Secure Database Backend for Windows Application that users can't hack into easily

Question

I'm writing a database driven windows application and both the executable and database need to be installed on the customers machine.

Is there a database that I can use as a backend to my application that the user can't get into even though the user is using the same machine that the database is stored on.

As far as I can tell, Postgres won't work for this, and the versions of access that I have tried are easy to get the crack the passwords for.

My application has to be able be installed on a laptop and be useable even when there is no internet access, so the usual client-server database models just don't work.

I have considered using a VMWare virtual appliance with Postgres installed on some version of linux, but this would have a pretty heavy system load.

I would prefer to not have to use encripted text files or something like that.

Answer 1

How critical is the data? Encrypting data on your system using standard RSA or AES with a key stored and encrypted in your application will keep your mum and dad user away.

But if you can't keep the secret out of the client application, then you're going to have trouble here.

Answer 2

Since users (or hackers) own the machine, there is nothing you can do to make it secure. Anything you try will fall into a category called Security Through Obsecurity.

Your best bet is to encrypt your database and try to hide the key in some obscure place in your binary. Since this is an installed application, don't use Database servers. Just use a DB library like Postgres.

Answer 3

There's a couple of options available to you, depending on your budget.

First, I have used SQL Server Compact Edition 3.5 with a .NET program for doing a local database that was encrypted. The good news was that the file was encrypted and could only be accessed if you had the password. The bad news of course is that your password will probably be in your connect string, unless you do something like a seeded PRNG to generate up the password for you. Also, SSCE requires that it be installed independent of your application -- if for any reason the user uninstalls it through Control Panel, your application won't run.

Second, I have also used a commercial product called VistaDB, and it also supports local database files that are encrypted. There are comparison features of VistaDB versus other database engines available on their website -- but another thing they offer is that they don't have a runtime that has to be preinstalled -- you just add another assembly to your distribution (they claim you can statically link it, but I haven't tried that personally). The local file on disk is also encrypted with VistaDB, and without the password you can't access the underlying database.

Good luck!