Reputation: 709
How to store security credentials in a database
I'm working on a CMDB like application, where I have to store our security credentials (servers usernames & passwords, ...).
I'm looking for the best way to store them securely with those constraints :
- Most users will NOT have access to all credentials (depending on user role)
- We don't want all passwords being encrypted with the same key (already tried : when a user leave the company, it's a pain to change the key...)
- Indeed, we don't want any private key to be hard written in app source, or even stored anywhere (in our previous version, private key was stored between our ears...)
- We need to realize passwords strength audits (ie. parse decrypted passwords from a script)
- There must not be any case where we can not access our credentials anymore (lost key, ...) => we don't want unauthorized persons to look at them but we don't want to loose them either => solution for this constraint could be regular export into a physical locker...
I'm not asking about application (https, ...) or database (no public access, ...) security concerns themselves but only about the storage side (could even NOT be in a database...? encrypted files or something...) : Is it possible to prevent someone, even having access to app code or database content (worst case scenario), to be able to read decrypted credentials ?
I'm aware that I'm asking for some magic solution, but I want to know it if it exists ;o)
Upvotes: 2
Views: 1154
Answers (1)
Reputation: 106579
The general case of what you're asking to do is not possible. All types of modern cryptography are mechanical advantage. That is, they use a small secret to guard a larger secret. If you can't keep the small secret safe, there is no safety. If you want the ability to give passwords on a password by password basis to someone, you are effectively giving them the secret -- the passwords -- that they would need to gain access to the items in question.
This very problem is why federated identity systems (Kerberos/Active Directory/etc.) systems exist -- to allow a central machine to authenticate users without exposing secrets to said users. But using a federated identity system requires cooperation between the system-to-be-logged-in-to and the identity service.
Upvotes: 2
Related Questions
- storing passwords in SQL Server
- Where to store db passwords when using Windows .NET or ASP.NET applications
- Where to store database credentials in a web app?
- Best place to store the password for connecting to database
- How do you store database credentials in typical CMS build on PHP?
- How to store passwords in database securely?
- how to store database password
- ASP.NET Sql Server 2008 How to store password in database
- How to securely store database credentials for Windows application?
- How to securely store database connection details