dhis2-devs team mailing list archive

Thread
Date

dhis and encryption

To: DHIS 2 Developers list <dhis2-devs@xxxxxxxxxxxxxxxxxxx>, DHIS 2 Users list <dhis2-users@xxxxxxxxxxxxxxxxxxx>
From: Lars Helge Øverland <larshelge@xxxxxxxxx>
Date: Sat, 26 Jul 2014 18:41:48 +0200

Hi,

in 2.16 we have slowly introduced encryption of database content, so far
just for the password used for remote data synchronization
<https://www.dhis2.org/doc/snapshot/en/user/html/ch22s17.html>. We plan to
build on this in near future by encrypting "confidential" attribute values
for tracker (person data).

For encryption/decryption process to work, a password (key) is needed to
keep things secure. All you have to do is to set a new property in the
hibernate.properties configuration file:

encryption.key = xxxx

where xxxx is the password. Some aspects to take into consideration:

- The password must not be changed once it has been set and data has been
encrypted as existing data can then no longer be decrypted.

- Keep your password safe - if the password is lost, then data which have
been encrypted by the system so far is lost, too.

- If the database is copied to another server the encryption password must
be identical. Otherwise the system will not be able to decrypt existing
data.

- Remember to set a strong password of at least 8 characters with random
characters.

- A system-provided, fixed password will be used if not set in the
configuration file, this can however not be considered secure.

These points have been written up in the installation chapter here
<https://www.dhis2.org/doc/snapshot/en/implementer/html/ch08s02.html#d5e505>.
It is also mentioned in the upgrade notes
<https://www.dhis2.org/2.16-upgrade>.

regards,

Lars

Follow ups

Re: dhis and encryption
From: Bob Jolliffe, 2014-08-21