I'm building a web application that handles sensitive PCI data (banking numbers, CC, SSNs, etc). Does anyone know of the best services out there to handle this data. I've looked into Rackspace and their PCI solution seems a little overkill for what I need as I mainly just need the database secured and there are really only a few pages that need to be compliant and won't receive a relatively large amount of traffic.
Note: A lot of the webpages don't require this data and receive higher load volume and I am planning on hosting these pages on the cloud.
I think you are looking for a tokenization service. A google search brings up plenty of alternatives.
Related
I am a co-founder of a startup company. We are not doing things of computer science or programming. We're making our own product. As a result, My partner and I use some cloud platform service, for instance, Google Drive, Slack, Facebook Messenger, and Google Hangout, to support us. We use them to share files of our development. The problem is that my partner is not a person who studies computer science or has enough background of information security. So he always hesitating to use those services to share important files. For example, with Slack, we can share code snippet in our team channels, but he think we should encrypt our code file to avoid any information leakage. I think encryption will lose the convenience feature to use such service. How do I convince my partner that he doesn't need to worry about the safety issue to share code or file on cloud platform services?
This is a very open-ended question, primarily because we don't know your partner.
Essentially, irrespective of how safe your platform is, it's only as safe as the hosts machine is—gain access to that and all the files are still compromised anyway.
Most of the day-to-day work can be done through the platforms mentioned however extremely sensitive files (e.g. server keys) should be passed physically through a data storage device (e.g. pendrive).
If you are geographical apart, you can transfer sensitive documents using PGP instead. For messenging you could use something such as Telegram or Signal.
I am looking for simple analogies to explain windows azure, app fabric, etc to students or layman person. Please let me know if you have any suggestions.
Thanks
N
Well, first I would try and talk about how we used to build and maintain things. Buying our own hardware, building it, programming it, and connecting it to the internet. That's the old way. Then, I would pivot into what cloud service providers are. In a nutshell, they are just somebody else's servers. Usually Amazons, Microsoft's or Googles servers. AWS/Azure/GCP.
Here is a quick youtube video explaining it in layman's terms.
https://www.youtube.com/watch?v=1ERdeg8Sfv4
Cloud service providers offer web portal, a website, where folks can click and build services like storage, backup, DNS, database, more websites, load balancing, and - maybe the most popular - virtual machine hosting.
What makes CSPs so successful is economies of scale. CSPs will build huge data centers and engineer them to provide the kind of services that most businesses need. COntrast that to if every business were to build their own from scratch. There are however lots of challenges to these CSPs, like needing a lot more spare capacity and having to build something that fits everyone as opposed to something that fits a particular user. So, for a small business, whether they save money depends on their use case. You might save more building from scratch, but then you'd have to train and pay folks to maintain your own servers.
One of the most revolutionary benefits that cloud service providers brought into the market is that purchasing additional capacity is much easier and faster. You might have taken weeks to buy hardware and install it at your location. Or if you are renting though traditional suppliers you might take a few hours to let them manually reconfigure things. However they now make everything automatic so you can get a new server within seconds. This have allowed businesses to build their applications to allow them to scale on demand. This means that they pay different amount of money for the services depending on how much they use. This have the ability to reduce costs but it again require more time to develop and maintain the more complex applications.
While the are many social networks in the wild, most rely on data stored on a central site owned by a third party.
I'd like to build a solution, where data remains local on member's systems. Think of the project as an address book, which automagically updates contact's data as soon a a contact changes its coordinates. This base idea might get extended later on...
Updates will be transferred using public/private key cryptography using a central host. The sole role of the host is to be a store and forward intermediate. Private keys remain private on each member's system.
If two client are both online and a p2p connection could be established, the clients could transfer data telegrams without the central host.
Thus, sender and receiver will be the only parties which are able create authentic messages.
Questions:
Do exist certain protocols which I should adopt?
Are there any security concerns I should keep in mind?
Do exist certain services which should be integrated or used somehow?
More technically:
Use e.g. Amazon or Google provided services?
Or better use a raw web-server? If yes: Why?
Which algorithm and key length should be used?
UPDATE-1
I googled my own question title and found this academic project developed 2008/09: http://www.lifesocial.org/.
The solution you are describing sounds remarkably like email, with encrypted messages as the payload, and an application rather than a human being creating the messages.
It doesn't really sound like "p2p" - in most P2P protocols, the only requirement for central servers is discovery - you're using store & forward.
As a quick proof of concept, I'd set up an email server, and build an application that sends emails to addresses registered on that server, encrypted using PGP - the tooling and libraries are available, so you should be able to get that up and running in days, rather than weeks. In my experience, building a throw-away PoC for this kind of question is a great way of sifting out the nugget of my idea.
The second issue is that the nature of a social network is that it's a network. Your design may require you to store more than the data of the two direct contacts - you may also have to store their friends, or at least the public interactions those friends have had.
This may not be part of your plan, but if it is, you need to think it through early on - you may end up having to transmit the entire social graph to each participant for local storage, which creates a scalability problem....
The paper about Safebook might be interesting for you.
Also you could take a look at other distributed OSN and see what they are doing.
None of the federated networks mentioned on http://en.wikipedia.org/wiki/Distributed_social_network is actually distributed. What Stefan intends to do is indeed new and was only explored by some proprietary folks.
I've been thinking about the same concept for the last two years. I've finally decided to give it a try using Python.
I've spent the better part of last night and this morning writing a sockets communication script & server. I also plan to remove the central server from the equation as it's just plain cumbersome and there's no point to it when all the members could keep copies of their friend's keys.
Each profile could be accessed via a hashed string of someone's public key. My social network relies on nodes and pods. Pods are computers which have their ports open to the network. They help with relaying traffic as most firewalls block incoming socket requests. Nodes store information and share it with other nodes. Each node will get a directory of active pods which may be used to relay their traffic.
The PeerSoN project looks like something you might be interested in: http://www.peerson.net/index.shtml
They have done a lot of research and the papers are available on their site.
Some thoughts about it:
protocols to use: you could think exactly on P2P programs and their design
security concerns: privacy. Take a great care to not open doors: a whole system can get compromised 'cause you have opened some door.
services: you could integrate with the regular social networks through their APIs
People will have to install a program in their computers and remeber to open it everytime, like any P2P client. Leaving everything on a web-server has a smaller footprint / necessity of user action.
Somehow you'll need a centralized server to manage the searches. You can't just broadcast the internet to find friends. Or you'll have to rely uppon email requests to add somenone, and to do that you'll need to know the email in advance.
The fewer friends /contacts use your program, the fewer ones will want to use it, since it won't have contact information available.
I see that your server will be a store and forward, so the update problem is solved.
I am facing some questions when trying to design an S3 application using ASP.NET MVC and trying to stay HIPAA compliant.
My initial plan was to require an SSL connection to my web server, encrypt the images on my server, then send them to s3 using my private keys.
Here's my obvious concerns:
You cannot store unencrypted images in any temporary file cache when client views images within the browser.
Even if I setup an ashx to generically handle the image in memory, couldn't this get stored in cache?
Saying the images will be encrypted because you will be connecting to my server via https still does not guarantee all browsers will not cache data.
It's not possible to even consider the "Query String" with expiration option since data will be encrypted before being stored on disk at s3, and will again be decrypted at my server in memory.
I think my only option would be to write/purchase some sort of ActiveX component that will not expose the image as a simple html image source or write my app as a client side WinForm application.
On the face of it, it seems unlikely that cloud computing could be HIPAA compliant. Surely it is impossible to satisfy the Security Rule when the instance is hosted on someone else's hardware, tended by someone else's sysadmins?
However, Amazon have published a whitepaper on this very topic: Creating HIPAA-compliant Medical Data Applications with AWS. It is well-worth reading, and seems to address the main concerns. It does end with a disclaimer:
"This white paper is not intended to
constitute legal advice. You are
advised to seek the advice of counsel
regarding compliance with HIPAA and
other laws that may be applicable to
you and your business."
Naturally the same applies to any advice you get from some random bloke off Das Interwebs.
Contrary to some of the other answers, cloud computing and cloud data storage can in fact be HIPAA compliant (note that they were written in 2010, when this was a much tougher call).
There are two main things you should consider for this:
you must get the cloud provider to sign a HIPAA Business Associate Agreement (BAA)
you must adhere closely to the Security Rule in the development of your system (encryption, audit trails, etc.)
Here are some cloud providers that will sign BAA's:
Amazon Web Services
Rackspace
Windows Azure (as of July 2012)
(Up until recently, Amazon wasn't willing to sign a BAA, so even though they had a whitepaper on compliance, following their guidelines just didn't cut it - all that has changed, though).
For image storage, AWS has S3 and Azure has blob storage.
As far as your concerns about serving the images in the browser, I'm actually not sure how strict you have to be, but it seems like you could embed your images within:
a Java Virtual Machine (JVM)
Flash
Flex
HTML5
It looks like PracticeFusion started off using Flex & Flash and is in the process of gradually transitioning to HTML5.
The HIPAA and the credit card PCI compliance are basically impossible to implement, or trivial - it all depends on what consultant you hire to tell you what the meaning of a 'closed' network is - is that mathematically closed (which I would argue is the highest form), or is that closed as in behind a wall and not connected to the outside world, but trivially easy to eavesdrop with some basic equipment on the sidewalk outside?
When you get done with consultants, the fact that much computer equipment is leased, the fact that computers have usb ports and their users camera phones, how could storing encrypted data anywhere be a problem? If you store encrypted data on S3, then S3 is not storing ANYTHING other than random bits of garbage. Some key owned by you + the garbage = data and that only happens in your system.
I have seen 'HIPAA compliant' software that runs with no encryption on a PC with XP on it. Considering how many laptops are owned by botnets and keystroke loggers, the whole thing is an basically an exercise in deniability.
The HIPAA rules explicitly state that data does not have to be encrypted when its sitting on your users computer:
"Information systems housing PHI must be protected from intrusion. When information flows over open networks, some form of encryption must be utilized. If closed systems/networks are utilized, existing access controls are considered sufficient and encryption is optional."
A couple comments. Images served via https are not always stored in the browser cache. Even so, you can control this using headers.
When you upload an image you can stream it into memory and directly into a database using your favorite encryption technique. When the user requests a page with a url to an encrypted image, you simply call your controller, grab the encrypted data from the database, decrypt it in memory and return the image.
[AcceptVerbs(HttpVerbs.Get)]
public ActionResult ShowImage(string id)
{
ImageEntity image = Repository.For<ImageEntity>().Where(a => a.AssetIdd == id).First();
var decryptedImage = Decrypt(image);
ImageResult result = new ImageResult(decryptedImage.ImageData, decryptedImage.ContentType);
return result;
}
You use it like this:
<img src="/Assets/ShowImage/<%=Model.Id%>" alt="" />
No. HIPAA compliance is impossible due to the conflict between the network encryption requirement and the network monitoring requirement.
I'd like to start a free budget/personal finance site and will need plenty of horsepower and storage. I'm definitely a nubee, so how does one get started in terms of hardware infrastructure? Do I need to get a dedicated IP from my ISP and obtain my own servers? Do I go with amazon or Sql Server Data Services/Azure or something like that? Is the latter services free or a discount offering available to non-profit/free services such as the budget/personal finance site I'm looking to start?
If you don't mind writing your web application in python, then I's suggest using Google App Engine. See: What Is Google App Engine?
What I like to do when I have new ideas for a site is to find an inexpensive hosting solution ($10 per month). This allows me to test the idea and see if the site is going to be successful. If it is a flop, I haven't wasted much money and if it is successful I can upgrade to better hosting (dedicated server).
There are many hosting options available and several of them have great tools such as an online SQL Server management studio. Your other option would be to host it yourself if you are prepared to deal with firewall issues, backups, storage, etc.
Whether it is feasible to DIY varies a lot by country...if you have a decent broadband connection with a fixed IP this can be the cheapest route to play around with first, especially if you need an awful lot of storage.
Note however that many fast broadband connections are only fast for downloads - when you're running a server, the speed your users will see is the upload speed, which is usually a lot less. Also, you'll need to do your own admin and backup etc.
Apart from this most hosting options have a price tag on top, varying from virtual hosts (sharing a real machine), to colocation (your machine in somebody's data center), to cloud services like amazon et al (which have a good scaling ability)- and you will need to shop around for the software stack and hardware features you really need.
There's really two ways to answer this question, what differentiates them is budget.
One is to properly design this solution, prototype it, benchmark the prototype, extrapolate anticipated user load, add overhead and scale accordingly. This takes time, costs but gives you a supportable solution that serves your customers well.
The other is to just give something, anything a go and fix the problems as they come along. This is quicker and cheaper but might be a headache for a while and might p*** off your customers.
Basically it comes down to budget.
Best of luck.