PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Sat Jun 06, 2020 5:11 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 11 posts ] 
Author Message
PostPosted: Mon Jul 25, 2011 6:18 pm 
Offline
Forum Newbie

Joined: Fri Jul 08, 2011 6:58 am
Posts: 7
Hi,

I'm working on a project which will help a lady administrate her charity work. I'm using Mysql and PHP to create the forms that allow her to enter data into the database. There is currently no protection at all but the database is only using example data right now.

The database will be storing the names and addresses of people who are sponsoring children in Ecuador. The database will also be storing the names of the children and their addresses. These are the most important details to be kept secure, along with the sponsorship payments the sponsor parents make.

Can someone give me some advice on the quickest / simplest form of security for this situation please. i.e Would the parents and children details need to be entered into a database that has encryption turned on?

Cheers

Tee


Top
 Profile  
 
PostPosted: Mon Jul 25, 2011 8:31 pm 
Offline
Jack of Zircons
User avatar

Joined: Thu Nov 09, 2006 9:30 pm
Posts: 4484
Location: California, USA
There are some security experts in this forum and I'm not one of them, but to give you a quick initial answer that may serve until one of them responds to your post, let me say that you must begin with the fact that there is absolutely no "perfect" security on the Internet. Hackers have broken into military, government, banking and large enterprise databases, so if you are going to have sensitive data in an online database, you must be willing to accept the possibility that someone may gain access to it eventually. That said, there are many prudent techniques for making it very difficult for anyone to do so. I'm not sure that encrypted data would be the right approach, but certainly the way you write your PHP code affects what kind of exploits a hacker might use. For example, never accept raw data from a web form and insert it into a database without first "cleansing" it by using functions such as mysql-real-escape-string() and similar processes. You need also to carefully consider where the website will be hosted and what kind of servers you use. Shared hosting may expose you to greater risk than a more expensive dedicated host server, for example. The security gurus will have much better advice.


Top
 Profile  
 
PostPosted: Tue Jul 26, 2011 11:06 am 
Offline
Forum Regular
User avatar

Joined: Wed Mar 05, 2008 11:23 pm
Posts: 732
Location: Sunriver, OR
Security is not an after-thought, it's not a module that you can enable after the project is done. It definately is not simple, nor quick. If your project entails sensitive data (which yours does), you need to plan how your system will work, before you start writing the first line of code.

- How is your data transmitted to the client?
- How do you police user permissions?
- How are your user credentials to be stored in the database?
- Who will have access?
- How do you validate data?

All of these things (and many, many more) must be part of the site spec, before you begin.

I'm not saying you can't go back and modify your project to increase security, but it's definately the wrong approach.

The short answer is, start reading. There are plenty of books and online resouces, like owasp, for example.


Top
 Profile  
 
PostPosted: Tue Jul 26, 2011 11:37 am 
Offline
Forum Newbie

Joined: Fri Jul 08, 2011 6:58 am
Posts: 7
Cheers for the feedback so far.

I realise that security is important which is why I'm asking for help. This application is a way of allowing for easier administration of her work load and I'm doing it as a favour.

I could just installed a webserver, PHP and MySql on her laptop so that only she has physical access to it, no HTTP at all. If she lost the laptop that would be her responsibility. If I could add in an extra step or two that are quite quick and straight forward that would help to make it difficult to get access to data stored in the Mysql database, what would your suggestions be?

Once I have all the functionality of the application done and she can use it and it reduces her workload, I can then look at ways of hosting it and making it available to more users. Even if this means more work in the long run, I wanted to be able to get her using it and giving me feedback as soon as possible, and it's always better to use real data.

Cheers

Tee


Top
 Profile  
 
PostPosted: Tue Jul 26, 2011 12:02 pm 
Offline
Forum Newbie

Joined: Tue Sep 07, 2010 5:51 pm
Posts: 14
A question that popped into my mind:

What charity is she part of? Is it 501(c)? Does it have existing compliance standards for handling this data? Is there someone already existing who can help you develop this?

If they have no compliance standards for handling this sort of data, and are good hearted by winging it, I would advise you to gracefully bow out now. This sort of data is really very delicate, and if they have no idea how to handle it they need to be guided by someone with a strong background in data security, so that they don't have an "incident" which could compromise further good works. If they don't want to invest in that, bow out- YOU clearly appreciate the risks, they do not, and you don't want to get on that ship.

If she's not part of a charity/church group and is just a nice lady sending money to random children in 3rd world countries... um.... you probably don't want to be anywhere near that.

Just call me Tin Foil Hat Girl (err, Woman)


Top
 Profile  
 
PostPosted: Tue Jul 26, 2011 2:14 pm 
Offline
Jack of Zircons
User avatar

Joined: Thu Nov 09, 2006 9:30 pm
Posts: 4484
Location: California, USA
If you are going to be installing this initially on a computer that is not connected to the Internet, that's a different kind of security environment. Ideally you would want to have the eventual Internet-based design specs pretty well established before beginning the standalone version, otherwise all your work on the standalone may be wasted when it comes time to migrate to the Internet. For a standalone application, it seems to me, encryption of the sensitive data prior to storing in the database would be important, since physical loss of control would be the greatest risk. I suppose some one-time pad encryption algorithm would be appropriate, but again I defer to those with much more experience in security matters than I have. Clearly just a digest, or hash, would not be appropriate. Here is a reference that might be of some use: .

You also need to consider such matters as backups and what to do if the user loses the password! And of course, you can't just put the password in the PHP script because if the laptop is stolen, all the thief would need to do is run the script! So the user needs to understand that if she forgets or loses the password, there is no way to recover the data.

As you can see, data security is a very complex challenge. You are doing the right thing, asking questions now, before you start. There are technical and legal issues that you need to learn about. I don't mean to discourage you, just to warn you that you have to take it seriously.


Top
 Profile  
 
PostPosted: Wed Jul 27, 2011 1:41 am 
Offline
Moderator
User avatar

Joined: Mon Nov 03, 2003 7:13 pm
Posts: 5978
Location: Odessa, Ukraine


Top
 Profile  
 
PostPosted: Wed Jul 27, 2011 6:24 pm 
Offline
Forum Newbie

Joined: Fri Jul 08, 2011 6:58 am
Posts: 7
Thanks again for all the feedback so far.

As security is such a big issue with databases and the like, it surprises me that there isn't some sort of paid for api that you can use to write to which will take care of all encryption related issues. I mean, security bods like Symantec etc focus on security, they can keep the databases and the api up to date with technical solutions that will thwart most hackers. You just pay for the api software which is stored on your server and ensures that all data going to and from the database is taken care of encryption wise.

It does seem like a pretty huge subject and this does discourage me quite a lot actually. It's a shame as I'm about 80% complete on the project.

Does anyone have any sort of idea of how much time this is going to take to learn and put into action? And does anyone here want to help me? !:-/

Cheers


Top
 Profile  
 
PostPosted: Thu Jul 28, 2011 12:32 am 
Offline
Forum Regular
User avatar

Joined: Wed Apr 30, 2008 2:34 am
Posts: 794


Top
 Profile  
 
PostPosted: Thu Jul 28, 2011 12:53 pm 
Offline
Jack of Zircons
User avatar

Joined: Thu Nov 09, 2006 9:30 pm
Posts: 4484
Location: California, USA


Top
 Profile  
 
PostPosted: Mon Aug 08, 2011 2:28 am 
Offline
DevNet Resident
User avatar

Joined: Sun Sep 03, 2006 5:19 am
Posts: 1579
Location: Sofia, Bulgaria
Encrypting data doesn't play well with searching for the said data, and also offers key storage challenges.
- Do you search in the sensitive data?
- How big is it expected to be?
- How realistic are your plans that this will ever become bigger than a local installation?


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group