Imperfect Site-to-Site Authentication
Posted: Thu Jan 25, 2007 6:29 pm
I have a client that is going to be distributing what I will call mini-websites that clients can install on their server/webserver somewhere. These mini-sites will have no server side scripting available -- only Javascript. Users will browse the mini-website and based on their input I need to post data back to a central data collection server.
I doubt there any way to guarantee that the data sent to the central server was really generated by the mini-site or spoofed in someway. That is probably OK because the chance is low that anyone will try to spoof it (given the user base) and because the mini-site will be installed on corporate intranets where the company is motivated to get accurate data.
I think the thing I am trying to do is make it so that you can't just copy a URL and change a value or two to create false submissions. I had assumed at a minimum that I would Ajax POST the data and maybe create a MD5 or SHA1 hash from a couple of values so that it would at minimum require creating the hash to create a valid submission.
So my question is: any ideas on how to improve this system (e.g. challenge-response)? Or is it not worth it do so more that something minimal because anyone serious could falsify data anyway.
I doubt there any way to guarantee that the data sent to the central server was really generated by the mini-site or spoofed in someway. That is probably OK because the chance is low that anyone will try to spoof it (given the user base) and because the mini-site will be installed on corporate intranets where the company is motivated to get accurate data.
I think the thing I am trying to do is make it so that you can't just copy a URL and change a value or two to create false submissions. I had assumed at a minimum that I would Ajax POST the data and maybe create a MD5 or SHA1 hash from a couple of values so that it would at minimum require creating the hash to create a valid submission.
So my question is: any ideas on how to improve this system (e.g. challenge-response)? Or is it not worth it do so more that something minimal because anyone serious could falsify data anyway.