Uses for an encrypted database

Encryption is useful any time you want to restrict access to the information stored in a database. The database encryption functionality of Adobe AIR can be used for several purposes. The following are some examples of cases where you would want to use an encrypted database:

  • A read-only cache of private application data downloaded from a server

  • A local application store for private data that is synchronized with a server (data is sent to and loaded from the server)

  • Encrypted files used as the file format for documents created and edited by the application. The files could be private to one user, or could be designed to be shared among all users of the application.

  • Any other use of a local data store, such as the ones described in Uses for local SQL databases, where the data must be kept private from people who have access to the machine or the database files.

Understanding the reason why you want to use an encrypted database helps you decide how to architect your application. In particular, it can affect how your application creates, obtains, or stores the encryption key for the database. For more information about these considerations, see Considerations for using encryption with a database.

Other than an encrypted database, an alternative mechanism for keeping sensitive data private is the encrypted local store. With the encrypted local store, you store a single ByteArray value using a String key. Only the AIR application that stored the value can access it, and only on the computer on which it is stored. With the encrypted local store, it isn’t necessary to create your own encryption key. For these reasons, the encrypted local store is most suitable for easily storing a single value or set of values that can easily be encoded in a ByteArray. An encrypted database is most suitable for larger data sets where structured data storage and querying are desirable. For more information about using the encrypted local store, see Storing encrypted data.