I need to store payment gateway processor username/password credentials on a production web server, but would prefer not to do so in clear-text. What is the best way to store these credentials? Are their best practices for encrypting and decrypting this information?
我需要在生产Web服务器上存储支付网关处理器用户名/密码凭据,但不希望以明文形式存储。存储这些凭据的最佳方法是什么?他们是加密和解密此信息的最佳做法吗?
2 个解决方案
#1
It's a classic chicken-egg problem. Encryption does not help you at all if you can't protect the keys. And you obviously can't.
这是一个经典的鸡蛋问题。如果您无法保护密钥,加密根本无济于事。你显然不能。
What I would suggest is to try to make the other services / users use hashes towards your authentication code, and save those hashes instead. That way at worst you will lose the hashes, but it might prove hard (depending on the rest of the setup) to actually use them maliciously. You might also want to salt the hashes properly.
我建议的是尝试让其他服务/用户对您的身份验证代码使用哈希值,并保存这些哈希值。在最糟糕的情况下,你将失去哈希值,但实际使用它们可能很难(取决于设置的其余部分)。您可能还想要正确地对哈希进行加盐。
An other possibility would be using an external authentication store if you can't enforce using hashes. It does not really solve the problem, but you can control the attack vectors and make it safer by allowing only very specific contact with the actual source with the important data.
如果您不能强制使用哈希,则另一种可能是使用外部身份验证存储。它并没有真正解决问题,但是你可以控制攻击向量并通过只允许与重要数据进行非常具体的实际源接触来使其更安全。
#2
- Store outside of any directory that is web accessible.
- Make sure only the app processes have read access.
- Harden server.
存储在可通过Web访问的任何目录之外。
确保只有应用程序进程具有读访问权限。
#1
It's a classic chicken-egg problem. Encryption does not help you at all if you can't protect the keys. And you obviously can't.
这是一个经典的鸡蛋问题。如果您无法保护密钥,加密根本无济于事。你显然不能。
What I would suggest is to try to make the other services / users use hashes towards your authentication code, and save those hashes instead. That way at worst you will lose the hashes, but it might prove hard (depending on the rest of the setup) to actually use them maliciously. You might also want to salt the hashes properly.
我建议的是尝试让其他服务/用户对您的身份验证代码使用哈希值,并保存这些哈希值。在最糟糕的情况下,你将失去哈希值,但实际使用它们可能很难(取决于设置的其余部分)。您可能还想要正确地对哈希进行加盐。
An other possibility would be using an external authentication store if you can't enforce using hashes. It does not really solve the problem, but you can control the attack vectors and make it safer by allowing only very specific contact with the actual source with the important data.
如果您不能强制使用哈希,则另一种可能是使用外部身份验证存储。它并没有真正解决问题,但是你可以控制攻击向量并通过只允许与重要数据进行非常具体的实际源接触来使其更安全。
#2
- Store outside of any directory that is web accessible.
- Make sure only the app processes have read access.
- Harden server.
存储在可通过Web访问的任何目录之外。
确保只有应用程序进程具有读访问权限。