Category Archives: Amazon-S3

I’m working on a web platform which will contain some rather sensitive personal information, and obviously this raises the problem of how secure this data will be. Users can upload some files, and I was wondering what the best way was to store them securely.

I’ve done several searches, and one of the pages I found inspiring was https://stormpath.com/blog/how-to-gracefully-store-user-files (I’m not using Stormpath btw, just looking for implementation ideas) which said that using Cloud services is one of the best solutions as their security is already quite tight. The caveat I’ve found in other discussions is that your data is stored by a third-party, and if you use Amazon-managed encryption keys, they can theoretically view your data.

Yet, overall, one thing I don’t quite understand – I guess because of my total lack of expertise in the domain – is why storing files elsewhere than on your own server would be more secure. I’ve tried imagining a few different scenarios :

1- files stored on the webserver with no encryption -> obvious issue if someone breaks into the server

2- files stored on the webserver, encrypted with a global key, stored outside of the “public” folder -> if someone manages to get access to the server, they could get the files but also find the encryption key (and whatever they want actually) and access the files?

3- files stored on a 3rd party cloud provider, encrypted with a global key, stored outside of the “public” folder -> well.. same issue? if someone gets access to the server, they can get the encryption key, and I guess it wouldn’t be difficult for them to get the file which gives the credentials to the cloud account, and hence get the files?

Overall, it seems that whenever your web server gets compromised.. your data is basically compromised as well? The only solution would be to encrypt the files with a key only known to the user, but in practice this comes with a lot of “usability” cons : data irrecoverable if the user forgets the key, user needs to keep safe a long encryption key on top of his password, etc.

Any comments to shed some light on this topic for me?

Thanks very much

Continue reading What are the security implications of storing user-uploaded files on a third-party server versus your own managed webserver?→

I’m working on a web platform which will contain some rather sensitive personal information, and obviously this raises the problem of how secure this data will be. Users can upload some files, and I was wondering what the best way was to store them securely.

I’ve done several searches, and one of the pages I found inspiring was https://stormpath.com/blog/how-to-gracefully-store-user-files (I’m not using Stormpath btw, just looking for implementation ideas) which said that using Cloud services is one of the best solutions as their security is already quite tight. The caveat I’ve found in other discussions is that your data is stored by a third-party, and if you use Amazon-managed encryption keys, they can theoretically view your data.

Yet, overall, one thing I don’t quite understand – I guess because of my total lack of expertise in the domain – is why storing files elsewhere than on your own server would be more secure. I’ve tried imagining a few different scenarios :

1- files stored on the webserver with no encryption -> obvious issue if someone breaks into the server

2- files stored on the webserver, encrypted with a global key, stored outside of the “public” folder -> if someone manages to get access to the server, they could get the files but also find the encryption key (and whatever they want actually) and access the files?

3- files stored on a 3rd party cloud provider, encrypted with a global key, stored outside of the “public” folder -> well.. same issue? if someone gets access to the server, they can get the encryption key, and I guess it wouldn’t be difficult for them to get the file which gives the credentials to the cloud account, and hence get the files?

Overall, it seems that whenever your web server gets compromised.. your data is basically compromised as well? The only solution would be to encrypt the files with a key only known to the user, but in practice this comes with a lot of “usability” cons : data irrecoverable if the user forgets the key, user needs to keep safe a long encryption key on top of his password, etc.

Any comments to shed some light on this topic for me?

Thanks very much

Continue reading What are the security implications of storing user-uploaded files on a third-party server versus your own managed webserver?→