Plug-n-play client-side encryption #2556
Comments
|
Hi @jkeys-ecg-nmsu we are looking at encryption of the storage category in the future, however KMS is not in scope for this as key management is a very large problem space and doing this reliably with rotation might not be scalable, reliable, or even cost effective for apps. KMS is also primarily targeted at backend key management where the behavior compared to mobile and web devices is much different. The common way of doing this in the industry for apps is with developer provided keys locally on the device. From a compliance standpoint, many of them require full device encryption anyway or for the whole of the app rather than just part of it. If you have any specific compliance documentation and case for storing such data permanently on the device where you cannot use developer provided keys, can you please point us at such material? |
|
@undefobj do you have any recommended reading for how to build a DevOps pipeline that can provision and deploy developer provided keys to client machines, rotate said keys, etc? I simply have no idea how this would be achieved in a scalable manner. |
|
I do not. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
jkeys-ecg-nmsu
changed the title
|
Will DataStore have this feature? |
|
@undefobj is DataStore going to allow client-side encryption and decryption at some point? |
|
We're looking at it. The DynamoDB tables that it sync with have encryption at rest already but we're investigating if additional controls can be done here in 2020 for clients. |
|
I was thinking of putting together a PR that allows for a user of amplify to wrap IndexedDB put and get calls with a function that one could use to encrypt the data in IndexedDB, but avoid having the encrypted blobs synced to DynamoDB. I found Datastore.storage.adapter.indexeddb as a likely shim point for something like this.
I'd rather not maintain a fork of amplify, so I'd only want to go that route if it is on the roadmap or a PR is likely to get accepted. |
Is there some progress on it ? 2020 is nearing its end... Thanks ! |
|
Also interested in the client-side data being encrypted. Thanks for all your efforts with DataStore and Amplify in 2020. |
|
I am also interested in this option and looking for the timelines |
|
I am also interested in this option. |
|
I believe this solution is already providing encryption at rest at client. Maybe we can learn something from that |
Is your feature request related to a problem? Please describe.
Electronic Caregiver is a healthcare and security company, so we deal with multiple compliance regimes: HIPAA, PCI, etc. If we intend to keep any e.g. PHI on the client for fast lookup, we need a way to keep it encrypted without storing permanent keys on the client.
Describe the solution you'd like
I'd like Amplify to (optionally) seamlessly encrypt and decrypt any and/or all data in localStorage by way of external calls to KMS. I'd also like Amplify to handle the same for arbitrary local files, so we can easily store sensitive data locally and attach that data to the client.
I'm not a security expert, so I'm not sure how this could be achieved without defeating the point (which seems to be easier to do than actually designing a secure client-side encryption scheme). I'm hoping someone smarter than me can fill in the gaping holes in my FR.
The text was updated successfully, but these errors were encountered: