开发者

Spring MVC and Encryption at Rest

开发者 https://www.devze.com 2023-04-08 03:31 出处:网络
Sorry for the newbie question, I\'m trying to use the Spring MVC framework to upload files. I am trying to maintain encryption at rest, however the MultipartFile sta开发者_如何学编程tes that the up

Sorry for the newbie question,

I'm trying to use the Spring MVC framework to upload files.

I am trying to maintain encryption at rest, however the MultipartFile sta开发者_如何学编程tes that the uploaded file may be stored on disk during the upload(1). I do not encrypt the file until after the upload.

Does this break encryption at rest? Does "at rest" include information temporarily stored on disk during the course of the program?

Thanks in advance for any responses!

1: states that "The file contents are either stored in memory or temporarily on disk."


As long as the file is being stored in a temp location where it will not persist longer than the transaction, then I would say it doesn't break the at rest paradigm. If someone is watching a temp directory for fleeting files (whether a rogue admin or an outsider who has rooted your box), then you have bigger issues to deal with.

If the file persists in that temp location, then yes, the at rest paradigm is not being followed.

0

精彩评论

暂无评论...
验证码 换一张
取 消