Monday, June 21, 2004

Encrypt Sensitive Configuration Data with Java

When hackers break into your network, make sure they can't find out your secrets. It's a little more work to encrypt sensitive data, but the Java Cryptography Extension (JCE) makes it straightforward.

When application developers are developing, parameters are often hard-coded in the source code. These hard-coded parameters are often pulled out of the source code and put into property files or configuration files. System and network security policies may force a developer to address security concerns over the data that is stored in external files. So, how do you make sure that your sensitive external parameters are safe?

One way to solve this problem is to encrypt the data before it is written to the external file, then read and decrypt the data before using it in your application. The Java Cryptography Extension (JCE) provides an API that will let you do this.

Symmetric or "single key" encryption is a good choice for solving this type of problem. Single key encryption uses the same key to encrypt and decrypt data. DES and DESede are two single key encryption schemes. I will show you how to solve this problem using either of these encryption schemes with the JCE.

Read the full article ( author : javid Jamae )

No comments: