Rails Model Encryption with Strongbox gem

En cours Publié le Dec 12, 2013 Paiement à la livraison

£250-750 GBP

Paiement à la livraison

En cours Paiement à la livraison

So what I need for this project is the implementation of the gem strongbox so that the information provided by users is encrypted before its stored in the database.

The gem strongbox first encrypts data with a random generated key and IVs and then it encrypts the key and IV with a public key.

[login to view URL]

So there a few things that are needed to implement this:

Encryption Phase

-Whenever a user is created a public and private key pair needs to be created, I would like that the private key is the users password plus some value(probably stored has an environment variable) , the public key will then be stored in a table with the user details

-When the user submits the completed data for a specific model, before the data is stored on the database, strongbox will be used to encrypt the data.

The data will be first symmetrically encrypted(random key and IVs functionality for this is provided by strongbox gem) then the key and IVs will be further encrypted with the user public key. Furthermore the the key and IVs will be encrypted again for each of the special users using their public keys.

-Finally the information for decrypting the model will be stored on a table with user id, diagnostic id, encrypted key and IVs

Decryption Phase

-Whenever a user(the original user or one of the special users) access a record, he is prompted for its password that is then used to decrypt the key from the keys table and then using that key to decrypt the data on the database

-If changes are done to the data the same procedure as in the encryption phase is followed

Extras

-When an user changes its password a new public key also needs to be generated plus all the data that was encrypted with the old public key needs to be decrypted and encrypted again with the new public key. This should be executed once after a successful password change.

-A little script that can run on the whole database and change the encryption protocol, by first decrypting all the data and then encrypt again with a new protocol and at the end remove the old data.

I will provide an existing application code where this needs to be implemented, also any comments suggestion to improve security will be very welcomed.

Ruby Ruby on Rails Architecture Logicielle

Nº du projet : #5222048

À propos du projet

8 propositions Projet à distance Actif Dec 13, 2013

Vous cherchez à gagner de l'argent ?

Avantages de faire une offre sur Freelancer

Fixez votre budget et votre échéancier
Faites-vous payer pour votre travail
Décrivez votre offre
L'inscription et postuler à des emplois sont gratuits

8 freelances font une offre moyenne de 560 £ pour ce travail

Photo de profil de taro
taro

Hello, I'm interested in your project and would like to review the current application code if possible. Thanks

£700 GBP en 12 jours
(44 Commentaires)
7.1
Photo de profil de ycbTR
ycbTR

Hello, I am professional ruby developer and graduated software engineer. I can do this encryption work for you with clean and readable code. Let me know if you wonder anything. Thanks

£722 GBP en 25 jours
(59 Commentaires)
6.9
Photo de profil de soou2soou2
soou2soou2

A proposal has not yet been provided

£350 GBP en 15 jours
(0 Commentaires)
0.0
Photo de profil de cuiyuan527
cuiyuan527

A proposal has not yet been provided

£555 GBP en 3 jours
(1 Évaluation)
0.0
Publiez un projet comme celui-ci