Stack Overflow
Stack Overflow

Questions tagged [confidentiality]

23 questions
13
votes
2 answers

Does TLS ensure message integrity and confidentiality of data transmission in a RESTful Java enterprise

I want to apply web service security according to OWASP Web Service Security. Thereby I stumbled over the two points: Message Integrity Message Confidentiality So far there is just a RESTful service which can be directly accessed by a client. For…
My-Name-Is
  • 4,814
  • 10
  • 44
  • 84
7
votes
3 answers

OCSP over SSL/TLS

As far as I know, OCSP only provides explicit means for requests and responses to be signed ([RFC2560, page 7] for requests, and [RFC2560, page 8] for responses), but it does not make any mention about encryption. Is it typical (or even possible,…
Ginswich
  • 264
  • 3
  • 13
3
votes
2 answers

Cookies policies for big companies

Big companies tend to have stricter cookie policies and tend to stay longer on old technologies (E.g. old IE versions) What are the best practices for cookies in regards to big companies? For instance, do we still need to have a P3P policy? Are…
dyesdyes
  • 1,147
  • 3
  • 24
  • 39
3
votes
1 answer

CDNs and personally identifiable information in the referer header

I have an application that uses CDNs for jQuery and other libraries. Some pages have URLs that contain slugs with possibly personally identifiable information, for example the URL: https://mycompany.com/myapp/people/123/kilgore-trout contains a…
Jamie Ide
  • 48,427
  • 16
  • 81
  • 117
2
votes
2 answers

AES encryption and the need for Integrity

I did some research on the topic but could not find anything similar to my question. So I hope some of you great guys may help me out. I want to use AES128 encryption (CFB-Mode) for the networking in my application between two individual clients.…
Fenriswolf
  • 45
  • 1
  • 4
2
votes
0 answers

Is there an R function/package to transform time series data for confidentiality reasons?

I wish to share a dataset (largely time-series data) with a group of data scientists to explore the statistical relationships within the data (e.g. between variables). However, for confidentiality reasons, I am unable to share the original dataset…
rob99985
  • 157
  • 9
1
vote
1 answer

Do RStudio projects store any temporary data?

I am using an RStudio project to work with confidential data (i.e. a project associated with a working directory, not-version-control). I want to share my script confidential_script.R and project confidential_project.Rproj with a collaborator…
InspectorSands
  • 2,859
  • 1
  • 18
  • 33
1
vote
1 answer

How can I protect Java/Javafx code from being seen by final user?

I have been working on a project alone for more than two years for a company. The project is a really big one using rxtx to communicate with a hardware device. I used Java 8 and JAVAFX for the UI. Now it is almost finished and I am starting to…
Normal design
  • 148
  • 5
1
vote
1 answer

Encrypting secret data in kubernetes etcd store

By default all the data stored in etcd is not encrypted, for the production deployments, some of the data stored in etcd need to be encrypted such as secrets, Is there a way to store the secrets, in an encrypted way, in etcd, by default.
Ijaz Ahmad
  • 11,198
  • 9
  • 53
  • 73
1
vote
0 answers

Docker: Secrets required in configuration files

Often, applications require some sort of credentials in their configuration files. Most applications do not support reading those credentials from another file except from the configuration file itself. Providing this configuration in a secure…
thertweck
  • 1,120
  • 8
  • 24
1
vote
1 answer

Credential Security Android App

I build an Android Application, that needs some password and some Identiy information, for tests I just put them in String variables, Now I am looking for a way to Encrypt them, Any ideas ( Without Hash code ). Thanks for your responses.
medlamine Semassel
  • 115
  • 1
  • 1
  • 4
1
vote
1 answer

JMS / MQ confidentiality between clients

I'm designing a system where one server must send messages to lots of independent clients. The clients doesn't know about each other and should not be able to consume, peek or in any other way acquire knowledge about each others messages. I…
Christian von Wendt-Jensen
  • 695
  • 9
  • 19
1
vote
4 answers

Secure Way of storing Passwords to APIs without OpenID?

I asked a similar question here a while back but all the answers were offering OpenID which is nice but it doesn't work with services that require authentication that don't use it (such as EventBrite). Say I want to create an app that lists your…
Lance
  • 75,200
  • 93
  • 289
  • 503
1
vote
1 answer

Cryptographic Keys exchange between client and server

I have seen many examples on verifying client or server certificates using Security framework APIs but this will solve only problem of Identification of security features but what about Confidentiality of data? How do I exchange private and public…
Paresh Masani
  • 7,474
  • 12
  • 73
  • 139
0
votes
1 answer

Handling confidentiality in application

I have an asp.net mvc3 application where each logged users may have access to some specific data. For exemple, "user A" have acces to "Client 1" but not "Client 2", while "user B" have access to "Client 2" but not "Client 1". If user a acces to…
Johnny5
  • 6,664
  • 3
  • 45
  • 78
1
2