| Wiki Markup |
|---|
It is imperative that sensitive Sensitive data should be protected from eavesdropping and malicious tampering during transit. An Obfuscated Transfer Object \[[Steel 2005|AA. Bibliography#Steel 05]\] that canis bestrongly usedencrypted tocan encryptprotect data in exchanges that involve multiple business tiers or end user systems. ObfuscationThis canapproach beis achieved,known largely, by encrypting the sensitive object (sealing). This design pattern can further be supplemented to provide signature capabilities for guaranteeing object integrityas _sealing_ the object. To guarantee object integrity, apply a digital signature to the sealed object. |
Signing Sealing and sealing signing objects is the preferred mechanism to secure data when
- The data is sensitive but its serialization or transportation Serializing or transporting sensitive data is necessary
- A secure communication channel such as SSL is absent or is a too costly alternative for limited transactions
- Some sensitive data needs to must persist over an extended period of time (for example, e.g. on an external hard drive)Implementing
Avoid using home-brewed cryptographic algorithms
...
; such algorithms almost certainly introduce unnecessary vulnerabilities. Applications that apply home-brewed "cryptography" in the readObject and writeObject methods
...
are prime examples of anti-patterns.
Noncompliant Code Example
...