Prev 79803 / 398502 Next

encrypted RData file?

Bert Gunter

Thu, Oct 27, 2005 3:22 PM

May I suggest that further discussion of this issue be directed to R-Devel.

-- Bert Gunter
Genentech Non-Clinical Statistics
South San Francisco, CA
 
"The business of the statistician is to catalyze the scientific learning
process."  - George E. P. Box

-----Original Message-----
From: r-help-bounces at stat.math.ethz.ch 
[mailto:r-help-bounces at stat.math.ethz.ch] On Behalf Of Marc 
Schwartz (via MN)
Sent: Thursday, October 27, 2005 2:56 PM
To: Roger D. Peng; Na Li
Cc: r-help at stat.math.ethz.ch; Duncan Temple Lang
Subject: Re: [R] encrypted RData file?

On Thu, 2005-10-27 at 16:15 -0500, Na Li wrote:

On 27 Oct 2005, Duncan Temple Lang wrote:

Yes, it is of interest and was sitting on my todo list at
some time.  If you want to go ahead and provide code to do it,
that would be terrific.  There are other areas where encryption
would be good to have, so a general mechanism would be nice.

D.

Na Li wrote:

Hi, I wonder if there is interest/intention to allow

for encrypted .RData

files?  One can certainly do that outside R manually

but that will leave a

decrypted RData file somewhere which one has to

remember to delete.

I was hoping someone has already done it.  ;-(

One possibility is to implement an interface package to

gpgme library which

itself is an interface to GnuPG.  

But I'm not sure how the input of passphrase can be handled

without using

clear text.

Michael

Seems to me that a better option would be to encrypt the full 
partition
such that (unless you write the files to a non-encrypted partition)
these issues are transparent. This would include the use of save(),
save.image() and write() type functions to save what was an encrypted
dataset/object to a unencrypted file.

Of course, you would also have to encrypt the swap and tmp partitions
(as appropriate) for similar reasons.

On Linuxen/Unixen, full encryption of partitions is available via
loopback devices and other mechanisms and some distros have this
available as a built-in option. I believe that the FC folks 
finally have
this on their list of functional additions for FC5. Windows of course
can do something similar.

The other consideration here, is that if R Core builds in some form of
encryption, there is the potential for import/export restrictions on
such technology since R is available via international CRAN 
mirrors. It
may be best to provide for a plug-in "encryption black box" 
of sorts, so
that folks can use a particular encryption schema that meets various
legal/regulatory requirements.

Of course, simply encrypting the file or even a complete partition has
to be considered within a larger security strategy (ie. network
security, physical access control, etc.) that meets a particular
functional requirement (such as HIPAA here in the U.S.)

HTH,

Marc Schwartz

______________________________________________
R-help at stat.math.ethz.ch mailing list
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide! 
http://www.R-project.org/posting-guide.html

Thread (8 messages)

Na Li encrypted RData file? Oct 27 Duncan Temple Lang encrypted RData file? Oct 27 Roger D. Peng encrypted RData file? Oct 27 Na Li encrypted RData file? Oct 27 Marc Schwartz (via MN) encrypted RData file? Oct 27 Duncan Temple Lang encrypted RData file? Oct 27 Na Li encrypted RData file? Oct 27 Bert Gunter encrypted RData file? Oct 27