Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-10351

Make boot property encryption pluggable

    Details

      Description

      Security-sensitive customers don't want to see unencrypted passwords, including keystore passwords or HSM PINs, anywhere in config files.

      To address this, we currently offer the option to use property substitution, and encrypt or obfuscate these properties using CRYPT: or OBF:

      This approach has two major shortcomings:

      • it does not work for custom properties, e.g. credentials used further downstream in provisioner configs
      • the protection is too weak to withstand a serious security review.

      To address these, the encryption option should be made pluggable, so that custom crypto libraries can be used by the customer, for example to interface with a centralised crypto service provided as part of their infrastructure.

      The workaround we plan to employ at this client is to store encrypted credentials in a separate file under a separate user, and decrypt them using their service prior to starting IDM, then pass them into the IDM service user's context using environment variables. However, this means that there is another file and another external script to maintain, which makes this harder to manage.

      IDM should support pluggable encryption for arbitrary configuration properties.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                brmiller Brendan Miller
                Reporter:
                tim.vogt Tim Vogt
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: