Android中的安全数据库存储
[英]Secure database storage in Android
问题描述
I'm implementing the in-app-billing system for my app and (as the documentation advices) I'd like to add some encryption system to the database. 
我正在为我的应用程序实现应用程序内计费系统,并且(根据文档建议)我想向数据库添加一些加密系统。
I've tested SQLCipher , I liked it but since it need to override all the classes at android.database.sqlite.* your app loses the connection to that part of the SDK, losing possible important future updates and depending on the developer (or yourself since is opensource). 我已经测试过SQLCipher ,我很喜欢它,但是由于它需要覆盖android.database.sqlite.*所有类,因此您的应用失去了与该SDK部分的连接,失去了可能的重要将来更新,并且取决于开发人员(或您自己,因为它是开源的)。
Other solution I've considered is to add a extra column in the sensible tables storing there a value (unique for each device), and then ignore the data that don't contain that key. 我考虑过的其他解决方案是在sensible表中添加一个额外的列,在其中存储一个值(每个设备唯一),然后忽略不包含该键的数据。 But this method is clearly more weak. 但是这种方法显然更弱。
How can I improve the security without using SQLCipher? 不使用SQLCipher如何提高安全性? Thanks 谢谢
1 个解决方案
解决方案1
1 已采纳 2012-10-26 22:51:31
If your sensible table contains columns that are sensible and some that aren't, and if you don't use the sensible columns in a where clause, the you can easly encrypt/decrypt just that sensible fields on write/read operations without a significant performance cost. 如果您的sensible表包含的是有意义的列,而有些不是,并且如果您不在where子句中使用敏感的列,则可以轻松地对写/读操作中的敏感字段进行加密/解密。性能成本。
If you need to use sensible columns in your where clause in a table with just a few records, you can read all the records, decrypt and choose. 如果您需要在仅包含几条记录的表的where子句中使用敏感列,则可以读取所有记录,解密并选择。
If none of the above aplies, then I have no other suggestion beside SQLCipher . 如果以上都不适用,那么除了SQLCipher之外,我没有其他建议。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.