I have the following criteria Database should be protected with a username and password. It should not be possible to copy the database file and use it else were like MS Access. There will be no central database server. Each machine will run their own database server locally and user will initiate synchronization. Concept is inspired from distributed version control system like Git. So it should have good replication support. Strong consistency is not needed. Users will synchronize each other database when they need. In case of conflicts it should be possible to find the conflict and present it (from application) to the user for fixing it. Revisions of data if available it will be good. e.g. Entire history of change to a invoice. I explored document oriented database and inclined towards the same. But I dont know what to choose. Database is small it will not reach even 1GB in the next few years (say 3 years). Please feel free to suggest any database which you think might be suitable. Any pointers is highly appreciated. Thanks in advance.

sqldatabaseselectionnosql

Sundar

Reputation: 1204

Which Database to choose?

I have the following criteria

Database should be protected with a username and password. It should not be possible to copy the database file and use it else were like MS Access.
There will be no central database server. Each machine will run their own database server locally and user will initiate synchronization. Concept is inspired from distributed version control system like Git. So it should have good replication support.
Strong consistency is not needed. Users will synchronize each other database when they need. In case of conflicts it should be possible to find the conflict and present it (from application) to the user for fixing it.
Revisions of data if available it will be good. e.g. Entire history of change to a invoice.
I explored document oriented database and inclined towards the same. But I dont know what to choose.
Database is small it will not reach even 1GB in the next few years (say 3 years).

Please feel free to suggest any database which you think might be suitable. Any pointers is highly appreciated.

Thanks in advance.

Upvotes: 3

Answers (3)

Sundar

Reputation: 1204

Following is the one which I am looking for:

From official site: CouchDB is a peer-based distributed database system, it allows for users and servers to access and update the same shared data while disconnected and then bi-directionally replicate those changes later.

The CouchDB document storage, view and security models are designed to work together to make true bi-directional replication efficient and reliable. Both documents and designs can replicate, allowing full database applications (including application design, logic and data) to be replicated to laptops for offline use, or replicated to servers in remote offices where slow or unreliable connections make sharing data difficult.

Any idea how the couchDB data can be protected using user accounts? e.g. Mysql needs user to login to use the data. I am looking only for a simple authentication, not for something fool proof. I just do not want the data to be open for editing. Encrypting the file system seems to be an overkill.

Upvotes: 0

Chris Thornton

Reputation: 15817

I have done this where a vertical-market customer wanted to use my ClipMate program to store and distribute medical-related data, and didn't want the data to escape "into the wild".
I leveraged the encryption capability of the database (DBISAM by Elevatesoft, which has an engine that compiles directly into Delphi programs) and the "hardware locking" capability of my protection wrapper, Armadillo.
So when someone purchases the program from the vertical market customer, they get the app (download or CD) and install it. Upon installation, they are presented with a registration dialog that shows their "hardware fingerprint" (as reported by Armadillo). This is derived from their ethernet address, CPU serial, hard drive serial, etc., and I could be wrong on any of those, but that's the general idea. They call it in, and a key is generated that's unique to that end-user/machine combo. The registration key "unlocks" the database, which is encrypted, and the encryption key is part of the registration code. The end-user cannot make any use of the data without the key, and they cannot give away or transfer the data without receiving another unlock code. It's pretty tight. Would be too annoying for a low-priced app, but they're charging a lot for it, so it's worth it.

Anyway, to recap: The database is encrypted, and the encryption code is only accessible (to the program that reads the database) when the program is properly registered to a specific user/computer.

You COULD do this with Access, MySQL, etc.. Just encrypt the data, either at the database level (I suppose they support this, no?) or at the field level, if you want ultimate control and are ok with using a custom front-end app to read the thing.

Upvotes: 0

Thilo

Reputation: 262814

I am looking for the exact same thing. Have not found it yet. An interesting project in this space is Bestpractical's Prophet (and the bug tracker SD that is built on this). I have no idea how active it is, though, and I do not think it uses an encrypted file format (but in your scenario, whole-disk encryption would be a feasible solution).

Prophet's buzzword-laden pitch reads something like this:

A grounded, semirelational, peer to peer replicated, disconnected, versioned, property database with self-healing conflict resolution.

Upvotes: 2

Which Database to choose?

Answers (3)

Related Questions