+ Reply to Thread
Page 1 of 2 1 2 LastLast
Posts 1 to 10 of 18
  1. #1

    Super poster

    NorthWestPerm2Contr's Avatar
    Join Date
    Sep 2009
    Posts
    4,008
    Thanks (Given)
    15
    Thanks (Received)
    31
    Likes (Given)
    26
    Likes (Received)
    189

    Default Cloud storage for sensitive documents

    Standard modern cloud architecture:

    - AWS SQL Server engine
    - Azure API Service (C# ASP.NET Web API 2)
    - Angular front end application

    I'm trying to figure how to secure documents that are uploaded so that they can only be accessed via the API layer and not open to the public (or a one-time link which is produced by some cloud storage service that the API returns). Does anybody have any experience with such a scenario?

    These 2 seem like they may help:

    https://aws.amazon.com/cloudfront/

    https://azure.microsoft.com/en-gb/services/cdn/

    No idea if this is right and no experience with the security side of it.....

    Much appreciated for anybody that helps!
    "To Learn who rules over you, simply find out who you are not allowed to criticise"- Voltaire

  2. #2

    Richer than sasguru

    DimPrawn's Avatar
    Join Date
    Jul 2005
    Location
    Brexit Britain
    Posts
    32,305
    Thanks (Given)
    263
    Thanks (Received)
    655
    Likes (Given)
    4077
    Likes (Received)
    3365

    Default

    You don't exactly install confidence. I hope my details don't end up on your system somewhere....
    Patiently waiting for the much publicised and feared Brexit Doom.....

  3. #3
    eek
    eek is online now

    bored now

    eek's Avatar
    Join Date
    Jun 2010
    Location
    😂
    Posts
    21,242
    Thanks (Given)
    208
    Thanks (Received)
    1000
    Likes (Given)
    925
    Likes (Received)
    3068

    Default

    Quote Originally Posted by DimPrawn View Post
    You don't exactly install confidence. I hope my details don't end up on your system somewhere....
    Never have I seen a plan that shows how little the op knows.and given I get the totally idiot clients that saying something.
    merely at clientco for the entertainment

  4. #4

    Godlike


    Join Date
    Dec 2012
    Posts
    9,249
    Thanks (Given)
    618
    Thanks (Received)
    565
    Likes (Given)
    4173
    Likes (Received)
    2393

    Default

    Quote Originally Posted by eek View Post
    Never have I seen a plan that shows how little the op knows.and given I get the totally idiot clients that saying something.
    A total legend in his lifetime though....

    Oh, hang on.......

    He's not even capable of speccing his own PC

  5. #5

    My post count is Majestic

    northernladuk's Avatar
    Join Date
    Mar 2009
    Posts
    31,418
    Thanks (Given)
    124
    Thanks (Received)
    1047
    Likes (Given)
    1552
    Likes (Received)
    5191

    Default

    Quote Originally Posted by MrMarkyMark View Post
    A total legend in his lifetime though....

    Oh, hang on.......

    He's not even capable of speccing his own PC
    But he's an expert dev that's had his dream gig.....
    'CUK forum personality of 2011' - Winner - Yes really!!!!

  6. #6

    Contractor Among Contractors

    b0redom's Avatar
    Join Date
    Jun 2007
    Posts
    1,110
    Thanks (Given)
    0
    Thanks (Received)
    18
    Likes (Given)
    6
    Likes (Received)
    72

    Default

    You do realise that they are CDNs and completely unfit for what you're trying to achieve right?

    You should tell ClientCo to call an expert if they care about data security.
    And the lord said unto John; "come forth and receive eternal life." But John came fifth and won a toaster.

  7. #7

    Godlike


    Join Date
    Dec 2012
    Posts
    9,249
    Thanks (Given)
    618
    Thanks (Received)
    565
    Likes (Given)
    4173
    Likes (Received)
    2393

    Default

    Quote Originally Posted by b0redom View Post
    You do realise that they are CDNs and completely unfit for what you're trying to achieve right?

    You should tell ClientCo to call an expert if they care about data security.
    I believe he is the aforementioned "expert", or at least that's what his Client Co thinks

  8. #8

    My post count is Majestic

    d000hg's Avatar
    Join Date
    Dec 2007
    Location
    My house
    Posts
    31,173
    Thanks (Given)
    99
    Thanks (Received)
    355
    Likes (Given)
    153
    Likes (Received)
    1249

    Default

    Just rename the sensitive file to "shopping list.doc" and you'll be fine.
    Quote Originally Posted by MaryPoppins View Post
    I'd still not breastfeed a nazi
    Quote Originally Posted by vetran View Post
    Urine is quite nourishing

  9. #9

    Respect my authoritah!

    NotAllThere's Avatar
    Join Date
    Aug 2007
    Location
    Far away from HMRC
    Posts
    16,610
    Thanks (Given)
    170
    Thanks (Received)
    597
    Likes (Given)
    1017
    Likes (Received)
    2236

    Default

    Quote Originally Posted by MrMarkyMark View Post
    I believe he is the aforementioned "expert", or at least that's what his Client Co thinks
    A true contractor, in fact!
    Fact check: Mostly false

    --drunk on abuse of power--

  10. #10

    Super poster

    NorthWestPerm2Contr's Avatar
    Join Date
    Sep 2009
    Posts
    4,008
    Thanks (Given)
    15
    Thanks (Received)
    31
    Likes (Given)
    26
    Likes (Received)
    189

    Default

    Leave your rants for General you buffoons.

    I know what I'm doing, sorted out SSL with JWT token authentication and already been successfully implemented at other sites with Azure infrastructure. Documents are not government level sensitive but just need a solid level of security when uploading so that they can be accessed by a one time link or renamed after every use using some kind of token generation. Nothing complicated for me, perhaps for some people on this thread and elsewhere on the forum it may be a bit too much.....
    "To Learn who rules over you, simply find out who you are not allowed to criticise"- Voltaire

+ Reply to Thread
Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.