I have a realm object with sensitive and not sensitive fields and I wanna encrypt just some fields of my object. Is it possible to do it in Realm database?
Realm encryption applies to the whole database. To encrypt specific columns in your database you will need to roll your own encryption. There is some discussion using the javax.crypto library here
Related
I'm a bit confused on when should I use a room database instead of SharedPreferences or DataStore.
In my case I have an apps that let the user login and currently I store the logged in user data (followers, age, etc.) in a SharedPreferences, is this the correct approach for this kind of case? Should I just create a Room implementation for storing said user data? Thank you
First you need to understand the nature of these two things.
Room DB is schema so you will need to define every properties before you can use it. Such as table name, column name etc.
As it is a DB, you can easily perform a partial update on the corresponding table.
While Shared Prefs is just a key value pair in a xml file.
You insert age as key and 25 as value and that's all.
Even you can use GSON to convert the object to a JSON and store it as plain text like a non SQL DB:
key = login-data, value = {"follower": "sskrts", "age": 25}
Decision
If it just a simple login session data, then I will recommend to use Shared Prefs to cache the data. It is a simpler implementation.
If you are going to store a table of data instead, both works fine, at least in my use case experience. So it will more depends on your preference of schema or non schema DB.
Note that both storage seem to have NO encryption so don't store raw credential info there.
I want to secure my sqlite database.
I searched a lot but ended up with the suggestions of using SQLCipher.
Is there any new advancement in this field other than SQLCipher?
Please suggest.
If you don't want to use SQLCipher, One thing you can do is encrypt your data before storing it in the database and decrypt it at runtime when populating it.
You can use a encryption key that you can store on Firebase and retrieve it from there at your app startup, this will add another layer of security to your encryption because the key will not be exposed inside the app if someone decompiles the app.
I'm securing my database on my own, procedure is following:
ORMLite used as ORM (platform independent ORM over SQLite)
All sensible data stored in BLOB's
BLOB's secured using standard encryption technique, e.g. com.madgag.spongycastle works well under Android
New to Android and realm,
I have heard a lot about using realm at the place of SQLite, But I want to store documents in Database. So Can we do it with Realm if yes then how can we do it?
I have created SQLite database in android.
Here I decided to use encryption. I know about sqlite but I don't know how to implement sqlite encryption method, the data that is saved in database needs to be encrypted
and while retrieving data it should be decrypted.
You can use SQLChiper for Android for AES 256-bit encryption for .db files which i suppose is easier than handling encryption and decryption for each database query
Is it necessary to encrypt the sqlite db that goes with your Android app?
As Michael commented, it depends whether the data is required to be encrypted, but in general, it's better to encrypt the data and then store it in the database then encrypt-decrypt the whole database.