安全地存储敏感数据客户端 [英] Safely Storing sensitive data client side
问题描述
返回故事
我在一家中小型公司工作,我们正在重新设计面向客户的会计门户,我的经理希望使用信用卡信息存储单点付款选项在最终用户计算机上的cookies中。我根本不爱这个想法....(其实我还在努力改变主意)。这就是说我试图尽可能的安全,我想我有办法尽量减少风险,这里是:
使用SSL所有交易
将本地存储的多个Cookie中的数据加密
,其密码为每次必须输入的确认密码。强制密码是强大的,说15+混合字符,这是通过检查服务器上的哈希确认的。
我知道主要的弱点是以双向加密方式存储的cookie信息,这是一个相当安全的方式来存储信息....
问题
如何使用这种基本方法进行改进。
请我知道会有很多<我不要这样做答案(如果我不问,我会是其中之一),所以请具体说明,你正在向合唱团讲道,所以在底线中是有建设性的。 >
编辑 - 如果您有一个特定的点,您认为我可以在我的经理推荐使用,请分享。 (我已经提出,如果CC信息被从cookie中偷走,我们可能有法律责任,他说他会有一个律师的样子)
谢谢
对所有交易使用SSL
将本地存储的一些Cookie中的数据加密为
密码作为确认密码每次都必须输入。
强制密码强,说15+混合字符,这是
,通过检查服务器上的哈希确认。
$ b $我通常记得我的信用卡号码,我宁愿把它放在(因为我已经打算不向任何人泄露),而不是大多数客户写下的一个长而复杂的钥匙无论如何,无论如何,
即使我们不允许说不要这样做! - 你为什么不问我们好的方法来劝阻你的经理做这个决定? ; - )
什么让你不愿意存储这个服务器端?这不像亚马逊将我的信用卡信息存储在cookie中。基本思想是在服务器上存储所有用户信息,并在用户成功验证(即登录)时进行访问。
在这种情况下,Cookie用于在浏览器会话之间保留登录的状态。登录 -session具有访问权限的信息存储在服务器上。使用信用卡信息,这通常需要比其他敏感信息更多的安全性,但这是同样的基本思想。
将实际的信用卡号存储在Cookie中(加密或不加密)当某些技术精湛的客户意识到您正在做什么时,可能会成为潜在的公关噩梦。
更多阅读主题:什么信息可以存储在cookies中?
编辑:我读到的这个问题越多,我越笨拙。你的经理是否知道饼干是什么?怎么运行的?它的重点是什么?说你想把信用卡信息存储在cookies里就好比说你想用鞋子作为运送鞋带的手段。 他正在积极地,有目的地在脚下射击自己,没有任何理由。他想要实现的目标可以通过其他更安全的技术来实现,而不会损失任何功能。 >
从文章由Scott Hanselman链接:
存储信用卡
如果你绝对必须存储信用卡数据应该以加密的形式存储。
供应商应该有各种合规性标准(特别是CSIP和PCI)遵循描述网络如何保护和数据存储的具体规则。这些规则相当复杂,需要非常昂贵的认证。然而,这些标准是非常严格和昂贵的,得到验证,因为小型企业几乎不可能遵守。虽然较小的供应商不太可能被迫遵守,但是,如果发生欺诈或安全漏洞,那么不遵守信用卡公司就不承担任何责任。换句话说,你完全负责损害的全部程度(实际上你无论如何 - 我只是回应这些认证的粗略概念)。
(我的重点)
Back Story I work at a small-mid size company and we are reworking our customer facing accounting portal and my manager wants to make single click payment option with the Credit Card info stored in cookies on the end users computer. I'm not in love this the idea.... at all (in fact I'm still trying to change his mind). That being said I am trying to make it as secure as I can, I think I've got a way to minimize the risk, here it is:
using SSL for all exchanges
encrypt the data in a number of cookies that are stored locally having the cipher as a confirm password that must be entered each time. forcing the cipher to be strong, say 15+ mixed chars, and this is confirmed by checking a hash of it on the server.
I know that the major weak spot is the cookie info that is stored in a two way encryption, that said is this a reasonably safe way to store the info....
The Question How can it be improved using this basic method.
Please I know that there is going to be a lot DON'T DO IT! answers (if I was not asking, I would be one of them) so please be specific, you are preaching to the choir on this so be constructive in the negatives.
Edit - If you have a specific point that you think I can use in reasoning with my manager please share. (I've already brought up that we maybe legally responsible if the CC info is stolen from a cookie, and he said he would have a lawyer look that over)
Thank you.
解决方案using SSL for all exchanges
Should be done no matter what solution you use, as long as credit cards/payment info is involved. As you probably know.
encrypt the data in a number of cookies that are stored locally having the cipher as a confirm password that must be entered each time. forcing the cipher to be strong, say 15+ mixed chars, and this is confirmed by checking a hash of it on the server.
I usually remember my credit card number, and I'd rather put that in (as I'm already intent on not disclosing it to anyone) than a long and complicated key that most customers would write down somewhere anyway.
Even if we aren't allowed to say "don't do it!" - why don't you ask us for good ways to dissuade your manager from taking this decision? ;-)
What makes you unwilling to store this server-side? It's not like Amazon stores my credit card info in a cookie. The basic idea is to store all user info on the server, and access it when a user has authenticated successfully (i.e. logged in).
Cookies are in this case used to persist the logged in-state between browser sessions. The info this logged in-session has access to is stored on the server. With credit card info this usually entails a lot more security than other sensitive info, but it's the same basic idea.
Storing actual credit card numbers in cookies (encrypted or not) could be a potential PR nightmare when some tech-savvy customer realises what you are doing.
Thread for more reading: What information is OK to store in cookies?
Edit: The more I read through this question the more dumbfounded I get. Does your manager even know what a cookie is? How it works? What the point of it is? Saying that you want to store credit card info in cookies is like saying you want to use shoes as a means to transport shoe-laces. He is actively and purposefully shooting himself in the foot for no reason whatsoever. What he wants to achieve can be achieve a lot easier with other, much safer techniques - without any loss in functionality whatsoever.
From an article linked by Scott Hanselman:
Storing Credit Cards
If you absolutely must store credit card data it should be stored in encrypted form.
There are various compliance standards (specifically CSIP and PCI) that vendors are supposed to follow that describe specific rules of how networks need to be secured and data stored. These rules are fairly complex and require very expensive certification. However, these standards are so strict and expensive to get verified for that it's nearly impossible for smaller businesses to comply. While smaller vendors are not likely to be pushed to comply, not complying essentially releases the credit card company of any liability should there be fraud or a security breach. In other words you are fully responsible for the full extent of the damage (realistically you are anyway – I'm only echoing back the rough concepts of these certifications).
(my emphasis)
这篇关于安全地存储敏感数据客户端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
