Introduction to data encryption in 4D

DATA is everywhere. As our lives increasingly move online, the importance of data security also increases. Customer data must be vigilantly guarded against potential threats and breaches. In many cases, using a disk encryption tool (such as Microsoft’s Bitlocker or Apple’s FileVault) provides a sufficient level of protection, but what if your customer or your CSO (Chief Security Officer) requires encryption at the database level – on a per table basis?

During 4D Summit 2018, you asked for a solution to encrypt your data and we’ve delivered. We’re excited to present new data encryption tools for your 4D databases.

what is data ENCRYPTION?

Just as we lock and restrict access to our homes in the physical world, we rely on encryption to keep intruders out of our data. Data encryption is the mechanism of transforming readable data into an encoded form so that only the person with the data encryption key can read and update it.

While encryption is not strictly required by GDPR for local data, it is recommended.

MAIN PRINCIPLES OF ENCRYPTION in 4d

When opening a .4DD file in an external editor, it was previously possible to guess some of the data content.

Run the following code:

C_OBJECT($e;$status)
$e:=ds.MyTable.new()
$e.Field_Alpha:="mydataaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
$status:=$e.save()

And edit your .4DD file. You can recognize your data.

But that was then…

Now with 4D’s encryption tools once data is encrypted, it becomes completely unreadable:

blank

 

In a nutshell, 4D’s encryption tools are based on a passphrase. Similar to a password, a passphrase is composed of a sentence or a combination of words. It’s used to generate a binary encryption key to encrypt data with the AES algorithm. More technically, a 256-bit SHA is generated from the passphrase and is used to generate the AES binary encryption key. Therefore in order to work with an encrypted data file, the passphrase or the binary encryption key is mandatory.

4D encryption impacts the following files:

  • The .4DD
  • The .4DIndx
  • The .journal

what’s next

This has just been an overview of the encryption concept and what 4D has in store for you. In an upcoming post, we’ll take a closer look at these tools in action, how to use them, as well as an HDI that brings it all together.

Avatar
• Product Owner • Marie-Sophie Landrieu-Yvert has joined the 4D Product team as a Product Owner in 2017. As a Product Owner, she is in charge of writing the user stories then translating it to functional specifications. Her role is also to make sure that the feature implementation delivered is meeting the customer need.Marie-Sophie graduated from the ESIGELEC Engineering School and began her career as an engineer at IBM in 1995. She participated on various projects (maintenance or build projects) and worked as a Cobol developer. Then she worked as an UML designer and Java developer. Lately her main roles were analyzing and writing functional requirements, coordinate business and development teams.