Security issues for charity project.
Moderator: General Moderators
Security issues for charity project.
Hi,
I'm working on a project which will help a lady administrate her charity work. I'm using Mysql and PHP to create the forms that allow her to enter data into the database. There is currently no protection at all but the database is only using example data right now.
The database will be storing the names and addresses of people who are sponsoring children in Ecuador. The database will also be storing the names of the children and their addresses. These are the most important details to be kept secure, along with the sponsorship payments the sponsor parents make.
Can someone give me some advice on the quickest / simplest form of security for this situation please. i.e Would the parents and children details need to be entered into a database that has encryption turned on?
Cheers
Tee
I'm working on a project which will help a lady administrate her charity work. I'm using Mysql and PHP to create the forms that allow her to enter data into the database. There is currently no protection at all but the database is only using example data right now.
The database will be storing the names and addresses of people who are sponsoring children in Ecuador. The database will also be storing the names of the children and their addresses. These are the most important details to be kept secure, along with the sponsorship payments the sponsor parents make.
Can someone give me some advice on the quickest / simplest form of security for this situation please. i.e Would the parents and children details need to be entered into a database that has encryption turned on?
Cheers
Tee
Re: Security issues for charity project.
There are some security experts in this forum and I'm not one of them, but to give you a quick initial answer that may serve until one of them responds to your post, let me say that you must begin with the fact that there is absolutely no "perfect" security on the Internet. Hackers have broken into military, government, banking and large enterprise databases, so if you are going to have sensitive data in an online database, you must be willing to accept the possibility that someone may gain access to it eventually. That said, there are many prudent techniques for making it very difficult for anyone to do so. I'm not sure that encrypted data would be the right approach, but certainly the way you write your PHP code affects what kind of exploits a hacker might use. For example, never accept raw data from a web form and insert it into a database without first "cleansing" it by using functions such as mysql-real-escape-string() and similar processes. You need also to carefully consider where the website will be hosted and what kind of servers you use. Shared hosting may expose you to greater risk than a more expensive dedicated host server, for example. The security gurus will have much better advice.
- flying_circus
- Forum Regular
- Posts: 732
- Joined: Wed Mar 05, 2008 10:23 pm
- Location: Sunriver, OR
Re: Security issues for charity project.
Security is not an after-thought, it's not a module that you can enable after the project is done. It definately is not simple, nor quick. If your project entails sensitive data (which yours does), you need to plan how your system will work, before you start writing the first line of code.
- How is your data transmitted to the client?
- How do you police user permissions?
- How are your user credentials to be stored in the database?
- Who will have access?
- How do you validate data?
All of these things (and many, many more) must be part of the site spec, before you begin.
I'm not saying you can't go back and modify your project to increase security, but it's definately the wrong approach.
The short answer is, start reading. There are plenty of books and online resouces, like owasp, for example.
- How is your data transmitted to the client?
- How do you police user permissions?
- How are your user credentials to be stored in the database?
- Who will have access?
- How do you validate data?
All of these things (and many, many more) must be part of the site spec, before you begin.
I'm not saying you can't go back and modify your project to increase security, but it's definately the wrong approach.
The short answer is, start reading. There are plenty of books and online resouces, like owasp, for example.
Re: Security issues for charity project.
Cheers for the feedback so far.
I realise that security is important which is why I'm asking for help. This application is a way of allowing for easier administration of her work load and I'm doing it as a favour.
I could just installed a webserver, PHP and MySql on her laptop so that only she has physical access to it, no HTTP at all. If she lost the laptop that would be her responsibility. If I could add in an extra step or two that are quite quick and straight forward that would help to make it difficult to get access to data stored in the Mysql database, what would your suggestions be?
Once I have all the functionality of the application done and she can use it and it reduces her workload, I can then look at ways of hosting it and making it available to more users. Even if this means more work in the long run, I wanted to be able to get her using it and giving me feedback as soon as possible, and it's always better to use real data.
Cheers
Tee
I realise that security is important which is why I'm asking for help. This application is a way of allowing for easier administration of her work load and I'm doing it as a favour.
I could just installed a webserver, PHP and MySql on her laptop so that only she has physical access to it, no HTTP at all. If she lost the laptop that would be her responsibility. If I could add in an extra step or two that are quite quick and straight forward that would help to make it difficult to get access to data stored in the Mysql database, what would your suggestions be?
Once I have all the functionality of the application done and she can use it and it reduces her workload, I can then look at ways of hosting it and making it available to more users. Even if this means more work in the long run, I wanted to be able to get her using it and giving me feedback as soon as possible, and it's always better to use real data.
Cheers
Tee
Re: Security issues for charity project.
A question that popped into my mind:
What charity is she part of? Is it 501(c)? Does it have existing compliance standards for handling this data? Is there someone already existing who can help you develop this?
If they have no compliance standards for handling this sort of data, and are good hearted by winging it, I would advise you to gracefully bow out now. This sort of data is really very delicate, and if they have no idea how to handle it they need to be guided by someone with a strong background in data security, so that they don't have an "incident" which could compromise further good works. If they don't want to invest in that, bow out- YOU clearly appreciate the risks, they do not, and you don't want to get on that ship.
If she's not part of a charity/church group and is just a nice lady sending money to random children in 3rd world countries... um.... you probably don't want to be anywhere near that.
Just call me Tin Foil Hat Girl (err, Woman)
What charity is she part of? Is it 501(c)? Does it have existing compliance standards for handling this data? Is there someone already existing who can help you develop this?
If they have no compliance standards for handling this sort of data, and are good hearted by winging it, I would advise you to gracefully bow out now. This sort of data is really very delicate, and if they have no idea how to handle it they need to be guided by someone with a strong background in data security, so that they don't have an "incident" which could compromise further good works. If they don't want to invest in that, bow out- YOU clearly appreciate the risks, they do not, and you don't want to get on that ship.
If she's not part of a charity/church group and is just a nice lady sending money to random children in 3rd world countries... um.... you probably don't want to be anywhere near that.
Just call me Tin Foil Hat Girl (err, Woman)
Re: Security issues for charity project.
If you are going to be installing this initially on a computer that is not connected to the Internet, that's a different kind of security environment. Ideally you would want to have the eventual Internet-based design specs pretty well established before beginning the standalone version, otherwise all your work on the standalone may be wasted when it comes time to migrate to the Internet. For a standalone application, it seems to me, encryption of the sensitive data prior to storing in the database would be important, since physical loss of control would be the greatest risk. I suppose some one-time pad encryption algorithm would be appropriate, but again I defer to those with much more experience in security matters than I have. Clearly just a digest, or hash, would not be appropriate. Here is a reference that might be of some use: http://thinkdiff.net/mysql/encrypt-mysq ... echniques/.
You also need to consider such matters as backups and what to do if the user loses the password! And of course, you can't just put the password in the PHP script because if the laptop is stolen, all the thief would need to do is run the script! So the user needs to understand that if she forgets or loses the password, there is no way to recover the data.
As you can see, data security is a very complex challenge. You are doing the right thing, asking questions now, before you start. There are technical and legal issues that you need to learn about. I don't mean to discourage you, just to warn you that you have to take it seriously.
You also need to consider such matters as backups and what to do if the user loses the password! And of course, you can't just put the password in the PHP script because if the laptop is stolen, all the thief would need to do is run the script! So the user needs to understand that if she forgets or loses the password, there is no way to recover the data.
As you can see, data security is a very complex challenge. You are doing the right thing, asking questions now, before you start. There are technical and legal issues that you need to learn about. I don't mean to discourage you, just to warn you that you have to take it seriously.
Re: Security issues for charity project.
However you can put database decryption key there, encrypted with user's password that's not to be stored anywhere but in session (for the duration of the session), assuming session storage is secure.And of course, you can't just put the password in the PHP script
Re: Security issues for charity project.
Thanks again for all the feedback so far.
As security is such a big issue with databases and the like, it surprises me that there isn't some sort of paid for api that you can use to write to which will take care of all encryption related issues. I mean, security bods like Symantec etc focus on security, they can keep the databases and the api up to date with technical solutions that will thwart most hackers. You just pay for the api software which is stored on your server and ensures that all data going to and from the database is taken care of encryption wise.
It does seem like a pretty huge subject and this does discourage me quite a lot actually. It's a shame as I'm about 80% complete on the project.
Does anyone have any sort of idea of how much time this is going to take to learn and put into action? And does anyone here want to help me? !:-/
Cheers
As security is such a big issue with databases and the like, it surprises me that there isn't some sort of paid for api that you can use to write to which will take care of all encryption related issues. I mean, security bods like Symantec etc focus on security, they can keep the databases and the api up to date with technical solutions that will thwart most hackers. You just pay for the api software which is stored on your server and ensures that all data going to and from the database is taken care of encryption wise.
It does seem like a pretty huge subject and this does discourage me quite a lot actually. It's a shame as I'm about 80% complete on the project.
Does anyone have any sort of idea of how much time this is going to take to learn and put into action? And does anyone here want to help me? !:-/
Cheers
Re: Security issues for charity project.
Yeah well, security doesn't work that way.Tee_Hays wrote:As security is such a big issue with databases and the like, it surprises me that there isn't some sort of paid for api that you can use to write to which will take care of all encryption related issues. I mean, security bods like Symantec etc focus on security, they can keep the databases and the api up to date with technical solutions that will thwart most hackers. You just pay for the api software which is stored on your server and ensures that all data going to and from the database is taken care of encryption wise.
What you describe is like hiring a ridiculously expensive lock on your door to keep burglars out, whereas nothing whatsoever prevents you from keeping your windows wide open. And with web development, if you don't pay close attention to the entire process (instead of just relying on some "security software on your server"), your windows will be wide open indeed.
Re: Security issues for charity project.
Well said, Apollo. That's the point. Every situation presents different challenges ("opportunities", from the hacker's viewpoint). If some service offered a "safe" api, I would guess it might take several days before hackers throughout the world exchanged their solutions for breaching it.Apollo wrote:What you describe is like hiring a ridiculously expensive lock on your door to keep burglars out, whereas nothing whatsoever prevents you from keeping your windows wide open. And with web development, if you don't pay close attention to the entire process (instead of just relying on some "security software on your server"), your windows will be wide open indeed.
Re: Security issues for charity project.
Encrypting data doesn't play well with searching for the said data, and also offers key storage challenges.
- Do you search in the sensitive data?
- How big is it expected to be?
- How realistic are your plans that this will ever become bigger than a local installation?
- Do you search in the sensitive data?
- How big is it expected to be?
- How realistic are your plans that this will ever become bigger than a local installation?