Skip to main content

How do you protect your web server resources? Use signed URLs


Illustration:
Say, you have public URL to access abc.mp4. http://mydomain.com/abc.mp4. And it is made available under pay per download subscription. This is a public URL and anybody can access, but there is a business model around it, which is ‘Pay per download’. This is a revenue leakage if everyone is able to download the asset. How should you make it available for download, but only for one download? You want this URL to be invalid after one usage.
Answer: Use signed URLs.

Signed URLs are usually short lived URLs. Servers are designed to deny access after the expiry of such URLs. It is also possible to specify additional information along with Signed URL, usually will be additional information is determined by the server in focus.

How does it work?
Continuing from the illustration, I define a policy. Policy is nothing but information that your client application will be able to communicate with server application so that server can decide the nature of access to the asset. This can be as simple as a JSON formatted text.

For the illustration, call Client app as C and server app as S. C creates a policy with information, say, ‘Allow_access_to_abc.mp4_18_00_hrs_only_once’. C will hash (creates digest) with SHA-1 algorithm which results in unique digest, say, 123kffsfsfg#$.  C signs the hash generated with the private key and say, the signature generated is ‘uuffaffgfgf’.

Note: Hashing on any given string, results in unique fingerprint, using which you cannot get back the original string. However, the algorithm generates exactly the same unique fingerprint for that string. This way, one can be sure that no one has tampered with information in transit.

Next, C does base64 encoding on the policy, say it results in ‘AB133444CDFDAAABC37122’. After this, C will generate a signed URL, 

http://mydomain.com/abc.mp4?policy= Allow_access_to_abc.mp4_18_00_hrs_only_once&hash=123kffsfsfg#$&signature=uuffaffgfgf

At the server side, S receives the URL, verifies the signature using the public key. S is assured that it is C who signed the hash. Then, S base64 decodes the policy and generates the hash, which in this case will result 123kffsfsfg#$. S matches the generated hash with the hash value sent as parameter in signed URL. Match is positive, S understands that no one has tampered the policy in the transit and interprets the policy and decides the nature of access. S expires the URL after some time and denies repeated unauthorized access.

Comments

Post a Comment

Thanks for your comments.

Popular posts from this blog

GCP: GAE - Memcache best practices

Memcache is a distributed in-memory data cache in front of or in place of robust persistent storage for some tasks. GAE includes a memory cache service for this purpose. Best practices for using memcache: 1. Handling memcache API failures gracefully; Do not expose errors to the end users 2. Use batching capability of the API when possible 3. Distribute load across your memcache keyspace Use sharding and aggregating for improving performance efficiency. Use TTL (expiration policy) to make sure the memcache does not fill-up indefinitely Use getIdentifiable() and putIfUntouched() for managing the values that may get affected by concurrent updates Use batching (getMulti ("comments", "commented_by") ) to fetch related values together instead of one by one Use graceful error handling
Post a Comment
Read more

Innate and Non-innate learning

I am reading a book called 'What did you ask at school today?' by Kamala V Mukunda. Would like to share some learning. The book is intended for teachers as primary audience, nevertheless, good for any adult to gain deeper understanding on learning process. She talks about brain structure, innate and non-innate learning aspects and talks about synergy needed between the two in the first two chapters. Firstly, innate learning is something that would not need explicit training. For example, kids learning the language. They wont feel strained or stressed during this kind of learning, just because they enjoy the process, where as non-innate learning focuses more on class room learning. It is accepted that learning through playful means will have more impact on kids than the impact through the structured learning. A physcologist, David Geary puts it this way - while learning through playful means has more impact, children should be encouraged to learn the skills through structure...
Post a Comment
Read more

Essential GCP services for a new age application

Identity and resource management IAM  Identity aware proxy Resource Manager Stackdriver Monitoring Stackdriver Monitoring: Infrastructure and application monitoring Stackdriver Logging: Centralized logging Stackdriver Error Reporting: Application error reporting Stackdriver Trace: Application performance insights (latency) Stackdriver Debugger: Live production debugging Development management Cloud Deployment Manager: Templated Infrastructure deployment Cloud Console: Web based management console Cloud shell: Browser based terminal/CLI Development tools Cloud SDK: CLI for GCP Container registry: Private container registry Container builder: Build/Package container artifacts Cloud source repository: Hosted private git repository Database services Cloud SQL: Managed MySQL and PostgreSQL Cloud BigTable: HBase compatible non-relational DB Cloud Datastore: Horizontally scalable non-relational (ACID) Cloud Spanner: Horizontally scalable relation...
Post a Comment
Read more