您将密钥存储在Java Web应用程序中? [英] Where do you store your secret key in a Java Web Application?
问题描述
编辑
让我指定上下文使问题不那么宽泛:
- 这里一个java Web应用程序被解决
- 更具体地说是使用spring框架版本3
- spring security 3.1用于保护应用程序
- 一个mysql5数据库是
- 应用服务器是tomcat6或tomcat7
- 服务器机器是不在我的控制之下
也许这些问题可以集中在这种情况下,但正如所指出的,秘密密钥存储的问题横跨于采用的技术。然而,一些图书馆可能提供可以以某种方式促进工作的特殊功能。
一个明确的一点是,必须在安全性和实际操作的需要之间找到权衡。要完成分析,显然所需的安全级别取决于要保护的信息的价值。翻译我们的想法是强制执行超级安全策略(要求非常多的努力)来保密客户的鞋子大小是毫无意义的。
在这里,我有以确保电子邮件密码(将存储在数据库中)。我认为这个信息平均至关重要。
我在这里寻找,是合理努力的最佳解决方案。
所以问题很清楚:您将在哪里存储这些信息?
- 您是否存储在数据库中?所以它应该被加密,这需要另一个键(你在哪里存储这第二个键?)
- 你是否将它存储在
.war包?您如何防止未经授权的访问来源? - 您是否采用不同的策略?
您的策略的动机将不胜感激。
谢谢你
我自由地写一个答案,即使这没有任何关系一个 Java Web应用程序:我认为问题存在于所有平台的微小差异。
基本上有3个密钥存储候选者,您提到的前2个:
- DB
- 应用程序(hardcoded)
- 服务器上的其他地方运行WebApp,通常是一个文件
你已经把你的手指放在前2的弱点上,所以没有必要重复,我完全同意。
这也是我使用第三个候选人的动力。原因是这样的:
- 同一个应用程序的不同实例可以轻松地具有不同的密钥,所以一个妥协不会自动传播到所有其他
- 如果服务器以某种方式受到攻击,则允许攻击者读取任何文件,无论如何都是游戏:您无法阻止他阅读应用程序二进制文件或DB
- Web服务器上的文件系统安全性是一个相当了解的主题。
- 允许完全文件系统访问的插入是统计学的比应用程序或数据库插件少得多。
Cryptography is a widely adopted techonlogy to ensure confidentiality. Not considering implementation flaws, it has a single critical point: the secret key storage. If the secret key is stolen, the whole system will be compromised.
EDIT :
let me specify the context to make the question less broad:
- here a java web application is addressed
- more specifically it is used the spring framework version 3
- spring security 3.1 is used to secure the application
- a mysql5 database is available
- the application server is tomcat6 or tomcat7
- the server machine is not under my control
Maybe the questions can be focused on this scenario but, as pointed out, the problem of the secret key storage is transversal to the adopted technologies. However some libraries might offer peculiar features that can somehow facilitate the work. A clear point is that a tradeoff has to be found between security and the need to do practical things. To complete the analysis it is obvious that the required security level depends on the value of information to secure. It is senseless to flip our minds to enforce super-secure strategies (demanding a very lot of efforts) to keep secret the shoe size of a customer.
Here, I have to secure an email password (that will be stored in a db). I consider this information average critical.
What I'm looking for here, is the best solution with reasonable effort.
So the question is very clear: where would you store this information?
- do you store it in a database? So it should be encrypted and this requires another key (and where do you store this second key?)
- do you store it inside the
.warpackage? How do you prevent unauthorized accesses to the sources? - do you adopt a different strategy?
motivations for your strategy will be appreciated. thank you
I take the liberty to write an answer even if this doesn't have anything to do with a Java Web Application: I think the problem exists in only minor variance with all platforms.
Basically there are 3 candidates for key storage, the first 2 of which you mentioned:
- The DB
- The App ("hardcoded")
- Somewhere else on the server, that runs the WebApp, most often a file
You already put your finger on the weak points of the first 2, so no need to repeat, I fully agree.
This is also the motivation for me to use the third candidate. The reasoning is this:
- Different instances of the same app can easily have different keys, so a compromise of one will not automatically spread to all others
- If the server is compromised in a way, that allows the attacker to read any file, it is game over anyway: You wouldn't be able to stop him from reading the app binary or the DB
- File system security on a web server is a quite well-understood subject
- Break-ins, that allow full filesystem access are statistically much less often, than application or database break-ins
这篇关于您将密钥存储在Java Web应用程序中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
