我*必须*在我的数据库中存储第三方凭据.最好的办法? [英] i *must* store third party credentials in my database. best way?
问题描述
我的应用必须从第三方读取 SSL 网址.我如何最好地将第三方凭证存储在我自己的数据库中,以保护第三方凭证不被泄露?考虑绝对安全性和实用性.单向散列凭证没有用,因为我必须将凭证恢复为 SSL 调用的明文.我在谷歌应用引擎上使用 python,我的应用使用谷歌凭据进行身份验证.
My app must read an SSL url from a third party. How do I best store the third party credentials in my own database, which protects the third party credentials from being compromised? Consider both absolute security and practicality. One-way hashing the credentials is not useful as I must restore credentials to plaintext for the SSL call. I'm using python on google app engine, and my app authenticates with google credentials.
- 使用例如加密凭证AES 并将加密密钥保存在其他地方(只是移动问题),或者 从凭据并保密算法(只是移动问题)
- 使用同步流密码加密凭证,从凭据和保持算法秘密(只是移动问题)
- 在专门用于存储第三方凭据的单独网络应用程序上,提供一个 SSL url 以接收第三方凭据,此 url 使用谷歌凭据(与我的应用程序相同)访问,并且可以使用 authsub 或其他东西将授权转移到其他网络应用程序.这听起来更安全,因为它更难破解一个微不足道的简单网络应用程序,而且如果我复杂的主应用程序遭到入侵,第三方凭据不会暴露.
- encrypt credentials using e.g. AES and save the encryption key somewhere else (just moves the problem), or derive it from the credentials and keep the algorithm secret (just moves the problem)
- encrypt credentials using a synchronous stream cipher, derive the (not)entropy from the credentials and keep the algorithm secret (just moves the problem)
- on a separate web app dedicated to storing third party credentials, provide a SSL url to receive the third party credentials, this url is accessed with google credentials (same as my app) and can use authsub or something to transfer authorization to the other web app. this sounds more secure because its harder to hack a trivially simple webapp, and if my complex main app gets compromised the third party credentials aren't exposed.
您对所有方法有何看法?
what do you think about all approaches?
推荐答案
这是一项艰巨的任务,没有任何方法可以为您省去确保没有薄弱环节的麻烦.首先,我不知道在 Google 上托管是否是最好的方式,因为您将失去控制权(我真的不知道 App Engine 的设计是否考虑到了所需的安全级别,您应该会发现out)并且可能无法进行渗透测试(您应该这样做.)
It's a difficult task, and no approach will save you the trouble to make sure that there is no weak link. For starters, I wouldn't know if hosting on Google is the best way to go, because you will be forfeiting control (I really don't know if App Engine is designed with the required level of security in mind, you should find that out) and probably cannot do penetration testing (which you should.)
拥有一个单独的小应用程序可能是个好主意,但这并不能让您免于在这个较小的应用程序中以一种或另一种方式加密凭据本身.它只会让您变得简单,从而使事情更易于分析.
Having a separate small application is probably a good idea, but that doesn't save you from having to encrypt one way or the other the credentials themselves in this smaller app. It just buys you simplicity, which in turn makes things easier to analyze.
我个人会尝试设计应用程序,以便每次使用后密钥随机更改,具有一种一次性垫方法.您没有详细说明应用程序是否可行.
I personally would try to design the app so the key changes randomly after each use, having a kind of one time pad approach. You don't specify the app in enough detail to see if this is feasible.
这篇关于我*必须*在我的数据库中存储第三方凭据.最好的办法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
