This week's book giveaway is in the NodeJS forum.
We're giving away four copies of Serverless Applications with Node.js and have Slobodan Stojanovic & Aleksandar Simovic on-line!
See this thread for details.
Win a copy of Serverless Applications with Node.js this week in the NodeJS forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Junilu Lacar
  • Paul Clapham
  • Knute Snortum
Saloon Keepers:
  • Stephan van Hulst
  • Ron McLeod
  • Tim Moores
  • salvin francis
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Frits Walraven
  • Vijitha Kumara

Where/how to store the password for a Java Key Store  RSS feed

 
Saloon Keeper
Posts: 2476
317
Android Angular Framework Eclipse IDE Java Linux MySQL Database Redhat TypeScript
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Background
I am working on an solution which provides wireless connectivity to container-mounted monitoring devices to connect to a shore-side management system while the devices are at sea.

The solution is physically housed in a hardened weatherproof outdoor enclosure mounted on the vessel's monkey island along with other communications and navigation equipment.  The solution is effectively a headless appliance and only has external connections for power, antennas, and an Ethernet network connection (no keyboard, screen, USB connector, etc).

The communications link between the vessel and the shore is via an unreliable low-speed satellite connection, with typical throughput rates in the low kbps range.  The monetary cost of transporting over this link is relatively high, so the solution tries to minimize the usage of the satellite back-haul whenever possible.

The devices sometimes need firmware updates or changes to their configuration.  If urgent, these updates are performed while the devices are at sea.  Firmware updates can be as large as 750kB, and there can be 2000 or more of these devices on a vessel.  Since the same updates are applied to all devices, the solution has a caching proxy which sits between the devices and the shore-side servers.  Requests from the devices to download updates is intercepted and routed to the proxy.  If the proxy has the update in its cache, the update is served to the device without consuming any back-haul bandwidth.  If not found in the cache, the proxy downloads the update from the shore and stores it for subsequent requests.

The resources are downloaded by the devices using HTTP, and the URIs specified by the devices are the same whether being served by the solution at sea or the commercial cellular network on land.

Problem
I have a requirement to move from HTTP to HTTPS.  To be able to continue intercepting requests and serving the updates locally, the HTTPS connection will need to be terminated in the solution.  To be trusted by the devices (as they would trust the shore-side servers), the solution will need a certificate and private keys.  The security information will only be used by the Proxy application (Java SE 8), and I plan on securing the cert and keys in a Java Key Store.

The application will require the password to access the information in the key store.

Although the risk is probably low, there is a concern that the solution may be physically removed from the vessel while it is a port (or maybe tampered with while at sea), so I would like to do the best I can to protect the password used to secure the data in the key store.  I could obscure the password in the application code, but I'm looking for ideas for a more secure solution.

Any thoughts?

 
Saloon Keeper
Posts: 9997
208
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Unless you prompt the user for a password, there's no way to do this without saving a password on the system in some form.

I probably wouldn't even bother with a password for the key store. I'd just let the OS encrypt the file containing the key store, and giving access to it only to a special service account that an administrator has set up for your application to run under.
 
Bartender
Posts: 20576
121
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't believe that the Java keystore database allows running without passwords. In fact, you have to have TWO passwords - one for the keystore and one for the entry in many cases.

The traditional method of securing a keystore has been to never permit unauthorized access to the resources that define (and supply the password to) the keystore.

Beyond that, it doesn't sit well that a myriad of remote nodes should each have their own keystore. Generally you'd have a keystore on the primary server and client certs for each of the clients.
 
And inside of my fortune cookie was this tiny ad:
global solutions you can do at home or in your backyard
https://www.kickstarter.com/projects/paulwheaton/better-world-boo
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!