Remote file upload authentication?

  • Thread starter Thread starter Brian Madsen
  • Start date Start date
B

Brian Madsen

Hey guys,

I am currently working on a remote file upload utility from an
external server to a local server.

Problems I face is:
1)the request server cannot be mapped - ie. i can't secure it by using
the IP or somesuch.
2)the process is automatic, no user interaction involved.

The upload process and distrubution is completed and i'm now stuck
with finding an authentication model which ensures that multiple
servers/locations can upload - but also limits those posting a request
(meaning, no public access is allowed).

I'm currently working on the following ideas:
1) XXbit security key from posting server
2) Digital signatures
3) system account for authentication (requires human interaction to
setup each account which isn't preferable)
4) non-system account for authentication (username/password posted
along the files - again, requires human maintenance and interaction).

Anyways, there's pros and cons for each of the ideas i've gotten so
far - but none distinguishes itself by standing out.

So are there any ideas other than those ? or comments (pros/cons)
anybody can think off in regards to my current limited list ?

Cheers and thanks in advance
 
Brian,

I would go with #2. Make sure that every machine has a digital
certificate installed, which is then sent with the request automatically to
identify themselves. Of course, I would also recommend using Secure Sockets
(SSL) in order to make sure that you don't get hit by a man-in-the-middle
attack.

Hope this helps.
 
Thanks Nicholas,

Will research all complications that might entail and see what comes out of that.

Cheers
Brian

Nicholas Paldino said:
Brian,

I would go with #2. Make sure that every machine has a digital
certificate installed, which is then sent with the request automatically to
identify themselves. Of course, I would also recommend using Secure Sockets
(SSL) in order to make sure that you don't get hit by a man-in-the-middle
attack.

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Brian Madsen said:
Hey guys,

I am currently working on a remote file upload utility from an
external server to a local server.

Problems I face is:
1)the request server cannot be mapped - ie. i can't secure it by using
the IP or somesuch.
2)the process is automatic, no user interaction involved.

The upload process and distrubution is completed and i'm now stuck
with finding an authentication model which ensures that multiple
servers/locations can upload - but also limits those posting a request
(meaning, no public access is allowed).

I'm currently working on the following ideas:
1) XXbit security key from posting server
2) Digital signatures
3) system account for authentication (requires human interaction to
setup each account which isn't preferable)
4) non-system account for authentication (username/password posted
along the files - again, requires human maintenance and interaction).

Anyways, there's pros and cons for each of the ideas i've gotten so
far - but none distinguishes itself by standing out.

So are there any ideas other than those ? or comments (pros/cons)
anybody can think off in regards to my current limited list ?

Cheers and thanks in advance
Click to expand...
Click to expand...
 
Back
Top