrypting the file system is any different.
As far as the database is concerned, if you encrypt individual records you lose the ability to search inside them. This is a feature of all decent encryption algorithms, Cipher-block chaining (CBC). Massimo On Wednesday, 31 July 2013 04:00:13 UTC-5, Ivan Gazzola wrote: > > I need to encrypt data (medical data!) in db because if I encode the fs > when mounted this remains visible and for a web app the fs is always > mounted. > I would like to protect the data in case of access to the fs. > Any tips? > > thx > > Ivan > > Il giorno mercoledì 31 luglio 2013 10:33:00 UTC+2, Massimo Di Pierro ha > scritto: >> >> You cannot search inside an encrypted field. If you could it would not be >> encrypted. the best you can do is encrypt your search string too and check >> that the encrypted value is equal to the encrypted search string. Anyway, >> even if you succeed in doing this is means that all records are encrypted >> with the same key (and I think that is the case for you). In this case, why >> not simply encrypt the filesystem which contains the data instead of >> encrypted the individual records? This would allow you to perform search >> and would not require that the application has knowledge of the >> encryption/decryption key. >> >> >> >> On Wednesday, 31 July 2013 03:27:59 UTC-5, Ivan Gazzola wrote: >>> >>> I'm trying to use this >>> https://groups.google.com/d/msg/web2py/uGFQD0PBefQ/Zi-SPOLVSXIJ for >>> encrypting data in a sqlite table. >>> I need to search in one field with 'like' operator for buil a ajax list, >>> i use this function: >>> >>> def ajaxlivesearch(): >>> partialstr = request.vars.values()[0] >>> query = db.Nominativi.nome.like('%'+partialstr+'%') >>> person = db(query).select(db.Nominativi.nome,db.Nominativi.id,db. >>> Nominativi.categoria) >>> items = [] >>> for (i,person) in enumerate(person): >>> try: >>> items.append(LI(A(person.nome,' --> ',person.categoria. >>> categoria, _href=URL('default','nominativo',args=person.id)))) >>> except: >>> print "errore nel generare l'elemento" >>> return TAG[''](*items) >>> >>> when i try to serch in encrypted field with web2py query i don't get any >>> result :( also in admin interface. >>> Filter_out does not work in searches? >>> Might be useful to create a temporary virtual table with the decrypted >>> data for the search and keep it active only for the session? How can I do >>> that? >>> . >>> >>> >>> -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
