Data security architecture

According to this year's WebSense security lab survey, 39% of Web attacks aim to steal data, and 20% of them are directly swallowed up;
 
At the beginning of the year, wooyun platform reported that the customer data database of a listed company had been stolen, the database information contains the user's mobile phone, password, email address, ID card, address, family member information, and consumption records (this is sensitive). They feel that the Yali is very large, so they have to take this opportunity, design Data Security Solutions for tens of millions of users;
 
Learn about the Web vulnerabilities of hackers-> Web Shell-> Read the configuration file to find the Database Configuration connection-> Find the trusted server that can connect to the database-> drag and drop databases from the database connection;
 
Search for injection in Google
Not injected.
Oday is not used.
No Oday guess directory
Sniffing without a directory
Search for backend accounts
Upload pony to enlarge the horse
Drag data with Permissions
The anti-Web vulnerability Protection for hackers covers a wide range of fields. If you want to solve the problem, find a professional code audit and risk assessment expert and recommend 80 vul.com and 80 sec.com (it is reliable because you are dedicated !)
 
Web Shell provides professional security training for programmers. Do not trust pseudo experts and find dedicated and reliable experts!
 
After reading the configuration file, you programmers can basically get rid of the three hackers who want to encrypt or hide the configuration information. For larger enterprises, all of them are directly using SOAP. They write WebService to retrieve data...
 
The Database Server ACL strictly controls access. The granularity must be detailed (Database User Permissions). Only the WebService host server can access the database. Port-level + static IP policy.
 
Data active defense since the ultimate goal of hackers is to steal and tamper with data, data is encrypted and the decryption key is hidden.
 
The current architecture is. NET WebServic to provide data callback for Multiple front-end business systems, the database uses MSSQL, the entire data operation process is as follows:
 
Data Retrieval: Web Front-End-> connect to the configuration database to retrieve the corresponding WebService-> WebService to retrieve data-> DB
Submit data: Web Front-End-> connect to the configuration database to obtain the corresponding WebService-> WebService submit database-> DB
My suggestions:
 
Some key fields are encrypted by AES before being stored in the database.
 
The AES key is written to a file on the WebService end. After writing the key, use the DotFuscator provided by VS to confuse the. net web source code. PHP can adopt the Zend source code protection solution. (At least few people can restore the ciphertext after source code obfuscation .); The WEB Front-end, which is decrypted to the client with a key.
 
They also have a data audit department that needs to mine user data:
 
My suggestions:
 
Divide a data audit security VLAN, and do not allow access from any network. Use your key to restore a copy of the original data for audit. The security domain must be divided and isolated.
 
Financial Protection: (I want to give them an example today. I wanted to use 3DES. I thought it was unnecessary .)
Using the AES algorithm, each user sets an independent FACEID as the encryption and decryption key; 'uid = 1063200; FACEID = 8baceca0-15e7-11e1-be50-0800200c9a66; ''to create a dencode and ddecode function, it is used to calculate the user's account balance (CARD_BALANCE) in SQL.
 
Change the user balance to 1000 update CARD_MEMCARD set CARD_BALANCE = d_encode ('20140101', '8baceca0-15e7-11e1-be50-0800200c9a66 ') where CARD_UID_CD = '2016 ';
 
Query the user's mobile phone number and balance: select mem_0000_phone, d_decode (CARD_BALANCE, '8baceca0-15e7-11e1-be50-0800200c9a66 ') where CARD_UID_CD = '2016 ';
 
One tricky method I came up with was to confuse the table name and field name of the database. Don't let the hacker see at a glance that CARD_BALANCE is a field of user balance.
 
By ring04h