I have a database that will be holding sensitive data, so it should be encrypted in the database. Basically the sensitive data are credentials to another web site. So I want to encrypt them with the users password + salt.
我有一个将保存敏感数据的数据库,因此应该在数据库中加密。基本上,敏感数据是另一个网站的凭据。所以我想用用户密码+ salt加密它们。
To decrypt the credentials one would need the password.
要解密凭证,需要密码。
I see two ways: On login, I could decrypt the credentials, and then store them in the session? Is that safe?
我看到两种方式:登录时,我可以解密凭据,然后将它们存储在会话中?这样安全吗?
OR
Harder on the user would be to ask again for the password before decrypting the stored passwords/ids?
在解密存储的密码/ ID之前,用户更难以再次询问密码?
We don't want to have any ability to use the stored credentials ourselves.
我们不希望自己有能力使用存储的凭据。
1 个解决方案
#1
2
I highly recommend "Security on Rails" for this. It's a tricky topic, so you'll need to spend some time reading up in order to get it right. They cover exactly this topic, including how to salt the encrypted data, unit test to make sure it is encrypted, and more.
我强烈推荐“安全在Rails上”。这是一个棘手的话题,所以你需要花些时间阅读才能做到正确。它们涵盖了这个主题,包括如何对加密数据进行加盐,单元测试以确保加密数据等等。
Their sample code shows how to add class methods to ActiveRecord::Base so that you can make any database column encrypted in one line of code. Definitely an idiomatic Rails approach.
他们的示例代码显示了如何将类方法添加到ActiveRecord :: Base,以便您可以在一行代码中加密任何数据库列。绝对是一种惯用的Rails方法。
It's an awesome read - the unit tests blew me away, so seriously ... go get it.
这是一个很棒的阅读 - 单元测试让我感到震惊,所以认真......去吧。
By the way, when you said
顺便说一下,当你说
We don't want to have any ability to use the stored credentials ourselves.
我们不希望自己有能力使用存储的凭据。
you realize that because your code receives the unencrypted data from the user's browser, you do have access to the data in memory before it is encrypted on disk, or when it is unencrypted when the user wants to use that data later. And bad people could get access to that data if they root your box, sneak something into a Ruby eval(), etc.
您意识到,由于您的代码从用户的浏览器接收到未加密的数据,因此您可以在磁盘上加密之前访问内存中的数据,或者在用户以后想要使用该数据时未加密的数据。坏人可以访问这些数据,如果他们根据你的盒子,偷偷摸摸的东西进入Ruby eval()等。
Encrypting the data does help a lot, though. SQL injection attacks can't get the decrypted data, for example.
但是,加密数据确实有很大帮助。例如,SQL注入攻击无法获取解密数据。
#1
2
I highly recommend "Security on Rails" for this. It's a tricky topic, so you'll need to spend some time reading up in order to get it right. They cover exactly this topic, including how to salt the encrypted data, unit test to make sure it is encrypted, and more.
我强烈推荐“安全在Rails上”。这是一个棘手的话题,所以你需要花些时间阅读才能做到正确。它们涵盖了这个主题,包括如何对加密数据进行加盐,单元测试以确保加密数据等等。
Their sample code shows how to add class methods to ActiveRecord::Base so that you can make any database column encrypted in one line of code. Definitely an idiomatic Rails approach.
他们的示例代码显示了如何将类方法添加到ActiveRecord :: Base,以便您可以在一行代码中加密任何数据库列。绝对是一种惯用的Rails方法。
It's an awesome read - the unit tests blew me away, so seriously ... go get it.
这是一个很棒的阅读 - 单元测试让我感到震惊,所以认真......去吧。
By the way, when you said
顺便说一下,当你说
We don't want to have any ability to use the stored credentials ourselves.
我们不希望自己有能力使用存储的凭据。
you realize that because your code receives the unencrypted data from the user's browser, you do have access to the data in memory before it is encrypted on disk, or when it is unencrypted when the user wants to use that data later. And bad people could get access to that data if they root your box, sneak something into a Ruby eval(), etc.
您意识到,由于您的代码从用户的浏览器接收到未加密的数据,因此您可以在磁盘上加密之前访问内存中的数据,或者在用户以后想要使用该数据时未加密的数据。坏人可以访问这些数据,如果他们根据你的盒子,偷偷摸摸的东西进入Ruby eval()等。
Encrypting the data does help a lot, though. SQL injection attacks can't get the decrypted data, for example.
但是,加密数据确实有很大帮助。例如,SQL注入攻击无法获取解密数据。