2

I am using a SqlLite database, and I would like to ensure that the data has not been modified outside the application. (sign the data)

Does sqlite keep a last modified date of the data?

I was thinking about using the Windows last modified file date, but that is my second choice. I was hoping sqlite would have a way to tell me either a hash of the data or a timestamp of the last data modified.

One option is to calculate a hash of all the contents of the bytes of the database file, this would allow me to guarantee that the file hasn't been modified by anyone. But this is expensive and I am hoping to find a better way to verify no external sources modified the database.

Another option is to encrypt the database, but this is not ideal because we want 3rd parties to be able to read the data, just not to modify it.

Note that I am accessing the database using System.Data.Sqlite in a WPF .net client application on Windows 7.

4

1 回答 1

0

我认为您对此无能为力。在第一道防线中,您可以放置​​一些触发器

CREATE TRIGGER before_ins_on_table1 BEFORE INSERT ON table1
BEGIN SELECT RAISE( FAIL, 'Not allowed.' ) ; END;

CREATE TRIGGER before_del_on_table1 BEFORE DELETE ON table1
BEGIN SELECT RAISE( FAIL, 'Not allowed.' ) ; END;

CREATE TRIGGER before_upd_on_table1 BEFORE UPDATE ON table1
BEGIN SELECT RAISE( FAIL, 'Not allowed.' ) ; END;

但...

您可以对数据库进行数字签名或在程序中嵌入 SHA1 哈希,如果哈希不匹配,则使其拒绝使用数据库,但这通常是无用的。

简而言之,如果数据库是可读的,那么您无法阻止有足够动机篡改它的人。攻击者可以简单地转储然后在新数据库中恢复数据而不受限制。

于 2012-06-03T01:33:08.847 回答