Company

Products

Services

Partners

Media

 

 

 

Home

Empress Markets

News & Events


Presentations

Press Releases

Product Profile

Success Stories

Technical News


White Papers

Join Mailing List

For More Info

           

      Empress Technical News -  April 2013

    Empress SDK for Android - Now with Encryption
    Data Security for Android Application Developers



    Introduction
    Google’s Android is a Linux platform that empowers the development of embedded devices targeted to mobile devices. Android, which is based on a Linux Kernel, is an operating system and software stack for mobile devices that includes middleware and key applications. It enables developers to write Java code controlling the embedded device via Google-developed Java libraries through a Dalvik Java Virtual Machine.

    Empress SDK with Encryption for Android, allows Android application developers to create embedded database driven applications that require security, high performance and reliability.

    Empress supports the JDBC open database access API. Empress with encryption includes the use of AES encryption calls, callable admin functions and setting of Empress System variables in the Android environment.

    A Typical Empress Android application is shown in Figure 1. This figure shows a running application containing the Empress JDBC Local Access Driver which uses the Empress Database engine to execute database tasks against Empress databases.
     
    Empress Android Application
                                                Figure 1: Typical Empress Android application




    Using Encrypted Database


    Newer versions of Android come with AES encryption API support for data stored on Android devices. Empress has extended data security for its embedded database so that application developers have more selective control on which data to secure or not secure.

    Figure 2 shows Empress Application Using Encryption. It shows the concept of adding a Security Library, which contains a cipher, to the Empress Database engine. The Empress database engine is effectively integrated with the Open SSL libcrypto library which performs data encryption and decryption. A cipher key may be held in a protected place in the file system, in an application or process environment or with a user.
    Empress Android Application using Encryption 
                                        Figure 2: Android Empress Application Using Encryption


    How It Works

    The encryption is done on a column level. Users have the capability to define which columns are to be encrypted.

    Let’s assume a scenario where the database table customer has four columns cust_no, name, ssn and address, where customer number and social security number ssn need to be encrypted. Use the following SQL CREATE TABLE command to create such a table in an Empress database:

                      CREATE TABLE customer (
                                    cust_no INTEGER NOT NULL ENCRYPTED,
                                    name CHAR(20),
                                    ssn CHAR(9) ENCRYPTED,
                                    address VARCHAR(64)

    Since the column cust_no is used for searching, an index is created as follows:

             
    CREATE UNIQUE INDEX customer_index ON customer(cust_no)

    Empress RDBMS will encrypt data for the columns and ssn that need encryption and decrypt data from those columns when the application needs it.

    User applications that access the table need NO changing. The same scenario works for all the interfaces that Empress offers including C, C++, ODBC, JDBC, SQL and also for Empress utilities.

    Furthermore, users are given the ability to change between an encrypted and an unencrypted form by altering the database schema thus changing the column or columns that need to be encrypted. For example:

                      ALTER TABLE customer CHANGE ssn NOT ENCRYPTED

    Or to define the encryption on the column again:

                      ALTER TABLE customer CHANGE ssn ENCRYPTED


    One ALTER command can be issued in order to define encryption on multiple columns at once.

    Users do NOT have to change the data type or the size of the encrypted column.


    Main Benefits for Using Empress Encryption


    The following are the main benefits of using encryption with Empress on Android:

    • Selectively secures database data. This protects selected user data in a database including logs and backup files.
    • An efficient security solution. Low performance overhead on encryption & decryption with minimal database size increases.
    • No need for application code changes. No change is needed to existing Android applications that use data in an unencrypted Empress database.
    • No need for adding external provisions in the database Empress accommodates encryption with stored procedures, triggers, views, etc.


    The Empress solution is painless for users who choose to convert their non-secure Empress database solution to a secure one.


    Instead of Summary
    Empress SDK with Encryption for Android addresses the growing need for more secure, complex, reliable and efficient database driven Android applications. In addition to the standard JDBC API, Empress on Android supports many extended functionalities.

    To mention a few: selective encryption feature across all interfaces, usage of callable administration functions and ability to set Empress system variables in the Android environment.

    Empress Software Inc.
    www.empress.com

                       
                             
                         

Company
Information
GSA Contracts
Careers
Privacy Policy 
Contact US

Products
Empress RDBMS
Empress Servers
Empress API
Free Trial 
Empress iPad Apps
 

Services
Consulting
Mobile Apps Development
Technical Support

Training Courses
Empress Extreme  

Partners
Distributors
Business Alliances
Partner Programs  
GSA Program
Distributors Program

Media 
Empress Markets
News and Events
Press releases
Technical News
Success Stories

        USA: 301-220-1919                 Canada & International:       905-513-8888         
Copyright © 2014           Empress Software Inc.           info@empress.com           Join Empress Mailing List