I'd like to be able to secure files uploaded by clients.
I haven't really found plug-and-play tools for Rails apps.
I'd like to use Amazon S3, but their server side encryption is a joke even though it provides an incremental improvement in security.
Let me define security standards that I find worthwhile if one bothers with encryption:
make user's password and files invisible (or hardly visible) to the staff
This can be accomplished by storing secure hashes of the password and encryption keys.
One can take the hash in the browser using javascript which is a little bit more secure than doing it inside Rails.
Questions:
Is it worth the hassle of doing hashing and key generation in Javascript? Looks like there are libraries for hashing.
If you need to store client's password and/or master key (for file encryption), what would be the approach conceptually?
Are there ruby libraries to do file encryption or do I have to find a way to use Amazon S3 Java SDK?
Related
this might be a pretty simple question.
I'm not into this, so please excuse my lack of knowledge.
I would just like to ask for your opinions on what might be the best and easiest solution to achieve my goal here.
I'd like to develop a simple shopping list application (for the sole purpose of learning) where two (or more) users are supposed to work on a shared file on a web server (e.g. an XML file).
I considered using FTP but I have concerns about the security.
What do you think?
What do you mean by "shared file on a web server"? A file that is supposed to be modified by different users simultaneously or just a file that every user downloads? If its the latter, FTP is overkill and it would bring problems in the long run with bigger audience. The fastest (and secure) way to do this is to encrypt the file and put it on fast web service (like S3) and decrypt it on the phone. If you want to be absolutely sure use public/private key crypto - this way you encrypt the file and ensure that this file can only be decrypted, if it comes from you (e.g. encrypted with your private key).
We are building a Rails application and one of our clients had asked if we are using industry-standard 256-bit encryption to ensure the confidentiality of personal information.
Are there are any gems which can be used to enforce this?
First enforce the use of ssl in rails. A good summary how to do this can be found in http://www.simonecarletti.com/blog/2011/05/configuring-rails-3-https-ssl/
Second you have to configure your webserver, so that it forces clients to use aes256 for secured connections. If you are using apache, you might start reading here http://httpd.apache.org/docs/2.4/mod/mod_ssl.html
That should be about it.
I'm doing some research on a new project we want to work on, but before we actually take on the project I have some concerns.
This project involves storing a lot of (text) data somewhere on a server, you can think about it like Instagram (but without photos).
So you can follow people, view profiles, list of activity ...
The question is, how do these apps send all this data securely to a server?
And what kind of server do they use? Something like Amazon AWS?
They are sent over https which is built into the NSURLConnection class. You can have a server (I use linux but you can use anything) have a self signed ssl certificate and your App code can give an exception to that particular URL for self signed certificates if you are wanting to save money. It is better practice and more secure to have a signed certificate though.
As far as storing it, most don't actually store it encrypted. It is sent to the server running a web service encrypted and then is stored in the database / file system unencrypted. The reason for this is there is a lot of processing power required to compress things and the extra over head of storing encrypted things as well as making it harder to search and index depending on how you do it.
Amazon AWS would work although I run my own server at home. It's quite easy to set up.
I have an app that uses a single-user OAUTH token. I can store the four values (consumer key/secret, token/secret) directly inside the app but that's not recommended and I don't want the secrets to be checked into source code. The app doesn't use a database. I know that however I store them, someone with access to the server could figure them out but I'd like to at least get it out of the source code. I've thought of passing them as Passenger environment variables or storing them in a separate file on the server but are there better ways? Is there any point to encrypting them since anyone that could see them would also have the access needed to decrypt?
Not having the keys stored in the source code actually is actually bad a practice in the accoding to the most agile setup (continuous deployment).
But, by what you say, you want to have two groups: those who can make the code, and those who can deploy it. Those who can deploy it have access to the keys, and, in the most secure setting, must NOT use the code of the application. You can make the oauth still work by having those who code autenticate to a system that proxies all the authorization part, and authenticates de application. Such keys (app -> auth middle man) can be in repository, as they are internal.
Any other setup: authentication library created by those who can deploy, encrypted keys, anything else can be broken by those who make the code. If you don't trust them enough to have access to the keys, you probably don't trust them enough not to try to jailbreak the keys.
The resulting deployment scheme is much more complicated, and, therefore much more prone to erros. But it is, otherwise, more secure. You still have to trust someone, like those who install the operating system, the proxy's system middleware, those who maintain the proxy's machine(s), those who can long on it, and so on. If the groupo of people with access to the keys is small enough, and you trust them, then you've gained security. Otherwise, you lost security, ability to respond to change, and wasted a lot of people's time.
Unfortunately, all authorization schemes require you to trust someone. No way around it. This is valid for any application/framework/authorization scheme, not only sinatra, rails, oauth, java, rsa signatures, elliptic curves, and so on.
I need to store payment gateway processor username/password credentials on a production web server, but would prefer not to do so in clear-text. What is the best way to store these credentials? Are their best practices for encrypting and decrypting this information?
It's a classic chicken-egg problem. Encryption does not help you at all if you can't protect the keys. And you obviously can't.
What I would suggest is to try to make the other services / users use hashes towards your authentication code, and save those hashes instead. That way at worst you will lose the hashes, but it might prove hard (depending on the rest of the setup) to actually use them maliciously. You might also want to salt the hashes properly.
An other possibility would be using an external authentication store if you can't enforce using hashes. It does not really solve the problem, but you can control the attack vectors and make it safer by allowing only very specific contact with the actual source with the important data.
Store outside of any directory that is web accessible.
Make sure only the app processes have read access.
Harden server.