0
In order to illustrate my doubt more clearly, think that I want to produce an app based on the primary goal achieved by Keypass or 1Password, that is, store sensitive data securely.
My goal is to create an app (mobile, totally independent of external resources, e.g., even the database should be local) minimalist for secure data persistence. In theory, the basic technologies to support this App would be Nodejs + React Native. The user will impute a collection of data, ranging from user, password, email, notes to infinity and beyond. The data file (safe) - thought sqlite, needs to be secure so that if someone has access to this, can not access sensitive user data. because it would be necessary to know the access key.
The data will be kept on the user’s device and can be synchronized via services such as icloud, google drive and so on.
Main doubts:
1) sqlite would really be the most suitable for this case? If yes, what would be the most viable proposal for protection, encrypt the entire data file?
2) I even read some articles that spoke of encryption with nodejs, however, in these the data file was decrypted and encrypted whenever a new alteration or reading of the data needed to be done. That’s how a data vault for the above purpose works?
Other than that, the question is too general and not much to invent. When we speak in safety one thing is always certain, the experience of the person with the subject is what counts. The fact that one thinks that they will magically get security by following some cake recipe is already a red light that probably won’t have security there.
– Maniero
The conventional form of security is to send this to the database or back-end. But not everything is 100% safe... there hasn’t been anything so safe that it can’t be hacked. That’s why security should also come with constant updates...
– Ivan Ferrer
Yes, I understand that. But my question is how could a path be taken to provide a secure data vault that coexists locally with the application? Summarizing that would be the target of the question.
– Fábio Jânio