Black Pearl

Thanks to all for your help.

From the discussion so far, on the server side we can't work with encryption but rely on access permissions. The other points (https, client side encryption) are clear.

We will discuss the issues today and I might come back with some more questions.

Felix

At first many thanks for your fast response on easter sunday.

Our main issue is the security on the server side. Only those developers that are on a certain project should have access to the source code. And we would like not to completley relay on the OS permissions.

QUOTE (Justin Goeres @ Apr 12 2009, 03:43 PM)

If you're worried about the SVN repository itself being secure, it depends a lot on what type of machine you're hosting the repository on. That having been said, the repository is just a database that's made up of lots of files, so I would think that whatever standard security measures you normally use on the host OS (permissions, good passwords, turning off unnecessary services, etc.) would be steps in the right direction.

Since you mentioned that you haven't worked with the SVN process yet, I'll also point out that the folder structure of your repository is defined inside the repository. The host computer knows nothing about what's in there. As far as the host is concerned, the repository is just a big collection of semi-random-looking data.

Can you clarify that last sentence a bit? I understand it from a technical viewpoint, as the SVN keeps track of the changes in the directory structure and works incremental on binary level. But could not any one with a SVN client (given that the server is open to them) check out all files, or is the repository password protected?

Felix

Until now, every developer has his code secured by using cryptographic containers (TrueCrypt).

We now want to use the advantages of a small network including SCC (Subversion).

What we could do, is check in/check out of the complete crypto-container. But that would not allow to have each single VI put under revision control individually.

What other options do we have? We have not yet any experience with the SVN process, but are planning the network structure including folder structure of the central server. Is there any encryption support by SVN? Does passwort protected VIs work with SVN (using Tags?)? How secure are password protected VIs anyhow?

Felix