Spring MVC and Encryption at Rest
Question
Sorry for the newbie question,
I'm trying to use the Spring MVC framework to upload files.
I am trying to maintain encryption at rest, however the MultipartFile states that the uploaded file may be stored on disk during the upload( 1 ). I do not encrypt the file until after the upload.
Does this break encryption at rest? Does "at rest" include information temporarily stored on disk during the course of the program?
Thanks in advance for any responses!
1 : states that "The file contents are either stored in memory or temporarily on disk."
1 answers
solution1
2 ACCPTED 2011-09-28 15:43:02
As long as the file is being stored in a temp location where it will not persist longer than the transaction , then I would say it doesn't break the at rest paradigm. If someone is watching a temp directory for fleeting files (whether a rogue admin or an outsider who has rooted your box), then you have bigger issues to deal with.
If the file persists in that temp location, then yes, the at rest paradigm is not being followed.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.