How to secure database credentials in spring mvc service layer

Question

I have to create a banking application using Spring MVC and MySQL enterprise database. Encryption and Decryption of data are done using keys provided by MySQL Enterprise database. Some of the options that I have found to secure this database credentials are:

Storing credentials in key store - but I want keys to be stored out of service code
Using Azure key store or Azure App Settings - but I am looking for a free source
Using Hashing - Still, the keys are inside service code
Using self-signed certificates - Again these certificates have to be deployed, which may be insecure

Now how can I store this database credentials out of service code?

score 1 · Answer 1 · answered Jun 27 '17 at 06:44

1

A common and difficult problem, I recommend https://www.vaultproject.io/ by Hashicorp.

answered Jun 27 '17 at 06:44

Vetsin

2,245
1
20
24

I have implemented it by storing private info in localhost, how can I use the same when the service is deployed? – Chinta Sai Vamshi Jun 27 '17 at 12:50

How to secure database credentials in spring mvc service layer

1 Answers1