+ Reply to Thread
Page 1 of 2 1 2 LastLast
Posts 1 to 10 of 18
  1. #1

    Super poster

    NorthWestPerm2Contr's Avatar
    Join Date
    Sep 2009
    Posts
    3,950
    Thanks (Given)
    15
    Thanks (Received)
    28
    Likes (Given)
    26
    Likes (Received)
    174

    Default Cloud storage for sensitive documents

    Standard modern cloud architecture:

    - AWS SQL Server engine
    - Azure API Service (C# ASP.NET Web API 2)
    - Angular front end application

    I'm trying to figure how to secure documents that are uploaded so that they can only be accessed via the API layer and not open to the public (or a one-time link which is produced by some cloud storage service that the API returns). Does anybody have any experience with such a scenario?

    These 2 seem like they may help:

    https://aws.amazon.com/cloudfront/

    https://azure.microsoft.com/en-gb/services/cdn/

    No idea if this is right and no experience with the security side of it.....

    Much appreciated for anybody that helps!
    "To Learn who rules over you, simply find out who you are not allowed to criticise"- Voltaire

  2. #2

    Richer than sasguru

    DimPrawn's Avatar
    Join Date
    Jul 2005
    Location
    Brexit Britain
    Posts
    32,135
    Thanks (Given)
    257
    Thanks (Received)
    632
    Likes (Given)
    4003
    Likes (Received)
    3250

    Default

    You don't exactly install confidence. I hope my details don't end up on your system somewhere....
    Patiently waiting for the much publicised and feared Brexit Doom.....

  3. #3
    eek
    eek is online now

    bored now

    eek's Avatar
    Join Date
    Jun 2010
    Location
    😂
    Posts
    21,183
    Thanks (Given)
    207
    Thanks (Received)
    991
    Likes (Given)
    912
    Likes (Received)
    3052

    Default

    Quote Originally Posted by DimPrawn View Post
    You don't exactly install confidence. I hope my details don't end up on your system somewhere....
    Never have I seen a plan that shows how little the op knows.and given I get the totally idiot clients that saying something.
    merely at clientco for the entertainment

  4. #4

    Godlike


    Join Date
    Dec 2012
    Posts
    8,743
    Thanks (Given)
    577
    Thanks (Received)
    492
    Likes (Given)
    3853
    Likes (Received)
    2227

    Default

    Quote Originally Posted by eek View Post
    Never have I seen a plan that shows how little the op knows.and given I get the totally idiot clients that saying something.
    A total legend in his lifetime though....

    Oh, hang on.......

    He's not even capable of speccing his own PC

  5. #5

    My post count is Majestic

    northernladuk's Avatar
    Join Date
    Mar 2009
    Posts
    30,857
    Thanks (Given)
    119
    Thanks (Received)
    982
    Likes (Given)
    1510
    Likes (Received)
    5005

    Default

    Quote Originally Posted by MrMarkyMark View Post
    A total legend in his lifetime though....

    Oh, hang on.......

    He's not even capable of speccing his own PC
    But he's an expert dev that's had his dream gig.....
    'CUK forum personality of 2011' - Winner - Yes really!!!!

  6. #6

    Contractor Among Contractors

    b0redom's Avatar
    Join Date
    Jun 2007
    Posts
    1,095
    Thanks (Given)
    0
    Thanks (Received)
    15
    Likes (Given)
    6
    Likes (Received)
    64

    Default

    You do realise that they are CDNs and completely unfit for what you're trying to achieve right?

    You should tell ClientCo to call an expert if they care about data security.
    And the lord said unto John; "come forth and receive eternal life." But John came fifth and won a toaster.

  7. #7

    Godlike


    Join Date
    Dec 2012
    Posts
    8,743
    Thanks (Given)
    577
    Thanks (Received)
    492
    Likes (Given)
    3853
    Likes (Received)
    2227

    Default

    Quote Originally Posted by b0redom View Post
    You do realise that they are CDNs and completely unfit for what you're trying to achieve right?

    You should tell ClientCo to call an expert if they care about data security.
    I believe he is the aforementioned "expert", or at least that's what his Client Co thinks

  8. #8

    My post count is Majestic

    d000hg's Avatar
    Join Date
    Dec 2007
    Location
    My house
    Posts
    30,943
    Thanks (Given)
    96
    Thanks (Received)
    342
    Likes (Given)
    141
    Likes (Received)
    1217

    Default

    Just rename the sensitive file to "shopping list.doc" and you'll be fine.
    Quote Originally Posted by MaryPoppins View Post
    I'd still not breastfeed a nazi
    Quote Originally Posted by vetran View Post
    Urine is quite nourishing

  9. #9

    Respect my authoritah!

    NotAllThere's Avatar
    Join Date
    Aug 2007
    Location
    Far away from HMRC
    Posts
    16,316
    Thanks (Given)
    169
    Thanks (Received)
    556
    Likes (Given)
    946
    Likes (Received)
    2100

    Default

    Quote Originally Posted by MrMarkyMark View Post
    I believe he is the aforementioned "expert", or at least that's what his Client Co thinks
    A true contractor, in fact!
    Fact check: Mostly false

    --drunk on abuse of power--

  10. #10

    Super poster

    NorthWestPerm2Contr's Avatar
    Join Date
    Sep 2009
    Posts
    3,950
    Thanks (Given)
    15
    Thanks (Received)
    28
    Likes (Given)
    26
    Likes (Received)
    174

    Default

    Leave your rants for General you buffoons.

    I know what I'm doing, sorted out SSL with JWT token authentication and already been successfully implemented at other sites with Azure infrastructure. Documents are not government level sensitive but just need a solid level of security when uploading so that they can be accessed by a one time link or renamed after every use using some kind of token generation. Nothing complicated for me, perhaps for some people on this thread and elsewhere on the forum it may be a bit too much.....
    "To Learn who rules over you, simply find out who you are not allowed to criticise"- Voltaire

+ Reply to Thread
Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.