[英]How do you securely provide a sensitive info (e.g. password) to a background application to be started?
I am working on a Java application that should be run in the background and was thinking of externalizing some sensitive info (DB credentials among others) in case it should change. 我正在开发一个应该在后台运行的Java应用程序,并考虑将一些敏感信息(DB凭据等)外部化,以防它应该更改。 These info is required in order for the application to start.
这些信息是启动应用程序所必需的。 However, I was wondering what is the proper way of doing this?
但是,我想知道这样做的正确方法是什么?
I was thinking of the following but needs advice from a security standpoint. 我正在考虑以下问题但需要从安全角度提出建议。
Encrypted passwords will be passed as Main arguments when starting the application. 加密密码将在启动应用程序时作为主参数传递。 However, I noticed that any user can see the arguments when the list of processes in the OS will be viewed.
但是,我注意到任何用户都可以在查看操作系统中的进程列表时看到参数。
Generate an external file, ie java properties file (with encrypted credentials) with view restrictions, and pass the file path to the application 生成外部文件,即具有视图限制的java属性文件(带有加密凭据),并将文件路径传递给应用程序
Put the encrypted credentials in the user's environment variables for the application to access it 将加密的凭据放在用户的环境变量中,以便应用程序访问它
Note: We already have an encryption tool that we use 注意:我们已经使用了加密工具
Personally, I was leaning to the 2nd option but I would like to know suggestions, comments, or best practices for cases like this. 就个人而言,我倾向于第二种选择,但我想知道这样的案例的建议,评论或最佳做法。
Thanks! 谢谢!
Option 2 is most common. 选项2是最常见的。 Personally, I do not recommend Option 1 and 3.
就个人而言,我不建议选项1和3。
There could be other options too. 还有其他选择。
As example you can look at PicketBox Vault. 例如,您可以查看PicketBox Vault。 It allows to make custom implementation more secured than default.
它允许使自定义实现比默认更安全。
In fact it is extended option 2 - there is a Vault file protected by key stored in Keystore. 实际上它是扩展选项2 - 存储在Keystore中的密钥保护的Vault文件。
Still password to that Keystore(alias) must be secured, but only one(two). 该密钥库(别名)的密码必须是安全的,但只有一个(两个)。 It is useful, when there are many properties need to be secured.
当需要保护许多属性时,它很有用。 It is also more manageable, since all properties secured same way and in one place.
它也更易于管理,因为所有属性都以相同的方式保存在一个地方。
2 is the most sensible option. 2是最明智的选择。 Problem with 1 and 3 is, once they have access to the "encrypted" string, all they have to figure out how are you decrypting it (You anyway have to do it, to make use of it).
1和3的问题是,一旦他们可以访问“加密”字符串,他们就必须弄清楚你是如何解密它的(你无论如何必须这样做,才能使用它)。
Have you looked at Spring Cloud Config , I don't know whether this is an option for your or not. 您是否看过Spring Cloud Config ,我不知道这是否是您的选择。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.