开发者

Multi-Application Server Environment and Memcached Security

开发者 https://www.devze.com 2022-12-21 16:40 出处:网络
We are looking to integrate Memcached into our infrastructure, but have 开发者_如何学JAVAa security concern before we do. We run several platforms including ASP.NET and ColdFusion and have many app de

We are looking to integrate Memcached into our infrastructure, but have 开发者_如何学JAVAa security concern before we do. We run several platforms including ASP.NET and ColdFusion and have many app developers working many little applications across the different platforms. The concern is this:

App A places item "dog" into cache.

App B reads item "dog" (or worse: App B updates item "dog")

After this happens, App A either retrieves bad information, or has already had its information viewed, aka "stolen". What we would like to do is make it so that each app can only interact with its own sandbox, and may not interfere with or read other application's data.

Is this possible? Thanks.


Create multiple memcached instances on your infrastructure and give each instance a different port. In this way you isolate yourself -- however this is not the way you want to do things, you will have to split your available memory resources.


You should be able to use "convention" to your advantage -- i.e.,e use Anon's suggestion.

My advice is: anything that needs to be protected should not be in a memcached instance. Use this with anon's advice and your doing what is considered best practise.


memcached is very explictly leaving out security from its deployment (no access control lists, no cache content tampering protection, no traffic privacy etc), all in the name of performance. Access control (SASL) can optionally be compiled into memcached, but most times is left out.

If you need tampering proof of content, or privacy of items in cache you have to implement it in the app (ie. sign or encrypt the cached content before uploading it), but you'll pay the cost of signing/veryfing the signature and/or encrypting/decrypting with each cache access, and you also have a fairly complicated problem of provisioning the keys needed to do these operations.


The last few versions we've shipped with SASL auth to prevent unauthorized access in untrusted environments.

In development trees, we have pluggable storage engine support allowing you to do fun things like isolate caches between apps. e.g., I have a deployed instance with many users who can't see each other's data. User1 can cache dog and User2 can cache dog and they do not interfere.

0

精彩评论

暂无评论...
验证码 换一张
取 消