Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Security for a Web Application Deployed on an external server

 
Gaurav Wadhwani
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is not a JAVA specific security question.

I want to upload a web app on a server but the server is not owned by me. The data stored in DB on the server is important. To add security I can always encrypt the data in DB. Here, the operators of the server can however, get the copy of my encrypted DB and can also look in my source code to get the key for decryption. I need to store the key for decryption because I would need to display the records in the application.

How can I ensure that the server operators cannot get the data?
 
Tim Moores
Bartender
Posts: 2894
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The first question to ask is: why are you hosting with people you don't trust?

Secondly: Why would they have access to your source code?

If the data is that important you should choose a hosting plan where you have root access to the server, and no sys admin can get at the server.
 
Gaurav Wadhwani
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
why are you hosting with people you don't trust?
This is a very general scenario, I cant afford a server of my own.

Why would they have access to your source code?
I didnt say this.


If the data is that important you should choose a hosting plan where you have root access to the server, and no sys admin can get at the server.


Yes I know this, but Is there no other option ?
 
Tim Moores
Bartender
Posts: 2894
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Why would they have access to your source code?
I didnt say this.

Then what did you mean by:
the operators of the server can ... look in my source code



This seems an unusual scenario. The data is important enough that you think the sys admins might try to get at it in violation of the contract you have with them, but it's not important enough to merit its own server to prevent that. Not sure what to advise about that, it seems a case of odd priorities.

You can always enter the decryption key through the web app after the each startup. That way it only exists in memory, but after each restart of the app it needs to be re-entered.
 
Gaurav Wadhwani
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I and the system admin both have access to my source code so the key is visible.

Even if i manually enter the key each time, then also he(system admin) can capture packet and see it!


If I use SSL to send the key then also he gets the SSL key in the source code. I want to find a way out of it
 
Tim Moores
Bartender
Posts: 2894
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm sorry, you're using a sys admin that you suspect might packet snoop the traffic and use the SSL key to decrypt your traffic? And you provide your source code to such a person? Seriously, either the data isn't important enough to try to prevent such attacks, or -if it is- you need to get a root server.
 
Gaurav Wadhwani
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Tim the thing is, a sys admin can always look into your code and you wont get to know. This is a very general case, most of us cant afford a entire server.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic