Encrypting databases

Other discussions about CSPro
Post Reply
AriSilva
Posts: 499
Joined: July 22nd, 2016, 3:55 pm

Encrypting databases

Post by AriSilva » December 8th, 2020, 4:47 pm

Hi folks,
I´m starting to consider using csdbe files on our surveys, so, I do not have a clear idea on how to do that. The main purpose is, of course, to protect confidentiality, etc.
I have so many questions that I really do not know how to start with. For example:
1. What happens if we forget the password of a certain csdbe?
2. Is there a way to define a "master psw" that would be able to read all the csdbe files created by us?
3. What is the best scenario to implement a csdbe file in a survey using tablets, where we deploy he application from a server to the interviewer´s tablets, execute the interviews, upload with syncdata, and then download the cddbe files to process centrally.
Later, we export the data to send it to the end users (SAS, STATA, R, SPSS). As these formats are not protected when going out of the CsPro environment, we have to protect them by sing something like the Zip or RAR to specify a password.
4. So, every interviewer would need to know the file´s psw.
5. And when downloading to process the file we would need to distribute the psw to all people involved
Or does it have a better and simpler solution?
Best
Ari

Gregory Martin
Posts: 1534
Joined: December 5th, 2011, 11:27 pm
Location: Washington, DC

Re: Encrypting databases

Post by Gregory Martin » December 9th, 2020, 9:30 am

1) You cannot open the file and will lose the contents.

2) No. This would reduce the security of the file.

Something to keep in mind is that there are different places that you can get encryption. If you are using Android, your entire file system is likely encrypted, so further encrypting the CSPro data file is not adding much security. If you have rogue/untrustworthy enumerators, it will give you some additional protection, but I think generally people are concerned that someone will access the data if a device is lost. The default Android encryption (or using BitLocker on Windows) will help reduce problems related to that concern.

Here is some information that I once emailed someone about encryption:

The safest option is to have the enumerator type the password, but I understand that that’s not particularly practical.
  • Least safe option: having the password in the .pff
  • A bit safer: having the password in the .pen file
  • Better: having the enumerator type it
  • Also better: using sync to transfer data and having the password to the file something that is device specific
An example of the last thing would be always opening the file in your application’s preproc doing something like:
setfile(MY_DICT, "data-file.csbde|password=" + getdeviceid(), append);
With this, unless you know the device ID, you need to use sync to transfer data (rather than copying the .csdbe file off the device). A hacker could reverse engineer your code and see that it's using the device ID, so even better would be something like this:
string file_password = loadsetting("SurveyPassword");

// create a password if one doesn't exist
if file_password = "" then
   
file_password = hash(getdeviceid(), 32, maketext("%d", timestamp()));
   
savesetting("SurveyPassword", file_password);
endif;

setfile(MY_DICT, "data-file.csbde|password=" + encode(PercentEncoding, file_password));
The loadsetting/savesetting is stored in secure storage on Android (though not on Windows), so something like this would be your best bet. The downside though is that if someone uninstalls CSEntry, the saved password would be cleared, and then you would have no way of figuring out how to open the .csdbe file.

AriSilva
Posts: 499
Joined: July 22nd, 2016, 3:55 pm

Re: Encrypting databases

Post by AriSilva » December 9th, 2020, 3:06 pm

Thanks, Greg.
I will consider those options you´ve mentioned.
Best
Ari

Post Reply