-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Securing data in Polly cache #635
Comments
Oh, the method could be SecureCache to differentiate it and avoid more overloads of the same method |
@phatcher . I am thinking that this could be achieved with no changes to existing Polly. Encryption and decryption is just a form of data manipulation on the way in and out of cache, similar to serialization. An implementation of
I haven't tested this - it's a sketch for you potentially to build on, to get you a quicker reply. Do you think something like this works? EDIT: The page linked to describes how to use such an |
@reisenberger Yes, something like that, the encryption is just a decorator around the cache serialization. How you get to the correct IDataProtectionProvider is a setup issue anyway, so its fine. I'm not sure how long an IDataProtector is supposed to live for, so I might change it to something like this..
I'll have a play and if it works nicely, I'll update the documentation pages - might take me a few days |
@phatcher How did this work out? Anything more we should add, before closing this? I updated the Polly wiki to highlight the possibility of using ICacheItemSerializer` for data encryption. |
Didn't make it to the top of my development queue yet, I think the doc update is good enough for now as I have an internal tracking issue |
Np. |
Summary: What are you wanting to achieve?
When data is stored in a cache, you can retrieve it if you have access and an appropriate key, but depending on the nature of the data it might be important to encrypt it in some manner.
ASP.NET Core introduces interfaces to help with this
IDataProtectionProvider/IDataProtector
. This allows you to encrypt/decrypt the data stored in the cache in a secure manner for the app/purpose.Here's an example usage where access tokens are cached encrypted
What code or approach do you have so far?
Here's a rough mock up of what I think it should be...
Alternatively we could inject the provider and purpose
Thoughts/comments?
The text was updated successfully, but these errors were encountered: