encryption mysql hashicorp-vault: Updated Thu, 21 Jul 2022 00:40:04 GMT

Can application connect to database without exposing password to anyone?

I have a web application. The application needs to connect to the database to read/write information. The database can be accessed with username/password or certificate.

Is it possible, somehow, to encrypt all this communication so even the Application administrator/OS administrator cannot see database password in plaintext while the application still has access to it?

I guess you can encrypt secret data with solutions like hashicorp vault... But still, the application will need to have the decryption key/token to read encrypted secrets, and in this case, the application administrator can look at application runtime and read data in plaintext.

Solution

No. If the application has the password then so does anyone who has access to the application. You mention a memory dump but a simpler solution is to run a slightly modified version of the application which prints out its password in plain text, or sends it to an external API, etc... There is really no sure-fire way of stopping that.

Comments (3)

+0 – So even in case with HSM / KMS solution - still , data only is encrypted in HSM/KMS itself. Application will need this data to be decrypted, and from application perspective login information/password is always plain-text - correct? cc @voilier-mottais — Aug 12, 2019 at 23:47
+0 – @Evaldas don't get me wrong. HSM/KMS have some very important roles in securing an application and its data. However, if someone manages to gain root access to a machine which is running an application that has full access encrypted data protected with an HSM/KMS, then yes, the attacker has effectively gained access to everything. It may take some effort for them to figure out how to get the data out, but ultimately you can't stop a root user from asserting full control over any application on the machine. — Aug 13, 2019 at 12:23
+0 – Thanks @conor-mancone ! This is an answer I needed, that's it's not possible to hide password/secrets for connection to database from application which needs access to database itself! — Aug 13, 2019 at 18:17

External Links

External links referenced by this document:

https://www.vaultproject.io/

References

https://security.stackexchange.com/questions/214741