chibenwa opened a new pull request #342:
URL: https://github.com/apache/james-project/pull/342
Users might not wish to administrate themselves a S3 compatible blobStore
and might rely on a third arty to do so. As such, in order to avoid a third
party compromission to escalate to a data leak, a good practice is to encrypt
the data symmetrically, the secret key generation secrets being stored on the
application server.
Such a mechanism prevents data leak for a third party compromission, but do
not deend against an application server compromission (as the attacker would
then know the private key).
As part of his work on a Swift compatible blob store [1] , Jean Helou
contributed an AES encryption mechanism for that very blob store [2]. However,
changes in the blobStore design, dropping of the (non-reactive) JCloud driver,
rewrite on top of S3 API, as well as modularization of the blobStore
(extraction of the BlobStoreDAO, PassThough VS Deduplicating blobStore) [3]
lead to this work being dropped, for the sake of simplicity in an effort to
finish a long lasting refactoring.
Note that:
- Needs to encrypt blob payload had been requested on top of the Cassandra
blob store [4] in order to prevents (full) data leaks from a Cassandra DB
compromission.
- Some optimizations (prior [3]) of the object storage when using S3 were
incompatible with payload encryption [5]
By adoption design proposed in [3], reusing the job made by Jean in [2] we
can write a generic AESBlobStoreDAO that wraps any other BlobStoreDAO, adding a
security layer. Using the BlobStoreChooser, we then can re-enable this
capability on top of the Distributed James server.
This pull request contributes the first part of this work.
[1] https://issues.apache.org/jira/browse/JAMES-2525
[2] https://github.com/linagora/james-project/pull/1865 &
https://github.com/linagora/james-project/pull/1975 &
https://issues.apache.org/jira/browse/JAMES-2589
[3] https://issues.apache.org/jira/browse/JAMES-3028
[4] https://issues.apache.org/jira/browse/JAMES-3023
[5] https://issues.apache.org/jira/browse/JAMES-2692
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
