[appengine-java] Re: Key and KeyFactory - privacy concern related
I would suggest that rather than using " + "" as your
key names, you use F("" + "") where F is either an
encryption function or a one-way hash function. You can use the javax.crypt
package for this purpose.
Alternatively, you could implement your own Key -> String conversion routine
in place of KeyFactory.keyToString() and implement the encryption at that
level.
On Mon, Oct 26, 2009 at 2:10 PM, victor wrote:
>
> I use the com.google.appengine.api.datastore.Key as primary keys to my
> datastore and part of the Key generation strategy is to use an e-mail:
> Key ret = KeyFactory.createKey( + )
>
> This generated key is then exposed to the browser via
> KeyFactory.keyToString.
>
> My concern is more on the privacy side. This serialized key could
> easily be converted back to its original form by somebody cut and
> pasting this key and running the following in their local machine:
> Key ret = KeyFactory.stringToKey( browser>)
>
> --thus exposing the e-mail from the key.
>
> My question is, is there a way for Google App Engine to make the
> "KeyFactory.stringToKey" only work to return the proper key if it is
> executed from the app where the data store is running from?
>
> Thanks again,
> >
>
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Google App Engine for Java" group.
To post to this group, send email to google-appengine-java@googlegroups.com
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en
-~--~~~~--~~--~--~---
[appengine-java] Re: Key and KeyFactory - privacy concern related
You could calculate the MD5 hash. That's a one-way algorithm.
On Oct 26, 8:17 pm, Don Schwarz wrote:
> I would suggest that rather than using " + "" as your
> key names, you use F("" + "") where F is either an
> encryption function or a one-way hash function. You can use the javax.crypt
> package for this purpose.
>
> Alternatively, you could implement your own Key -> String conversion routine
> in place of KeyFactory.keyToString() and implement the encryption at that
> level.
>
> On Mon, Oct 26, 2009 at 2:10 PM, victor wrote:
>
> > I use the com.google.appengine.api.datastore.Key as primary keys to my
> > datastore and part of the Key generation strategy is to use an e-mail:
> > Key ret = KeyFactory.createKey( + )
>
> > This generated key is then exposed to the browser via
> > KeyFactory.keyToString.
>
> > My concern is more on the privacy side. This serialized key could
> > easily be converted back to its original form by somebody cut and
> > pasting this key and running the following in their local machine:
> > Key ret = KeyFactory.stringToKey( > browser>)
>
> > --thus exposing the e-mail from the key.
>
> > My question is, is there a way for Google App Engine to make the
> > "KeyFactory.stringToKey" only work to return the proper key if it is
> > executed from the app where the data store is running from?
>
> > Thanks again,
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Google App Engine for Java" group.
To post to this group, send email to google-appengine-java@googlegroups.com
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en
-~--~~~~--~~--~--~---
[appengine-java] Re: Key and KeyFactory - privacy concern related
You can also "normalize" your scheme a little bit and avoid using
email as primary key.. Instead of using:
@PersistenceCapable(identityType = IdentityType.APPLICATION)
public class UserAndSomething {
@PrimaryKey
private Key email;
... more stuff ..
}
use
@PersistenceCapable(identityType = IdentityType.APPLICATION)
public class UserAndSomething {
@PrimaryKey
@Persistent(valueStrategy = IdGeneratorStrategy.IDENTITY)
private Long key;
... more stuff ..
}
@PersistenceCapable(identityType = IdentityType.APPLICATION)
public class MailToKey {
@PrimaryKey
private Key email;
private Long uKey;
}
and than persist something like:
String eMail;
PersistenceManager pm;
UserAndSomething u = new UserAndSomething();
pm.makePersistent(u);
MailToKey m = new MailToKey();
m.setEmail(eMail);
m.setUKey(u.getKey());
pm.makePersistent();
Than you can use meaningless 'long' key to communicate with client and
(via MailToKey entity) you are able to find your 'email' very quickly.
This way 'email' is visible only on the server side and no need to be
exposed on the client side.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Google App Engine for Java" group.
To post to this group, send email to google-appengine-java@googlegroups.com
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en
-~--~~~~--~~--~--~---
