+ Reply to Thread
Page 1 of 2 1 2 LastLast
Posts 1 to 10 of 18
  1. #1

    Super poster

    NorthWestPerm2Contr's Avatar
    Join Date
    Sep 2009
    Posts
    4,092
    Thanks (Given)
    16
    Thanks (Received)
    36
    Likes (Given)
    27
    Likes (Received)
    206

    Default Cloud storage for sensitive documents

    Standard modern cloud architecture:

    - AWS SQL Server engine
    - Azure API Service (C# ASP.NET Web API 2)
    - Angular front end application

    I'm trying to figure how to secure documents that are uploaded so that they can only be accessed via the API layer and not open to the public (or a one-time link which is produced by some cloud storage service that the API returns). Does anybody have any experience with such a scenario?

    These 2 seem like they may help:

    https://aws.amazon.com/cloudfront/

    https://azure.microsoft.com/en-gb/services/cdn/

    No idea if this is right and no experience with the security side of it.....

    Much appreciated for anybody that helps!
    "To Learn who rules over you, simply find out who you are not allowed to criticise"- Voltaire

  2. #2

    Richer than sasguru

    DimPrawn's Avatar
    Join Date
    Jul 2005
    Location
    Brexit Britain
    Posts
    32,503
    Thanks (Given)
    265
    Thanks (Received)
    693
    Likes (Given)
    4133
    Likes (Received)
    3478

    Default

    You don't exactly install confidence. I hope my details don't end up on your system somewhere....
    Patiently waiting for the much publicised and feared Brexit Doom.....

  3. #3
    eek
    eek is offline

    bored now

    eek's Avatar
    Join Date
    Jun 2010
    Location
    😂
    Posts
    21,430
    Thanks (Given)
    213
    Thanks (Received)
    1037
    Likes (Given)
    951
    Likes (Received)
    3165

    Default

    Quote Originally Posted by DimPrawn View Post
    You don't exactly install confidence. I hope my details don't end up on your system somewhere....
    Never have I seen a plan that shows how little the op knows.and given I get the totally idiot clients that saying something.
    merely at clientco for the entertainment

  4. #4

    Godlike


    Join Date
    Dec 2012
    Posts
    9,830
    Thanks (Given)
    668
    Thanks (Received)
    644
    Likes (Given)
    4532
    Likes (Received)
    2607

    Default

    Quote Originally Posted by eek View Post
    Never have I seen a plan that shows how little the op knows.and given I get the totally idiot clients that saying something.
    A total legend in his lifetime though....

    Oh, hang on.......

    He's not even capable of speccing his own PC

  5. #5

    My post count is Majestic

    northernladuk's Avatar
    Join Date
    Mar 2009
    Posts
    31,699
    Thanks (Given)
    124
    Thanks (Received)
    1090
    Likes (Given)
    1570
    Likes (Received)
    5307

    Default

    Quote Originally Posted by MrMarkyMark View Post
    A total legend in his lifetime though....

    Oh, hang on.......

    He's not even capable of speccing his own PC
    But he's an expert dev that's had his dream gig.....
    'CUK forum personality of 2011' - Winner - Yes really!!!!

  6. #6

    Contractor Among Contractors

    b0redom's Avatar
    Join Date
    Jun 2007
    Posts
    1,114
    Thanks (Given)
    0
    Thanks (Received)
    18
    Likes (Given)
    6
    Likes (Received)
    74

    Default

    You do realise that they are CDNs and completely unfit for what you're trying to achieve right?

    You should tell ClientCo to call an expert if they care about data security.
    And the lord said unto John; "come forth and receive eternal life." But John came fifth and won a toaster.

  7. #7

    Godlike


    Join Date
    Dec 2012
    Posts
    9,830
    Thanks (Given)
    668
    Thanks (Received)
    644
    Likes (Given)
    4532
    Likes (Received)
    2607

    Default

    Quote Originally Posted by b0redom View Post
    You do realise that they are CDNs and completely unfit for what you're trying to achieve right?

    You should tell ClientCo to call an expert if they care about data security.
    I believe he is the aforementioned "expert", or at least that's what his Client Co thinks

  8. #8

    My post count is Majestic

    d000hg's Avatar
    Join Date
    Dec 2007
    Location
    My house
    Posts
    31,276
    Thanks (Given)
    100
    Thanks (Received)
    361
    Likes (Given)
    156
    Likes (Received)
    1275

    Default

    Just rename the sensitive file to "shopping list.doc" and you'll be fine.
    Quote Originally Posted by MaryPoppins View Post
    I'd still not breastfeed a nazi
    Quote Originally Posted by vetran View Post
    Urine is quite nourishing

  9. #9

    Respect my authoritah!

    NotAllThere's Avatar
    Join Date
    Aug 2007
    Location
    Far away from HMRC
    Posts
    16,850
    Thanks (Given)
    182
    Thanks (Received)
    641
    Likes (Given)
    1089
    Likes (Received)
    2368

    Default

    Quote Originally Posted by MrMarkyMark View Post
    I believe he is the aforementioned "expert", or at least that's what his Client Co thinks
    A true contractor, in fact!
    You won. Get over it.

    --drunk on abuse of power--

  10. #10

    Super poster

    NorthWestPerm2Contr's Avatar
    Join Date
    Sep 2009
    Posts
    4,092
    Thanks (Given)
    16
    Thanks (Received)
    36
    Likes (Given)
    27
    Likes (Received)
    206

    Default

    Leave your rants for General you buffoons.

    I know what I'm doing, sorted out SSL with JWT token authentication and already been successfully implemented at other sites with Azure infrastructure. Documents are not government level sensitive but just need a solid level of security when uploading so that they can be accessed by a one time link or renamed after every use using some kind of token generation. Nothing complicated for me, perhaps for some people on this thread and elsewhere on the forum it may be a bit too much.....
    "To Learn who rules over you, simply find out who you are not allowed to criticise"- Voltaire

+ Reply to Thread
Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.