#1109 closed enhancement (fixed)

INCA report files should be encrypted

Reported by: Nicklas Nordborg Owned by: Nicklas Nordborg
Priority: major Milestone: Reggie v4.22
Component: net.sf.basedb.reggie Keywords:
Cc:

Description

The INCA import and INCA statistics wizard generate and store data files that may contain sensitive data.

They are currently stored in the static cache part of the file system under a key that depends on the session id of the logged in user (since [5279]). However, this may not be secure enough since there is nothing that protects the cache from other code that wants to use it.

It would be good if we could use information from the current user/session to encrypt the data files. This would make it impossible for other users to read the clear-text even if the get access to the encrypted file.

I think we could re-use code from the OTP login: extensions/net.sf.basedb.otp/tags/1.2/src/net/sf/basedb/otp/CryptUtil.java

Change History (1)

comment:1 Changed 22 months ago by Nicklas Nordborg

Resolution: fixed
Status: newclosed

In 5295:

Fixes #1109: INCA report files should be encrypted

Implemented an AES/CBC/PKCS5Padding encryption using the session ID, logged in user ID and report type for deriving a password and initializing the cipher. Once the user logs out it should not be possible to re-create the same cipher.

Note: See TracTickets for help on using tickets.