RE: secure storage of sensitive data in J2EE

[Michael Silk <michaelsilk () gmail com>]

Michael,

What is some example implementations of the usage of SecureString?

To store a CC coming from a submission? Surely it could be tracked as
it's coming in (browser -> server -> [ here ! ] -> your code), in that
case.

To store a password? Where does the password initially come from? and
where does it get used? do other API's take a SecureString and _never_
realise it into a common string form?

It seems the weak link in the chain would break this one, ... or am I
missing something :) ?

Further, on what basis is it encrypted? Under the user that is running
the code? As such, wouldn't any other (malicious) .net code be running
under the same privileges and hence be able to decrypt it?

-- Michael Silk


> -----Original Message-----
> From: Michael Howard [mailto:mikehow () microsoft com] 
> Sent: Thursday, 10 February 2005 10:15 AM
> To: Benjamin Livshits; chaim moshe; webappsec () securityfocus com
> Subject: RE: secure storage of sensitive data in J2EE
>
> I know this is not J2EE, but in .NET Framework, we added a 
> SecureString class that:
>
> 1) is automatically encrypted in memory (to mitigate the 
> paged-out-data
> threat)
> 2) is cleared when the string is no longer used
> 3) is GC'd rapidly