Uploaded image for project: 'James Server'
  1. James Server
  2. JAMES-3524

Re-enable AES encryption for the BlobStore

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.6.0
    • 3.6.0
    • Blob

    Description

      Users might not wish to administrate themselves a S3 compatible blobStore and might rely on a third arty to do so. As such, in order to avoid a third party compromission to escalate to a data leak, a good practice is to encrypt the data symmetrically, the secret key generation secrets being stored on the appkication server.

      Such a mechanism prevents data leak for a third party compromission, but do not deend against an application server compromission (as the attacker would then know the private key).

      As part of his work on a Swift compatible blob store [1] , Jean Helou contributed an AES encryption mechanism for that very blob store [2]. However, changes in the blobStore design, dropping of the (non-reactive) JCloud driver, rewrite on top of S3 API, as well as modularization of the blobStore (extraction of the BlobStoreDAO, PassThough VS Deduplicating blobStore) [3] lead to this work being dropped, for the sake of simplicity in an effort to finish a long lasting refactoring.

      Note that:

      • Needs to encrypt blob payload had been requested on top of the Cassandra blob store [4] in order to prevents (full) data leaks from a Cassandra DB compromission.
      • Some optimizations (prior [3]) of the object storage when using S3 were incompatible with payload encryption [5]

      By adoption design proposed in [3], reusing the job made by Jean in [2] we can write a generic AESBlobStoreDAO that wraps any other BlobStoreDAO, adding a security layer. Using the BlobStoreChooser, we then can re-enable this capability on top of the Distributed James server.

      [1] https://issues.apache.org/jira/browse/JAMES-2525
      [2] https://github.com/linagora/james-project/pull/1865 & https://github.com/linagora/james-project/pull/1975 & https://issues.apache.org/jira/browse/JAMES-2589
      [3] https://issues.apache.org/jira/browse/JAMES-3028
      [4] https://issues.apache.org/jira/browse/JAMES-3023
      [5] https://issues.apache.org/jira/browse/JAMES-2692

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              btellier Benoit Tellier
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 4.5h
                  4.5h