Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

example with partialpathEncryption #352

Merged
merged 1 commit into from
Sep 26, 2024
Merged

example with partialpathEncryption #352

merged 1 commit into from
Sep 26, 2024

Conversation

AssahBismarkabah
Copy link
Collaborator

@AssahBismarkabah AssahBismarkabah commented Sep 24, 2024
edited
Loading

Add documentation and refactor the 'Example' with 'partialpathEncryption' and 'Moved Files'

@AssahBismarkabah AssahBismarkabah linked an issue Sep 24, 2024 that may be closed by this pull request
Example with partial path encryption #193
Closed
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 24, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@AssahBismarkabah AssahBismarkabah changed the title example with partialpathEncryption and doc example with partialpathEncryption Sep 24, 2024
@codecov Codecov
Copy link

codecov bot commented Sep 24, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 86.76%. Comparing base (32d36bc) to head (698393b).
Report is 17 commits behind head on develop.

Additional details and impacted files 
@@            Coverage Diff             @@
##             develop     #352   +/-   ##
==========================================
  Coverage      86.76%   86.76%           
  Complexity         1        1           
==========================================
  Files            164      164           
  Lines           3348     3348           
  Branches         217      217           
==========================================
  Hits            2905     2905           
  Misses           309      309           
  Partials         134      134

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Motouom
Motouom reviewed Sep 25, 2024
View reviewed changes
Copy link
Collaborator

@Motouom Motouom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@AssahBismarkabah This Partial path encryption can have security implications, such as exposing the root directory structure. how do we to mitigate potential risks?

@AssahBismarkabah
Copy link
Collaborator Author

AssahBismarkabah commented Sep 25, 2024
edited
Loading

https://github.com/adorsys/datasafe/blob/develop/datasafe-examples/datasafe-examples-business/src/test/java/de/adorsys/datasafe/examples/business/filesystem/RuntimeOverrideOperationsTest.java the encryption is completely disabled here.

@Motouom The partial path encryption implementation intentionally leaves the first segment of the path unencrypted to balance readability and security for example,

Directory structure: users/myuserid/private/files/usercontrolled.aes
File: /usercontrolled.aes
In this case,
users remains unencrypted, providing easy navigation, files and usercontrolled.ae are encrypted, hiding the nature of documents.
this way files are quickly located while still protecting sensitive information.

@Motouom Motouom self-requested a review September 25, 2024 12:51
Motouom
Motouom approved these changes Sep 25, 2024
View reviewed changes
Copy link
Collaborator

@Motouom Motouom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay @AssahBismarkabah i understand what is going on with security issue mitigation

@francis-pouatcha francis-pouatcha merged commit 283ea2a into develop Sep 26, 2024
4 checks passed
@francis-pouatcha francis-pouatcha deleted the example-with-partial-path-encryption branch September 26, 2024 09:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Motouom Motouom Motouom approved these changes

@francis-pouatcha francis-pouatcha Awaiting requested review from francis-pouatcha

@max402 max402 Awaiting requested review from max402

Assignees

@AssahBismarkabah AssahBismarkabah

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Example with partial path encryption
4 participants
@AssahBismarkabah @Motouom @max402 @francis-pouatcha