Details on how data is being kept in memory/on disks, most frequently being applied to databases, media banks and backup-recovery solutions.
Questions tagged [storage]
239 questions
0
votes
0 answers
Secure logs on an embedded IoT device
I need to secure logs on a IoT device (Infineon TC233). It has 2 MB flash and a HSM. We are at the design stage of development.
Since logs will be primarily event & data logs, the size of the log file is likely to be in a few KBs. Additionally, logs…
Akhilesh Gupta
- 163
- 9
0
votes
1 answer
Best practices for storing many certificates and private keys
I am responsible (among many other things) for managing TLS/SSL certificates for a couple dozen or so websites for a large multinational. Some sites are hosted on Apache, some are on IIS. I use openssl to generate private keys and csr; once…
Aleks G
- 221
- 1
- 5
0
votes
0 answers
Storing encrypted data inside a JSON array in MySQL?
I have the following the situation: I have some data structures which look like this:
{
id: int
name: BLOB
password: VARCHAR(80)
...
}
There it is easy to store the encrypted fields in the MySQL database because I could simply use a…
JavaForAndroid
- 111
- 1
0
votes
0 answers
Storing an encryption key securely
I am struggling with the question how to store a security key in a secure way. I have done some research and there are multiple options.
Option 1) Storing the key on the same server (not recommended, because an attacker might easily get access to…
JavaForAndroid
- 111
- 1
0
votes
1 answer
How to manage a users private key in a secure document storage solution?
I’m in the process of building a secure document storage on behalf of users of a web and mobile application. The goal is to have end-to-end encryption, as in documents will be encrypted and decrypted on device, but not require users to manage a…
espenhogbakk
- 101
- 2
0
votes
1 answer
Have external hardware SATA data protection systems been used in production to deter ransomware attacks?
Data destruction via drive formatting, file modification, and file deletion is a critical element of an organization's ability to rapidly recover from a breach. Perhaps the attacker's signature can be detected and prevented from executing again on…
J.Todd
- 1,300
- 1
- 10
- 20
0
votes
0 answers
Static Content Security
I have some static content HTML in a cloud storage space/ CDN.
How can I serve this only to authenticated users?
I am planning to use these static content on edx platforms.
How can I securely deliver my static content within OpenEdx.
Is there…
Dashin
- 1
- 1
0
votes
0 answers
Storing a host URL to fetch a resource on an iOS device
Let's say I had an API that told me "for X resource, use this host". My iOS app would then store that host and use it whenever it needs to fetch resource X.
I'm wondering what security concerns there are around this? If I had to support this, would…
0
votes
1 answer
How to best prevent data recovery on a disk drive without physically destroying it?
The recommended way of ensuring that data on a hard disk cannot be recovered is to destroy it physically, for example using a hammer, drill or even thermite.
Question
When physical disk destruction is not an available option, what is the next best…
stevec
- 1,214
- 1
- 7
- 16
0
votes
2 answers
Key derived from source files; deduplicated file storage
I'm wondering if the following system would be a secure way to store frequently duplicated files.
Hash the source file, deterministically derive a key from it.
The source file(s) are likely to be high entropy (PDFs, archives of multiple files…
Karmanyaahm
- 3
- 3
0
votes
1 answer
Should encryption key be stored remotely?
Consider the following scenarios of storing sensitive data locally on a network connected always-on device:
without any data encryption whatsoever
with encryption, the key stored locally in the device
with encryption, the key stored on a remote…
peter.babic
- 103
- 2
0
votes
1 answer
key escrow vs secure storage(software/TPM/HSM)
From the definition of key escrow (a method to store important cryptographic keys providing data-at-rest protection), it sounds very similar to that of secure storage which could be basically software-based or hardware-based (TPM/HSM).
But, I could…
Baranikumar Venkatesan
- 635
- 4
- 12
0
votes
1 answer
Backup on a distant dedicated server, such that even if someone gets root / hacks my distant server, they cannot read the data
Let's say we have:
a local computer (Windows or Linux)
a distant dedicated server with 2TB storage, running Linux
I'd like to do a backup my local computer's data folder (1 TB) to the distant server (updated every week of a few GB), but I have a…
Basj
- 951
- 2
- 8
- 16
0
votes
1 answer
Proper Format for Long-Term Storage on M-Discs
The conventional wisdom is that when you store data for long-term storage, you convert the data into a format that will last for decades. It should be in NTFS or FAT and the file format should be one in which will be around for decades.
For…
QuietInMontana
- 11
- 4
0
votes
1 answer
Best ways to store private keys on a client?
I am currently writing a program that sends an encrypted file to the client, and I don't want the user to be able to access the file directly (though the client program will operate on it).
Since the client will be written in Java, which is prone to…
berry64
- 1