堆栈内存溢出
  简体   繁体   English

带有随机密钥的公共S3对象的安全性

[英]Security of public S3 objects with random keys

 原文  2014-03-12 05:54:11       security/ amazon-web-services/ amazon-s3

问题描述

I have an S3 bucket containing objects that I want to share with users of a website. 我有一个S3存储桶,其中包含要与网站用户共享的对象。 I know I can use something like Query String Authentication to provide secure access to the objects, but what if I instead make each object publicly-readable yet "hidden" behind a complex key (ie URL) containing a cryptographically-strong random number? 我知道我可以使用诸如查询字符串身份验证之类的方法来提供对对象的安全访问,但是如果我改为使每个对象成为公共可读的但隐藏在包含加密强随机数的复杂密钥(即URL)后面,该怎么办? If the containing bucket disallows listing of objects, there wouldn't be a way to guess or discover the URLs, correct? 如果包含的存储桶不允许列出对象,那么将没有办法猜测或发现URL,对吗? Or is there some security hole I'm overlooking? 还是我忽略了一些安全漏洞?

Side note: my first thought was to use UUIDs in the keys, but I read that they can apparently be predicted, given a few previous instances. 旁注:我首先想到的是在密钥中使用UUID,但我读到,鉴于先前的一些实例,它们显然可以预测。 That said, I don't have an understanding of how easily that can be done. 就是说,我不知道这样做有多容易。 If it's non-trivial, I probably wouldn't worry too much about using them instead of a strong random number... 如果不是很简单,我可能不会担心使用它们而不是强随机数...

2 个解决方案

解决方案1
 1  2014-03-12 17:23:04

The problem is if the once shared URL gets into the hands of another user (say via sharing). 问题是曾经共享的URL是否落入另一个用户的手中(例如通过共享)。 If you ensure the URL is kept sufficiently secret, it is ok with this approach (say you return the URL to a user via https, and this user dont share it). 如果您确保将URL保持足够机密,则可以采用这种方法(例如,您通过https将URL返回给用户,而该用户不共享它)。

Any loophole here will cause a security hole - and here is where the query string based signature scheme is helpful, since the signatures are made to expire after a fixed time and so any re-sharing wont also harm you. 这里的任何漏洞都会引起安全漏洞-这是基于查询字符串的签名方案的有用之处,因为使签名在固定时间后过期,因此任何重新共享也不会损害您。

You can use UUIDs (ensure they dont end up duplicating, by regenerating another one if the new one collides). 您可以使用UUID(如果新的UUID发生冲突,则通过重新生成UUID来确保它们不会重复)。 They are probably as difficult (or more) to guess as any other 8-letter password. 他们可能像其他任何8个字母的密码一样难以(或更多)猜测。

解决方案2
 0  2014-03-12 20:36:58

The standard way to do what you want is to generate pre-signed URLs for each of the objects you want to share. 执行所需操作的标准方法是为要共享的每个对象生成预签名URL If you make them with a short lifetime, then they cannot be shared outside that time period. 如果使它们的生命周期较短,则无法在该时间段之外共享它们。 All of the AWS-provided SDKs have support for this feature. AWS提供的所有SDK均支持此功能。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何显示不公开的s3存储桶中的对象 - How to show objects from an s3 bucket that is not public 使用来自authorized_keys的公钥和Java安全性 - Using public key from authorized_keys with Java security 每桶的Amazon S3安全凭证 - Amazon S3 security credentials per bucket AWS S3签名URL作为超链接的安全性 - AWS S3 The security of a signed URL as a hyperlink 直接将浏览器上传到S3中的安全性问题 - Security concern in direct browser uploads to S3 从 AWS Firehouse 到 S3 的数据安全性 - Security in data from AWS Firehouse to S3 将Amazon S3密钥存储在私有仓库中 - Storing Amazon S3 keys in private repo 使用随机头的HTTP(S)请求安全性 - HTTP(S) request security using random headers 阻止 S3 上的公共访问,可从 Cloudfront 访问? - Block public access on S3, accessible from Cloudfront? 将图像上传到s3并在facebook画布上投放的安全问题 - security concerns for upload images to s3 and serve on facebook canvas
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM