从Java程序存储/读取敏感数据
[英]Storing/Reading sensitive data from Java program
问题描述
I'm working on a program that will need to store data somewhere on the machine persistently, so that when I close the program the data doesn't disappear. 
我正在开发一个程序,该程序需要将数据持久存储在计算机上的某个位置,因此,当我关闭程序时,数据不会消失。 The data is something that I can't hash because the program needs to retrieve it's value. 数据是我无法哈希的,因为程序需要检索它的值。
This database needs to be super secure so that only the program itself can access this storage and nothing else. 该数据库必须是超级安全的,以便只有程序本身可以访问该存储,而没有其他访问权限。
Now, SQL seems pretty insecure to me, if you have access to the SQL you have access to every single database contained in it, the only way to go would be to encrypt some of the data I insert but that would lead to store another key for that. 现在,SQL对我来说似乎并不安全,如果您可以访问SQL,则可以访问其中包含的每个数据库,唯一的方法是对我插入的某些数据进行加密,但这将导致存储另一个密钥为了那个原因。
This is the structure of what I need to store: 这是我需要存储的结构:
FileName | Key | GroupOwner
----------|---------------------|-----------
foo.txt | $iv44dsfggsdvav523v | adminGroup
----------|---------------------|-----------
bar.txt | %iihg9v8326h5798v93 | adminGroup
Basically files are stored on a server and encrypted with a key, if anyone were to break in the server they should not be able to read the key and thus decrypt the file but only the program should be able to do that. 基本上,文件存储在服务器上并用密钥加密,如果有人闯入服务器,则他们应该无法读取密钥从而解密文件,而只有程序才能这样做。
Is there any way I can store data that only my program can read and modify? 有什么方法可以存储只有我的程序才能读取和修改的数据?
2 个解决方案
解决方案1
3 已采纳 2017-03-03 16:04:26
There are a few similar questions on SO - this is a good overview (even if it applies to web applications). 关于SO,也有一些类似的问题- 这是一个很好的概述(即使适用于Web应用程序)。
In short - you cannot solve this problem, as you have a chicken-and-egg issue. 简而言之-您无法解决此问题,因为您遇到了鸡和蛋的问题。 The common solution is to store the secret key on the filesystem, and use your operating system's security to ensure only authorised users can read it. 常见的解决方案是将密钥存储在文件系统上,并使用操作系统的安全性来确保只有授权用户才能读取它。
解决方案2
2 2017-03-03 15:57:28
In the end, a program is nothing but a written down algorithm ; 最后,一个程序只不过是一个写下来的算法 。 or in other words a protocol . 换句话说就是协议 。
Meaning: no matter what kind of code you put into your program; 含义:无论您将哪种代码放入程序中; in the end it is about a sequence of actions. 最后,它涉及一系列动作。 And in that sense: there is always a chance that another, completely different program does the same things. 从这个意义上讲:总是有另一个完全不同的程序执行相同操作的机会。
So in the end, "software only" solutions always expose certain risks. 因此,最终,“仅软件”解决方案始终会暴露某些风险。
That is why "high end" solutions always combine multiple "layers"; 这就是为什么“高端”解决方案总是将多个“层”结合在一起的原因; that offer different means of protection. 提供不同的保护方式。
In other words: at some point you need to trust . 换句话说:在某个时候,您需要信任 。 If an "attacker" has access to the system where your software is running on, then all bets are off anyway. 如果“攻击者”可以访问运行您的软件的系统,那么所有选择都将变为无效。 Because then he can attack using debuggers; 因为这样他可以使用调试器进行攻击。 or even by ripping out the drive; 甚至撕掉驱动器; and analyse it in a different system. 并在其他系统中进行分析。
Meaning: you can't protect yourself against everything. 含义:您无法保护自己免受一切侵害。 When your program runs on hardware that you control; 当程序在您控制的硬件上运行时; then well, you are "protected". 那么,您就受到“保护”。 But if not; 但是如果没有, then you simply can't store sensitive information on that system! 那么您根本无法在该系统上存储敏感信息!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.