将敏感数据存储在数据库中,建议
I'm searching for best solution to store sensitive data in database. I know that this is common problem and i have done my homework (at least this is what i think), but i wanted to ask here before i will make a decision.
我正在寻找将敏感数据存储在数据库中的最佳解决方案。我知道这是常见的问题而且我完成了我的作业(至少这是我的想法),但我想在此之前先问我做出决定。
Assumptions:
- Encrypted data needs to be decrypted. We are talking about SMTP credentials like username, password, host, port itp.
加密数据需要解密。我们正在谈论SMTP凭据,如用户名,密码,主机,端口itp。
I was thinking about 2 concepts:
我在考虑两个概念:
Encrypt data with help of passlib.totp library. To make those data a bit safer i will keep key in separate file. Then from what i can see i can use this library to decrypt data to plain text using my key.
借助passlib.totp库加密数据。为了使这些数据更安全,我会将密钥保存在单独的文件中。然后从我可以看到我可以使用此库使用我的密钥将数据解密为纯文本。
The other concept was to encrypt and decrypt data during query request with help of postgres:
另一个概念是在postgres的帮助下在查询请求期间加密和解密数据:
insert into demo(pw) values ( encrypt( 'data', 'key', 'aes') );
And:
decrypt(pw, 'key', 'aes'), 'utf-8')
Here the key will be stored also in separate file.
这里的密钥也将存储在单独的文件中。
So my questions are:
所以我的问题是:
- What is better approach to encrypt / decrypt data, in code or in database?
- Are there any better (stronger) libraries to use than passlib.totp -> i have no experience with that library (i'm aware that encryption / decryption is not the moste secure way of storing password -> password supposed to be hased but i need it in plain text to use users smtp gate).
在代码或数据库中加密/解密数据的更好方法是什么?
有没有比passlib.totp更好(更强)的库使用 - >我没有使用该库的经验(我知道加密/解密不是存储密码的最安全的方式 - >密码应该被hased但是我需要在纯文本中使用用户smtp gate)。
3 个解决方案
#1
1
2) The other concept was to encrypt and decrypt data during query request with help of postgres: insert into demo(pw) values ( encrypt( 'data', 'key', 'aes') ); and decrypt(pw, 'key', 'aes'), 'utf-8') Here the key will be stored also in separate file.
2)另一个概念是在postgres的帮助下在查询请求期间加密和解密数据:插入demo(pw)值(encrypt('data','key','aes'));和解密(pw,'key','aes'),'utf-8')这里的密钥也将存储在单独的文件中。
I wouldn't recommend that, because it's way too easy for the keys to get exposed in pg_stat_activity
, the logs, etc. PostgreSQL doesn't have log masking features that would protect against that.
我不建议这样做,因为密钥很容易暴露在pg_stat_activity,日志等中.PostgreSQL没有日志屏蔽功能可以防止这种情况发生。
I strongly advise you to use app-side crypto. Use a crypto offload device if security is crucial, so key extraction isn't possible for most attackers. Or require the key to be unlocked by the admin entering a passphrase at app start, so the key is never stored unencrypted on disk - then the attacker has to steal it from memory. But even an unencrypted key file somewhere non-obvious is better than in-db crypto, IMO, since it at least separates the key from the data.
我强烈建议你使用app-side crypto。如果安全性至关重要,请使用加密卸载设备,因此大多数攻击者无法进行密钥提取。或者要求管理员在应用启动时输入密码来解锁密钥,因此密钥永远不会以未加密的方式存储在磁盘上 - 然后攻击者必须从内存中窃取密钥。但即使是非显而易见的未加密密钥文件也比in-db加密,IMO更好,因为它至少将密钥与数据分开。
更多相关文章
- Javascript来自数据库的图像上的图像映射
- python数据类型二(列表和元组)
- sklearn进行数据预处理-归一化/标准化/正则化
- 使用特定顺序的ID列表从Django数据库中获取记录
- 检查 NaN 数据值 (C/C++/Python 实现)
- 【python网络爬虫三】爬取动态数据及数据入库
- 数据挖掘(三)分类模型的描述与性能评估,以决策树为例
- 用于Python项目的低内存和最快查询数据库
- python爬虫:爬取豌豆荚APP第一页数据信息(selenium)