Use file data without giving anyone else permission

Question

I have an application that use a .properties data containing password from DB, this application will be used by my client but I don't want to give him any kind of access to this properties data, not even if we look in the .jar. I thought to use zip4j but is there any another best solution for this because when I unzip it the .properties will be decompressed somewhere giving the client access to it doesn't it??

Answer 1

This cannot be done. Just forget about this idea and re-think your system. You can't provide read access not providing read access at the same time.

This is a wet dream of legal depts in the media industry. They invest piles of money in solving this insolvable problem with DRM that never works, but annoys everybody.

You can make it more annoying to extract the data - using various obfuscation techniques - but that's all.

One of those ideas is to encode the passoword in C++ library and link it via JNI. Then the user cannot extract it without disassembling the binary file, but will be able to make memory dump at runtime anyway.

You can read the password from central server at runtime. You can use one-time passwords for that. Again, this is futile if the user has modest technical skills, as you can still request the server for the password using curl or some simple script.

You can use hardware access-token that will allow connection to the database (smart-card or something). This was quite popular technique in '90.

All you can do is to add some level of annoyance which will stop non-technical person. With enough money you can build some decent DRM that will stop technical-savvy people for a while, but I seriously doubt it's worth the money.

If the database access is so precious that you can't give the user access to it, yet he needs it, your design is broken.