php - how to protect a site-wide secret key -
imagine pretty standard website, user authenticating email/password pair. passwords, ha shashing random salt, rest of data kept unencrypted.
we step forward , encrypt sensitive data
passwordkey, key, obviously, shall known application able decript data operation.we don't want have in source code, it's kept in file , read app when needs it.
we've secured file user executes app can read it
(this point has appeared after discussions below) have considered buying hardware hsm , found not possible (for instance running server on virtual machine)
this way relatively protected complete db stealing, right? however, key might become known if gets access os user read rights.
the question is: best practices keeping such key secure?
buy hardware security module , keep key in it. key not able read.
yubi makes reasonably priced hsm. $500 if recall correctly.
while we're here, db server should on different box in different network zone web server.
Comments
Post a Comment