Version 8

    This article will describe the strategies/design for both password masking and encryption.


    The configuration/domain model needs one or more passwords. We do not want to specify the passwords in clear text.

    JBoss AS 7 will provide both opportunities for masking as well as using encryption.



    There are 2 methods available to specify passwords without clear text visibility.

    1. Password based encryption (aka Masking)
    2. Password Encryption using AES, 3DES etc


    Password Based Encryption (PBE) provides security by obsurity. It just masks the password. It does not provide any fool-proof security.

    Password Encryption using AES or 3DES provides industry strength encryption.


    PBE uses the following:

    1. Salt
    2. Iteration Count
    3. Password  to mask.


    Encryption uses the following:

    1. Cipher Text (password in this case)
    2. Secret Key
    3. Encryption Type (AES or 3DES)
    4. Key Size


    Encryption uses a secret key to encrypt the password.  When you are ready to decrypt the password, you will need the secret key.


    The biggest challenge is going to be managing the secret key.



    Key Distribution

    We need to secure the secret key in both the strategies - PBE and Encryption.

    The secret key is never in the open. 


    In the "standalone" mode, there is no issue. The administrator/user creates the secret key that is available to the AS.

    In the "domain" mode, if the administrator created the secret key, then he has to manually copy the secured secret key to all the instances in the domain. The reason is that we have not yet figured out the safety of replicating keys across a domain. Until we are satisfied, manual distribution it is.



    We need to provide pluggable settings such that

    • 3rd party security providers may provide the secret key used in the encryption/decryption. OR
    • Custom code that can provide the password.


    Domain Model Settings


    Note to Anil: 

    • The transaction module has a "relative to" settings that allows you to specify paths.
    • BrianS says


    (11:12:06 AM) asaldhan: bstansberry: for the domain mode,  what is    I only see data in standalone
    (11:14:06 AM) bstansberry: asaldhan: in domain mode, the servers, e.g. one name "server-one" would be in domain/servers/server-one
    (11:14:28 AM) bstansberry: would point to domain/servers/server-one/data
    (11:14:53 AM) asaldhan: bstansberry: got it. thx.