Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Design+impl: encrypted field annotations (for things like PII, etc.) on structs? #2497

Open
Tracked by #2438
alecthomas opened this issue Aug 25, 2024 · 1 comment
Open
Tracked by #2438
Labels
P1 security relates to security (regardless of priority)

Comments

@alecthomas
Copy link
Collaborator

alecthomas commented Aug 25, 2024

  • Could also be a custom FTL type like ftl.Optional but instead ftl.Encrypted. That might have a Decrypt() func that could be used to get the underlying value explicitly when needed.
  • Possibly add semantic type annotations to fields (compatible with https://prototype.sqprod.co/#/packages/squareup.governance.v0)
  • Challenge, can we keep sensitive data encrypted as long as possible while processing it through FTL. Require explicit Decrypt or “Access” calls to retrieve plaintext.
  • Ideally this should extend down to the database layer where possible, eg. types that represent that a field is encrypted, etc.
  • Can we support Tink's associated data concept?
@alecthomas alecthomas mentioned this issue Aug 25, 2024
20 tasks
@github-actions github-actions bot added the triage Issue needs triaging label Aug 25, 2024
@alecthomas alecthomas added security relates to security (regardless of priority) P1 and removed triage Issue needs triaging labels Aug 25, 2024
@ftl-robot ftl-robot mentioned this issue Aug 25, 2024
@alecthomas alecthomas changed the title Encrypted field annotations (for things like PII, etc.) on structs? +1 Design+impl: encrypted field annotations (for things like PII, etc.) on structs? +1 Aug 25, 2024
@alecthomas
Copy link
Collaborator Author

Challenge, can we keep sensitive data encrypted as long as possible while processing it through FTL. Require explicit Decrypt or “Access” calls to retrieve plaintext.

@AlexSzlavik we can do this (it's how FTL is doing it currently), but the ergonomics are pretty painful (in Go in particular) because of the need to check decryption/encryption errors on every field access.

@alecthomas alecthomas changed the title Design+impl: encrypted field annotations (for things like PII, etc.) on structs? +1 Design+impl: encrypted field annotations (for things like PII, etc.) on structs? Aug 26, 2024
@gak gak removed their assignment Sep 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
P1 security relates to security (regardless of priority)
Projects
None yet
Development

No branches or pull requests

2 participants