Browse Prior Art Database

System and method for securely storing and retrieving data in configuration files

IP.com Disclosure Number: IPCOM000200318D
Publication Date: 2010-Oct-05
Document File: 10 page(s) / 96K

Publishing Venue

The IP.com Prior Art Database

Abstract

This disclosure describes a method for securely storing and retrieving sensitive information such as a password in a configuration file. The disclosure uses a data access service that encrypts and decrypts sensitive data using a key that is more secure than simply storing a key in a file.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 10

System and method for securely storing and retrieving data in configuration files

The problem is that sensitive configuration information, such as passwords, are often stored in configuration files, and storing them in plain text is a security exposure.

The first and most obvious solution is to configure filesystem security to prevent unauthorized access to sensitive information in configuration files. The problem with this is that in practice filesystem security is often not sufficiently maintained - examples include permissions granted to large numbers of users for "ease of use", or file permissions not being initially set to be secure.

Various techniques are described for manually encrypting data and manually storing it in configuration files. The problem is that each place that sensitive configuration data is retrieved or stored there must also be custom code to decrypt or encrypt the data.

The following solutions all refer to a service (such as an API in an application server) that retrieves and stores configuration data, referred to as the data access service.

One known solution is to have the data service encode sensitive data with a simple algorithm to prevent the data from being seen in plain text. When the data access service retrieves a sensitive field, it decodes it and returns the decoded value. When the sensitive field is stored, it encodes it and stores the encoded value. WebSphere* Application Server utilizes this method for passwords in its configuration files today. The problem with this method is that the encoding algorithm is not secure and the encoded data can be easily decoded.

Another technique is to have the data access service encrypt sensitive data in configuration files with a symmetric key (password) that is stored in a file that the data access service has access to. The data access service reads this symmetric key from the file and uses it to encrypt and decrypt sensitive data as it is stored and retrieved. The problem with this approach is that the key is stored in a file and is vulnerable if file system security is not adequately maintained.

This invention is a data access service that encrypts and decrypts sensitive data using a key that is more secure than simply storing a key in a file.

The advantage of this invention is that sensitive information is stored more securely, reducing the risk of security breaches.

There are three variations of this disclosure:
- A symmetric key that is passed in manually when the data access service is started.
- An asymmetric public/private key pair in a certificate in a keyring that is protected by the operating system and is accessible to the data access service. This solution employs the strongest cryptographic technique.
- A dynamically constructed symmetric key created by hashing known stable values in the environment. This solution is the easies...