我应该如何偏执约我的Azure应用程序二进制文件被窃取? [英] How paranoid should I be about my Azure application binary files being stolen?
问题描述
我需要迁移巨大的应用到Windows Azure。应用程序依赖于第三方库,需要存储在角色实例文件系统中的特殊的二进制文件激活密钥。
I need to migrate a huge application to Windows Azure. The application depends on a third-party library that requires an activation key stored in a special binary file on the role instance filesystem.
显然是关键,必须为纳入作用,包装或存放的地方的作用在哪里可以获取它。激活密钥将不会被绑定到机器(因为我不知道究竟在何处作用将在云中运行),因此任何人都可以用它来使该图书馆工作的副本。
Obviously that key has to be either included into the role package or stored somewhere where role can fetch it. The activation key will not be bound to the machine (since I have no idea where exactly a role will be run in the cloud) so anyone can use it to make a copy of that library work.
由于Azure的角色,我们的控制下运行的地方没有,我觉得有点偏执的关键被盗,并广泛提供。
Since Azure roles run somewhere not under our control I feel somewhat paranoid about the key being stolen and made widely available.
我如何评价它有多大的可能性窃取被纳入Azure角色二进制文件?我如何减轻这种风险?
How do I evaluate how likely it is to steal a binary file that is included into Azure role? How do I mitigate such risks?
推荐答案
就安全而言,除非你的团队在这方面非常有能力的,则默认的始终升级的Azure的操作系统可能更安全比任何自我配置的主机。至少,这是我们如何(即我公司,Lokad)审时度势2年的之后的迁移完全到Windows Azure相比,我们的previous自托管的情况。
As far security is concerned, unless your team is extremely capable in this area, the default always upgraded Azure OS is probably much more secure than any self-configured host. At least, this is how we (aka my company, Lokad) assess the situation two years after migrating in full to Windows Azure compared to our previous self-hosted situation.
然后,如果你有凭据,如许可证密钥,那么最合理的地方,把它们是在角色配置文件 - 而不是角色二进制文件。你可以自然再生VM中的特殊文件作为必要的,但这样一来,你,你你的存档二进制版本没有内部小号$ P $垫凭据所有的地方。
Then, if you have credentials, such as licence keys, then the most logical place to put them is the Role configuration file - not the Role binaries. You can naturally regenerate the special file within the VM as needed, but this way, you don't internally spread your credentials all over the place as you archive your binary versions.
这篇关于我应该如何偏执约我的Azure应用程序二进制文件被窃取?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
