tags:

views:

144

answers:

3
+3  Q: 

Which Database to choose?

I have the following criteria

  • Database should be protected with a username and password. It should not be possible to copy the database file and use it else were like MS Access.

  • There will be no central database server. Each machine will run their own database server locally and user will initiate synchronization. Concept is inspired from distributed version control system like Git. So it should have good replication support.

  • Strong consistency is not needed. Users will synchronize each other database when they need. In case of conflicts it should be possible to find the conflict and present it (from application) to the user for fixing it.

  • Revisions of data if available it will be good. e.g. Entire history of change to a invoice.

  • I explored document oriented database and inclined towards the same. But I dont know what to choose.

  • Database is small it will not reach even 1GB in the next few years (say 3 years).

Please feel free to suggest any database which you think might be suitable. Any pointers is highly appreciated.

Thanks in advance.

+2  A: 

I am looking for the exact same thing. Have not found it yet. An interesting project in this space is Bestpractical's Prophet (and the bug tracker SD that is built on this). I have no idea how active it is, though, and I do not think it uses an encrypted file format (but in your scenario, whole-disk encryption would be a feasible solution).

Prophet's buzzword-laden pitch reads something like this:

A grounded, semirelational, peer to peer replicated, disconnected, versioned, property database with self-healing conflict resolution.

Thilo  2010-04-05 03:59:21
+1 ... for finding a sentence with more buzzwords than all of Microsoft the SharePoint documentation combined.
pst  2010-04-05 04:03:50
@pst: Re: buzzwords: To be clear, the Prophet people are tongue-in-cheek about this themselves. "Prophet's buzzword-laden pitch" is a verbatim quote from the site.
Thilo  2010-04-05 04:06:52
@Thilo Thank you for pointinh Prophet. Did you check CouchDB or MongoDB? Did you find any of them suitable. Last release of Prophet was in Aug-2009 which makes me think it might not be actively developed in future, so reluctant to choose the same. Any how I will give a try.
Sundar  2010-04-05 04:50:11
@Sundar: I looked at CouchDB when it was pretty new. At that time, it was unclear (at least to me) how to operate it in a peer-to-peer scenario. But yes, CouchDB is definitely something to check out.
Thilo  2010-04-05 04:55:00
@Thilo CouchDB seems to be promising. http://stackoverflow.com/questions/2576838/which-database-to-choose/2577012#2577012
Sundar  2010-04-05 05:18:05
A: 

I have done this where a vertical-market customer wanted to use my ClipMate program to store and distribute medical-related data, and didn't want the data to escape "into the wild".
I leveraged the encryption capability of the database (DBISAM by Elevatesoft, which has an engine that compiles directly into Delphi programs) and the "hardware locking" capability of my protection wrapper, Armadillo.
So when someone purchases the program from the vertical market customer, they get the app (download or CD) and install it. Upon installation, they are presented with a registration dialog that shows their "hardware fingerprint" (as reported by Armadillo). This is derived from their ethernet address, CPU serial, hard drive serial, etc., and I could be wrong on any of those, but that's the general idea. They call it in, and a key is generated that's unique to that end-user/machine combo. The registration key "unlocks" the database, which is encrypted, and the encryption key is part of the registration code. The end-user cannot make any use of the data without the key, and they cannot give away or transfer the data without receiving another unlock code. It's pretty tight. Would be too annoying for a low-priced app, but they're charging a lot for it, so it's worth it.

Anyway, to recap: The database is encrypted, and the encryption code is only accessible (to the program that reads the database) when the program is properly registered to a specific user/computer.

You COULD do this with Access, MySQL, etc.. Just encrypt the data, either at the database level (I suppose they support this, no?) or at the field level, if you want ultimate control and are ok with using a custom front-end app to read the thing.

Chris Thornton  2010-04-05 04:07:39
What's stopping a user from taking the encryption key from one machine to another?
Dietrich Epp  2010-04-05 04:12:34
@Dietrich - he said the key is matched to the hardware fingerprint
Joel Coehoorn  2010-04-05 04:16:08
Also, the point may be to prevent other people from getting to the data, not necessarily the legitimate user (who knows the key).
Thilo  2010-04-05 04:38:39
@Joel - Yes, but you can get the key from one computer, and copy it to another. The key is just another piece of data.
Dietrich Epp  2010-04-05 19:54:00
@Dietrich, you can copy it over, but if the key is tied to the HW fingerprint, it isn't going to validate, and thus won't decrypt the database.
Chris Thornton  2010-04-05 20:02:04
How exactly do you tie a key to a HW fingerprint? That doesn't make any sense to me.
Dietrich Epp  2010-04-06 16:52:28
@Dietrich, suppose you buy some software and provide the following to the software vendor:Name: Dietrich, HardwareFingerprint: 1234ABCD The vendor makes a string like this:s := 'DIETRICHDIETRICHDI' + '1234ABCD' + '20100407' + 'SECRETDATABASEKEY';Key := EncryptThis(S); Then he sends you this:Licensed To: DietrichKey: D827292B5D696080A62FF9E7334BA64FE820303FE06B3789BB9054C23BA875AD47F43BADB21E85441E3660F801B78EE4B46DE4Now when the program runs, it uses an internal decryption key (in this case: 'SECRET') to extract those 4 pieces of info. (cont..)
Chris Thornton  2010-04-07 02:08:06
(cont) Now it knows your name: 'DIETRICH', and can validate that against the name that you enter. Ok, so it knows it's you. It knows the hardware figerprint that the software was licensed to. 1234ABCD, and compares that against the actual hardware key. Ok, good. The date can be checked, whatever. If everything looks good up to this point, it can pull the database encryption code (in this case 'SECRETDATABASEKEY'), and use that to decrypt the data. There you go.
Chris Thornton  2010-04-07 02:10:29
go to: http://www.fyneworks.com/encryption/RC4-Encryption/ Key: SECRET Encrypted Data: D8 27 29 2B 5D 69 60 80 A6 2F F9 E7 33 4B A6 4F E8 20 30 3F E0 6B 37 89 BB 90 54 C2 3B A8 75 AD 47 F4 3B AD B2 1E 85 44 1E 36 60 F8 01 B7 8E E4 B4 6D E4 Try it!
Chris Thornton  2010-04-07 02:12:03
A: 

Following is the one which I am looking for:

From official site: CouchDB is a peer-based distributed database system, it allows for users and servers to access and update the same shared data while disconnected and then bi-directionally replicate those changes later.

The CouchDB document storage, view and security models are designed to work together to make true bi-directional replication efficient and reliable. Both documents and designs can replicate, allowing full database applications (including application design, logic and data) to be replicated to laptops for offline use, or replicated to servers in remote offices where slow or unreliable connections make sharing data difficult.

Any idea how the couchDB data can be protected using user accounts? e.g. Mysql needs user to login to use the data. I am looking only for a simple authentication, not for something fool proof. I just do not want the data to be open for editing. Encrypting the file system seems to be an overkill.

Sundar  2010-04-05 05:06:42
Also, are there any tutorials about how to set up the bi-directional replication, and how conflicts are resolved there?
Thilo  2010-04-05 05:59:09
I was reading about replication. If we need bidirectional replication, it looks like we have to initiate replication on both sides. Following links might help:http://books.couchdb.org/relax/reference/replicationhttp://books.couchdb.org/relax/reference/conflict-management
Sundar  2010-04-05 07:55:31
Additional links:* http://japhr.blogspot.com/2010/03/extreme-couchdb-replication.html* http://blog.couch.io/post/468392274/whats-new-in-apache-couchdb-0-11-part-three-new
Sundar  2010-04-05 08:10:07
One more: http://wiki.apache.org/couchdb/Replication_and_conflicts
Sundar  2010-04-05 08:46:11
If you are going with CouchDB, maybe take a look at Desktopcouch: http://www.freedesktop.org/wiki/Specifications/desktopcouch
Thilo  2010-04-07 01:26:34

related questions

What language do you use for Postgresql triggers and stored procedures?
Are Multiple DataContext classes ever appropriate?
Which tools do people use to create Data Dictionaries?
Any experiences with Protocol Buffers?
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
How do I index a database field
How does database indexing work?
How do I connect to a database and loop over a recordset in C#?
Editing database records by multiple users
Object Oriented vs Relational Databases
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
Embedded Database for .net that can run off a network
Connect PHP to an AS/400
Swap unique indexed column values in database.
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
.NET Migrations Engine
Is there a version control system for database structure changes?
SQLite and XSD
How do I version my MS SQL database in SVN?
XSD DataSets and ignoring foreign keys
Flat File Databases in PHP
Throw Error In MySQL Trigger
Binary Data in MySQL