I'm reviewing a system that is using Redis to store all client secrets, private keys, and other things. The problem is that Redis loads the entire DB into RAM
Since SSL, Rowhammer, and other hacks are known to expose memory to untrusted users, I would think that any other similar hack might expose the entire database, wherein if I used SQL server, fewer private keys would be in RAM at a given time.
There is probably a better way to do this.
Since they are required to host and store client's secrets and PI, I want them to use a load on demand approach and not too aggressively load unneeded data in RAM, and unload whatever I have in RAM as soon as possible.
What is the best approach to solve this? SecureErasing of memory?
I'm looking at SecureString with ASP.NET, and DiskIO, but I'm hard pressed to find an end-to end implementation that doesn't leave unneeded copies of the string in drivers, prefetch queues, or other locations.
Aucun commentaire:
Enregistrer un commentaire