sofia/identity
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

Security and privacy #3

New issue
Open
opened 2024-06-29 17:29:16 +00:00 by sofia · 0 comments
sofia commented 2024-06-29 17:29:16 +00:00
Owner
Copy link

Security and privacy are the biggest concerns in an use case like this. Right now, every request is logged (not its contents, most likely cannot identify users from this alone) and the data is unencrypted in a database.

E2E encryption (user-to-storage) would be ideal, but would be difficult to implement and would complicate the process of data portability and passing your data down to the user's heirs. Server-side encryption and/or database-level encryption is another option that would improve security but not necessarily privacy.

Research needs to be done in order to find a balanced level of privacy and security.

Security and privacy are the biggest concerns in an use case like this. Right now, every request is logged (not its contents, most likely cannot identify users from this alone) and the data is unencrypted in a database. E2E encryption (user-to-storage) would be ideal, but would be difficult to implement and would complicate the process of data portability and passing your data down to the user's heirs. Server-side encryption and/or database-level encryption is another option that would improve security but not necessarily privacy. Research needs to be done in order to find a balanced level of privacy and security.
sofia added this to the First stable (v1) milestone 2024-06-29 17:29:16 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
rust-api
No results found.
Labels
Clear labels   
area:branding

   
area:infra

   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
area:branding
area:infra
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
First stable (v1)
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: sofia/identity#3
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?