This topic contains 4 replies, has 1 voice, and was last updated by 
Josh Stern December 11, 2022 at 10:47 pm.
-
Posts
-
Josh Stern
ModeratorSuggest looking at Qt-DBUS & how it is currently used in Linux Desktop as an example of a model built on a lower level, desktop focused implementation.
Also Java Enterprise Beans is a higher level, interface oriented spec that has been extended to Cloud storage.
Goal is to combine desktop & mobile availability with high level GUI admin, crypto, & cloud storage. Cloud storage is stronger when the interface is portable across the major providers & allows direct transfers between those providers where their system suports that.
-
Josh Stern
ModeratorNote that sharing user work/data across roaming applications & customizing apps & user preferences to a local hardware/OS platform are conceptually different issues. But the customization of the performance/timing/caching features of the data sharing should be localized to the OS/hardware instance and perhaps other issues like home location vs. traveling.
Dealing with travel sensitivity to telecom/Internet support, time zone/geographic region, country specific standards is a third class of conceptually different roaming support that may also impact data policies.
So there is a good development case for integrating these concerns.
-
Josh Stern
ModeratorFor application programming, it is better not to repeatedly encrypt software strings that provide structure without being secret. A process to only encrypt user data can make use of a data type called an “application string” that is encrypted. Ideally one would like to use a high performance technique for encrypting & unencrypting these strings when they are used in memory for active applications & then translate that easily to long range storage. How to do that is not entirely obvious though if the storage medium is to be resistant to attacks that can look for repeated short patterns with semantic meaning or unstructured context. In storage, such data would be contained within an enclosing encrypted shell. This leaves the Q of a good strategy for encrypting short strings. There may be some literature of methods on this. Off the top of my head, I imagine an epoch based scheme with some sort of salt & running counter within an epoch. Perhaps using one unsigned byte extra of data for counter position would be adequate?
-
Josh Stern
ModeratorMy rough concept from a programming POV was something like this:
(assume stackframe based/exception type langauge e.g. like C++)
CreateApplStringContext ac;
applString as(string, ((useHere=CreateApplStringContext::currentrent());
storingToCloudHere(stuffWithAs,CreateApplStringContext::currentrent() //the protocol embeds the info about the local context decryption when it is needed to start a block
applStringNeeded = getFromCloud(CreateApplStringContext::currentrent(),CloudReaderContext::current()) //should handle reading the stored strings, &, if necessary unencrypting from the old context, using wire encryption (whatever is called for), and then converting the string to the next application context.
The point of the above is treat the on/off of the encryption using the stackframe on/off logic where that is desired (it can also be controlled manually where that is desired).
-
You must be logged in to reply to this topic.