File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Security for a Web Application Deployed on an external server Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Security for a Web Application Deployed on an external server" Watch "Security for a Web Application Deployed on an external server" New topic
Author

Security for a Web Application Deployed on an external server

Gaurav Wadhwani
Ranch Hand

Joined: Sep 21, 2010
Posts: 68
This is not a JAVA specific security question.

I want to upload a web app on a server but the server is not owned by me. The data stored in DB on the server is important. To add security I can always encrypt the data in DB. Here, the operators of the server can however, get the copy of my encrypted DB and can also look in my source code to get the key for decryption. I need to store the key for decryption because I would need to display the records in the application.

How can I ensure that the server operators cannot get the data?
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
The first question to ask is: why are you hosting with people you don't trust?

Secondly: Why would they have access to your source code?

If the data is that important you should choose a hosting plan where you have root access to the server, and no sys admin can get at the server.
Gaurav Wadhwani
Ranch Hand

Joined: Sep 21, 2010
Posts: 68
why are you hosting with people you don't trust?
This is a very general scenario, I cant afford a server of my own.

Why would they have access to your source code?
I didnt say this.


If the data is that important you should choose a hosting plan where you have root access to the server, and no sys admin can get at the server.


Yes I know this, but Is there no other option ?
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
Why would they have access to your source code?
I didnt say this.

Then what did you mean by:
the operators of the server can ... look in my source code



This seems an unusual scenario. The data is important enough that you think the sys admins might try to get at it in violation of the contract you have with them, but it's not important enough to merit its own server to prevent that. Not sure what to advise about that, it seems a case of odd priorities.

You can always enter the decryption key through the web app after the each startup. That way it only exists in memory, but after each restart of the app it needs to be re-entered.
Gaurav Wadhwani
Ranch Hand

Joined: Sep 21, 2010
Posts: 68
I and the system admin both have access to my source code so the key is visible.

Even if i manually enter the key each time, then also he(system admin) can capture packet and see it!


If I use SSL to send the key then also he gets the SSL key in the source code. I want to find a way out of it
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
I'm sorry, you're using a sys admin that you suspect might packet snoop the traffic and use the SSL key to decrypt your traffic? And you provide your source code to such a person? Seriously, either the data isn't important enough to try to prevent such attacks, or -if it is- you need to get a root server.
Gaurav Wadhwani
Ranch Hand

Joined: Sep 21, 2010
Posts: 68
Tim the thing is, a sys admin can always look into your code and you wont get to know. This is a very general case, most of us cant afford a entire server.
 
Consider Paul's rocket mass heater.
 
subject: Security for a Web Application Deployed on an external server