英文:
Protect Data in MongoDB using Java Spring
问题
此刻,我有一个使用Spring(Java 11)构建的应用程序,我正在尝试找出一种更好的方法来加密存储在MongoDB中的数据。
目前,我有一个加密用户密码的方法:
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
user.setPassword(passwordEncoder.encode(password));
虽然它运行良好,但由于我对数据泄漏感到担忧,我将对用户的所有个人数据进行加密,如姓名、地址和电子邮件...
我想要提出的主要问题是:有没有更有效的方法?还是最好的方法是使用上述相同的代码来实现?
附注:我没有问题添加来自Spring的新模块,比如Security或Cloud。
英文:
At this moment I've an application built in Spring (Java 11) and I'm trying to figure out a better way to cypher the data that is stored in MongoDB.
Currently I've a method to cypher the user's password:
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
user.setPassword(passwordEncoder.encode(password));
It works fine, but since I'm getting worried about data leaks I'll encode the whole user's personal data
like name, address and email...
The main question I want to ask is: There's a better way to make this effient? Or the best way is to use the same code above to the trick?
PS: I've no problems to add new modules from Spring, like Security or Cloud.
答案1
得分: 1
如果您将数据加密存储在您的数据库中,搜索部分应该如何工作?您将不得不为每次搜索进行大量计算,这毫无意义。对备份进行编码,并使用具有严格权限的数据库身份验证,您就大功告成。
很高兴能帮上忙:)
英文:
If you Store the Data encrypted in your dB How should the search part work? You would have to do a lot of Computing for every search which makes no sense. Encode your backups and use database auth with strict permissions and you are good.
Glad this helped:)
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论