Rebar Android Data at Rest

Monkton, Inc. 2019

Part of Rebar's compliance with NIAP and other associated security profiles is adherence to the API Boundary for Data at Rest (DAR). DAR compliance for the app is achieved by leveraging Rebar's File Manager, Settings Manager, and Database Manager.

Where appropriate, Rebar implements functionality similar to Android SDK functions to reduce a developers time to learn.

Package

The io.monkton.rebar.io package provides the main IO functionality for reading and writing files securely from the file system. The functions below describe the major functions necessary to perform the various tasks.

File Streams

Rebar provides the RebarInputStream and RebarOutputStream streams to stream encrypted data. These streams are transparent to the user and encapsulate all requisite NIAP controls for data at rest leveraging AES-256 encryption.

The Rebar file streams extend the FilterInputStream and FilterOutputStream streams, respectively. They behave exactly like other file streams and should be opened and closed as such. Failure to do so may cause corrupted data.

File Management

File management is currently being refactored.

Settings Management

Rebar provides an encrypted settings manager io.monkton.rebar.settings.SettingsManager to store settings securely. All settings will be stored with AES-256 encryption. A limitation of the secure settings is they can only be accessed after the user has authenticated.

SettingsManager can store both secure and insecure settings, depending on the need. By default, you should leverage the saveSecureSetting and getSecureSetting methods to set and retrieve settings. The convenience methods getBool, setBool, getInt, setInt all leverage the secure setting storage.

There are aptly named getNonsecureSetting and saveNonsecureSetting methods to save settings in a non-secure manner. We only suggest using these for settings required OUTSIDE of an authenticated session that are not sensitive.

Database Management

Rebar allows for apps to have zero to many databases for managing data. To configure databases for your app please visit here

Last Updated: February 04, 2019