Sensitive data stored in client-side storage - C-Sharp

Sensitive data stored in client-side storage - C-Sharp

Need

Secure storage of sensitive data

Context

  • Usage of C# for building robust and scalable applications
  • Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core
  • Usage of Microsoft.AspNetCore.Http for handling HTTP requests and responses in .NET Core applications

Description

Non compliant code

        public class HomeController : Controller
{
    public IActionResult Index()
    {
        HttpContext.Session.SetString("SensitiveData", "This is some sensitive data");
        return View();
    }
}
        
        

In this vulnerable code, sensitive data is being stored on the client-side using ASP.NET Core's session storage. The HttpContext.Session.SetString method is used to store a piece of sensitive information, in this case, a string "This is some sensitive data".

This storage method is insecure because the data is stored in the user's browser and can be easily accessed by anyone who can open the developer tools in the browser. It's also vulnerable to Cross-Site Scripting (XSS) attacks, where an attacker can inject malicious scripts to steal the stored data.

In addition, if the user's browser is compromised or if the user is using a public computer, the data could be accessed by others. Furthermore, this data will persist in the user's browser even after they have closed their session, which increases the risk of unauthorized access.

The sensitive data should be stored server-side, encrypted, and only sent to the client when necessary. It should also be removed from the client-side storage immediately after it is used.

Steps

  • Identify the sensitive data that is being stored in the client-side storage.
  • Determine the appropriate security requirements for the sensitive data.
  • Avoid storing sensitive data in client-side storage such as localStorage or sessionStorage.
  • Instead, use server-side storage options like cookies to store sensitive data.
  • Define the necessary security attributes for the cookies to ensure confidentiality and integrity of the data.
  • Implement the necessary logic to store and retrieve the sensitive data using cookies.
  • Ensure that the sensitive data is encrypted and properly secured during storage and transmission.
  • Regularly review and update the security measures to protect the sensitive data.

Compliant code

        public class HomeController : Controller
{
    public IActionResult Index()
    {
        var options = new CookieOptions
        {
            HttpOnly = true,
            Secure = true,
            SameSite = SameSiteMode.Strict
        };

        var encryptedData = Encrypt("This is some sensitive data");
        Response.Cookies.Append("SensitiveData", encryptedData, options);
        return View();
    }

    private string Encrypt(string data)
    {
        // Implement your encryption logic here
        // This is a placeholder and should not be used in production
        return Convert.ToBase64String(Encoding.UTF8.GetBytes(data));
    }
}
        
        

The original code was storing sensitive data in the client-side storage (sessionStorage) which is vulnerable to unauthorized read operations. The revised code now stores the sensitive data in a secure cookie on the server-side.

The CookieOptions object is used to set various security attributes for the cookie:

- HttpOnly is set to true to prevent the cookie from being accessed through client-side scripts. This helps mitigate the risk of cross-site scripting (XSS) attacks.
- Secure is set to true to ensure that the cookie is only sent over HTTPS, protecting the data from being intercepted during transmission.
- SameSite is set to Strict to prevent the cookie from being sent with cross-site requests. This helps mitigate the risk of cross-site request forgery (CSRF) attacks.

The sensitive data is encrypted before being stored in the cookie using a placeholder Encrypt method. In a real-world application, you should replace this with your own encryption logic to ensure the confidentiality and integrity of the data.

By storing the sensitive data in a secure server-side cookie, we can better protect the data from unauthorized access and ensure that it is properly secured during storage and transmission.

References