Upgrade to Pro — share decks privately, control downloads, hide ads and more …

大事なデータを守りたい!ActiveRecord Encryptionと、より安全かつ検索可能...

大事なデータを守りたい!ActiveRecord Encryptionと、より安全かつ検索可能な暗号化手法の実装例の紹介

Kaigi on Rails Day2にて使用した発表用スライドです。

https://kaigionrails.org/2024/talks/f-world21/

free_world21

October 27, 2024
Tweet

More Decks by free_world21

Other Decks in Programming

Transcript

  1. ©2024 Bloomo Securities Inc. • খྛޛ࢙ʢখྛϊΤϧʣ • ϒϧʔϞূ݊גࣜձࣾऔక໾$50 • 0NPUFTBOEPSC

    3PQQPOHJSC 4IJOKVLVSCͱ͔ʹΑ͍͘· ͢ • ཱྀߦɾੈքͷίϫʔΩϯάεϖʔεΊ͙Γʢϫʔέʔγϣϯ తͳԿ͔ʣ͕޷͖ • झຯͰʲ੓࣏ࢿۚσʔλϕʔεʳΛ։ൃͯ͠·͢ ޷͖ͳόϯυ • -`"SDdFOd$JFM 1*&3305 THE FARM@NY CARR WORKPLACE@Chicago @free_world21
  2. ©2024 Bloomo Securities Inc. *OEFY ձࣾ঺հˍഎܠ঺հ ͦ΋ͦ΋҉߸Խͱ͸ʁ "DUJWF3FDPSE&ODSZQUJPOͷ঺հ "DUJWF3FDPSE&ODSZQUJPOͰ͸࣮ݱͮ͠Β͍ཁ݅ͷྫ ֤छ҉߸Խख๏͝঺հ

     attr_encryptedΛ࢖࣮ͬͨ૷ྫ ҉߸Խͭͭ͠ݕࡧՄೳʹ͢Δํ๏ͷ঺հ ·ͱΊ • ࿩͞ͳ͍͜ͱɿ҉߸ԽΞϧΰϦζϜͱ͔ൿີܭࢉɾݕࡧͱ͔ • ର৅ऀɿ։ൃ͍ͯ͠Δ3BJMTΞϓϦͷσʔλ҉߸Խʹڵຯ͕͋Δਓ • ໨తɿ"DUJWF3FDPSE&ODSZQUJPO BUUS@FODSZQUFE MPDLCPYͷ֓ཁͱ͔͍ͭͲ͜ΖΛཧղ͢Δ͜ͱ • ൃදࢿྉ͸ޙ΄Ͳެ։͠·͢
  3. ©2024 Bloomo Securities Inc. ձࣾ঺հˍഎܠ঺հrϓϩμΫτػೳ ϙʔτϑΥϦΦػೳͰɺߴ౓ͳࢿ࢈ӡ༻ͷϋʔυϧΛԼ͍͛ͯΔ ϙʔτϑΥϦΦ౤ࢿػೳ ڞ༗ɾίϐʔػೳ ถࠃגɾ&5'Ͱཧ૝ͷϙʔτϑΥϦΦΛ࡞੒ͨ͠Βɺ ྆ସ΍ങ෇͸ϒϧʔϞ͕ࣗಈࣥߦͯ͘͠ΕΔɻ

    ෳ਺໏ฑ΁ͷ෼ࢄ౤ࢿ͕खؒͳ࣮͘ݱͰ͖Δ ʢϢʔβʔͷอ༗໏ฑ਺͸Ҏ্ʢ೔ຊฏۉͷഒఔ౓ʣʣ ॳ৺ऀͰ΋ϙʔτϑΥϦΦ࡞੒͕Մೳʹ ʢϢʔβʔͷׂҎ্͕ίϐʔ͔Β։࢝ʣ ઐ໳Ո΍ଞͷϢʔβʔͷϙʔτϑΥϦΦΛݟͯɺ ϫϯλοϓͰίϐʔͰ͖Δɻ
  4. ©2024 Bloomo Securities Inc. ձࣾ঺հˍഎܠ঺հr૑ۀ͔Β͜Ε·ͰͷาΈ  ݄  ݄ 

    ݄  ݄  ݄  ݄ ૑ۀ ূ݊ձࣾ ϥΠηϯεऔಘ ਖ਼ࣜϦϦʔε ʢҰൠެ։ʣ γʔυϥ΢ϯυ ԯԁௐୡ ট଴੍ϦϦʔε /*4"ޱ࠲ ఏڙ։࢝ ೥ͿΓͷূ݊ձࣾελʔτΞοϓͱ্ཱ͕ͯͪͬͨ͠ 個別株を取扱う証券会社スタートアップとしては、Finatext・FOLIO以来の存在。史上最速ペースで⾦商1種(証券会社) ライセンス取得・プロダクトリリースを続けてきた。
  5. ©2024 Bloomo Securities Inc. ձࣾ঺հˍഎܠ঺հr૑ۀ͔Β͜Ε·ͰͷาΈ  ݄  ݄ 

    ݄  ݄  ݄  ݄ ૑ۀ ূ݊ձࣾ ϥΠηϯεऔಘ ਖ਼ࣜϦϦʔε ʢҰൠެ։ʣ γʔυϥ΢ϯυ ԯԁௐୡ ট଴੍ϦϦʔε /*4"ޱ࠲ ఏڙ։࢝ ೥ͿΓͷূ݊ձࣾελʔτΞοϓͱ্ཱ͕ͯͪͬͨ͠ 個別株を取扱う証券会社スタートアップとしては、Finatext・FOLIO以来の存在。史上最速ペースで⾦商1種(証券会社) ライセンス取得・プロダクトリリースを続けてきた。 ূ݊ձࣾͱͯ͠ͷ rails new .
  6. ©2024 Bloomo Securities Inc. ձࣾ঺հˍഎܠ঺հr૑ۀ͔Β͜Ε·ͰͷาΈ  ݄  ݄ 

    ݄  ݄  ݄  ݄ ૑ۀ ূ݊ձࣾ ϥΠηϯεऔಘ ਖ਼ࣜϦϦʔε ʢҰൠެ։ʣ γʔυϥ΢ϯυ ԯԁௐୡ ট଴੍ϦϦʔε /*4"ޱ࠲ ఏڙ։࢝ ೥ͿΓͷূ݊ձࣾελʔτΞοϓͱ্ཱ͕ͯͪͬͨ͠ 個別株を取扱う証券会社スタートアップとしては、Finatext・FOLIO以来の存在。史上最速ペースで⾦商1種(証券会社) ライセンス取得・プロダクトリリースを続けてきた。 ূ݊ձࣾͱͯ͠ͷ rails new .
  7. ©2024 Bloomo Securities Inc. ձࣾ঺հˍഎܠ঺հrূ݊γεςϜΛ࡞Δ͏͑Ͱ • Կ͔גΛങ͏ͨΊʹ͸ূ݊ձࣾͷޱ࠲Λͭ͘Βͳ͚Ε͹͍͚ͳ͍ • ূ݊ձࣾʢͷγεςϜʣΛ࡞ΔͨΊʹ͸༷ʑͳཁ݅ʢ๏཯ͳͲʣΛकΒͳ͚Ε͹͍͚ͳ͍ •

    ηΩϡϦςΟʔपΓʹ΋ΑΓؾΛ࢖͏ඞཁ͕͋Δ • αΠόʔ߈ܸͳͲΛؚΉɺ৘ใηΩϡϦςΟʹؔ͢ΔڴҖ͕΋ͷ͍͢͝੎͍Ͱڧ·͍ͬͯΔ – ૬͙࣍ݸਓ৘ใྲྀग़ – ϥϯαϜ΢ΣΞʹΑΔඃ֐ʢχίχίಈըʣ ͓٬༷ʢ࢖͏ଆʣ໨ઢ ΤϯδχΞʢ࡞Δଆʣ໨ઢ
  8. ©2024 Bloomo Securities Inc. ͦ΋ͦ΋҉߸Խͱ͸ʁ҉߸ԽͱϋογϡԽ “小林ノエル” “m6mlF70S3Qoqt86hyUJzWxhwW6JYgyXgBPPJHrhvVAGQ” “$2a$10$aBy67z2lE8O/OO/Xfnr7ZO6sQCP948cWDM/9Mi fMGR5472nkfqGUW” “小林ノエル”

    ҉߸Խ ϋογϡԽ • σʔλΛಛఆͷ҉߸ݤΛ࢖ͬͯม׵͠ɺਖ਼͍͠ݤ͕ͳ͍ͱݩʹ໭ͤͳ͍Α͏ʹ͢Δॲཧ • σʔλͷػີੑΛอޢ͢ΔͨΊʹ࢖ΘΕΔ • σʔλΛҰํ޲ͷݻఆ௕ͷ஋ʹม׵͢Δ͜ͱͰɺݩͷσʔλʹ໭ͤͳ͍Α͏ʹ͢Δॲཧ • ओʹσʔλͷ੔߹ੑΛ֬ೝ͢ΔͨΊʹ࢖ΘΕΔ 🔑 ฏจ ҉߸จ ݩσʔλ ϋογϡ஋
  9. ©2024 Bloomo Securities Inc. ͦ΋ͦ΋҉߸Խͱ͸ʁͳͥ҉߸Խ͢Δͷ͔ • ೖޱରࡦɾ಺෦ରࡦɾग़ޱରࡦͷ͏ͪɺ಺෦ରࡦͷ͏ͪͷͭ – ೖޱରࡦ •

    ϑΝΠΞ΢ΥʔϧɾϑΟϧλʔ • ଟཁૉೝূɺ71/ͳͲ – ಺෦ରࡦ • σʔλ҉߸Խ • ϩά؂ࢹ – ग़ޱରࡦ • ௨৴Ͱ͖Δܦ࿏ΛߜΔ • ֎෦σόΠε΁ͷσʔλॻ͖ࠐΈ੍ݶ • Կ͔σʔλ͕ྲྀग़ͨ͠ͱ͖ͷඃ֐Λ཈͑ΔͨΊͷख๏
  10. ©2024 Bloomo Securities Inc. ͦ΋ͦ΋҉߸Խͱ͸r҉߸ԽΛ͢Δࡍʹߟྀ͢΂͖ϙΠϯτ • ҉߸ԽͷΞϧΰϦζϜ – %&4 "&4

    34" &$$ ʜ – ΄ͱΜͲͷ৔߹ϑϨʔϜϫʔΫ΍ϥΠϒϥϦͷσϑΥϧτʢਪ঑ʣͷ΋ͷΛ࢖͑͹0, • ຊ೔ͷ͓࿩ͷείʔϓ֎ • ݤͷ؅ཧํ਑ – ҉߸ݤΛͲ͜ʹ͓͍ͯ୭͕؅ཧ͢Δͷ͔ʁ • ҉߸Խͷ୯Ґ – ͲͷΑ͏ͳ୯ҐͰ҉߸Խ͢Δ͔ • ΞϓϦέʔγϣϯ͢΂ͯΛͭͷݤͰҰׅ҉߸Խ • ͋Δఔ౓·ͱ·ͬͨ୯Ґʢςʔϒϧ͝ͱͱ͔ʣͰ҉߸ݤΛΘ͚Δ • Ϩίʔυ͝ͱʹ҉߸ݤΛΘ͚Δ • ݕࡧੑೳ – ҉߸Խͨ͠σʔλΛ%#ʹೖΕΔͱଟ͘ͷ৔߹Ͱݕࡧ͕Ͱ͖ͳ͘ͳΔ – ඞཁʹԠͯ͡ΞϓϦέʔγϣϯϨΠϠͰݕࡧػೳΛ࣮૷͢Δඞཁ͕͋Δ ݤͷ؅ཧํ਑ ҉߸Խͷ୯Ґ ݕࡧੑೳ
  11. ©2024 Bloomo Securities Inc. "DUJWF3FDPSE&ODSZQUJPOͷ঺հr֓ཁͱ؆୯ͳ࢖͍ํͷ͝঺հ  • 3BJMT "DUJWF3FDPSE ʹ૊Έࠐ·Ε͍ͯΔ҉߸Խػߏ

    – %#ʹอଘ͢Δͱ͖ʹ҉߸Խ͞Εͯอଘ͞ΕΔ – ΞϓϦέʔγϣϯ૚ɿฏจͱͯ͠ѻ͑Δɺ%#૚ɿ҉߸จͱͯ͠อଘ͞ΕΔ $ rails db:encryption:init Add this entry to the credentials of the target environment: active_record_encryption: primary_key: azc7QkZYSg9ll01TjBNpnURUnF42gt1s deterministic_key: U987a4KAnhfA5oAQrLY7pYaTqysIYqqE key_derivation_salt: puoi8lJbvyM4FQErFYJ26BFuE1OJLHtf secret_key_base: hogehogefugafuga…… active_record_encryption: primary_key: azc7QkZYSg9ll01TjBNpnURUnF42gt1s deterministic_key: U987a4KAnhfA5oAQrLY7pYaTqysIYqqE key_derivation_salt: puoi8lJbvyM4FQErFYJ26BFuE1OJLHtf config/credentials.yml.enc にそのままコピペ
  12. ©2024 Bloomo Securities Inc. "DUJWF3FDPSE&ODSZQUJPOͷ঺հr֓ཁͱ؆୯ͳ࢖͍ํͷ͝঺հ  • 3BJMT "DUJWF3FDPSE ʹ૊Έࠐ·Ε͍ͯΔ҉߸Խػߏ

    – %#ʹอଘ͢Δͱ͖ʹ҉߸Խ͞Εͯอଘ͞ΕΔ – ΞϓϦέʔγϣϯ૚ɿฏจͱͯ͠ѻ͑Δɺ%#૚ɿ҉߸จͱͯ͠อଘ͞ΕΔ class PersonalInfo < ApplicationRecord encrypts :first_name encrypts :last_name end
  13. ©2024 Bloomo Securities Inc. "DUJWF3FDPSE&ODSZQUJPOͷ঺հr֓ཁͱ؆୯ͳ࢖͍ํͷ͝঺հ  • ҉߸ݤ͸ଐੑ͝ͱʹจࣈྻ΍ΧελϜΩʔϓϩόΠμΛࢦఆՄೳ class PersonalInfo

    < ApplicationRecord encrypts :first_name, key: "some secret key for personal_info" encrypts :last_name, key_provider: PersonalInfoKeyProvider.new end • ܾఆ࿦త҉߸ԽΛ࢖͑͹ݕࡧ΋Մೳ class PersonalInfo < ApplicationRecord encrypts :first_name, deterministic: true encrypts :last_name, deterministic: true end
  14. ©2024 Bloomo Securities Inc. "DUJWF3FDPSE&ODSZQUJPOͷ঺հrʲ҉߸ԽΛ͢Δࡍʹߟྀ͢΂͖ϙΠϯτʳʹরΒ͠߹ΘͤΔͱ • ݤͷ؅ཧํ਑ – config/credentials.yml.enc ʹهࡌ

    – ΧελϜΩʔϓϩόΠμΛ࢖͑͹ϓϩάϥϜతʹऔಘՄೳʢྫɿ,.4 4FDSFU.BOBHFS ౳ʣ • ҉߸Խͷ୯Ґ – σϑΥϧτͰ͸୯ҰͷݤͰ͢΂ͯͷର৅σʔλΛ҉߸Խ – ΧελϜΩʔϓϩόΠμΛ࢖͑͹ɺΫϥεʢςʔϒϧʣ͝ͱʹ෼͚Δ͜ͱ΋Մೳ • ݕࡧੑೳ – σϑΥϧτͰ͸ඇܾఆ࿦త҉߸ԽʢݕࡧෆՄೳʣ – ܾఆ࿦త҉߸ԽϞʔυʹ͢Ε͹ݕࡧՄೳ ݤͷ؅ཧํ਑ ҉߸Խͷ୯Ґ ݕࡧੑೳ
  15. ©2024 Bloomo Securities Inc. "DUJWF3FDPSE&ODSZQUJPOͰ͸࣮ݱͮ͠Β͍ཁ݅rۚ༥ػؔΛྫʹ • ݤͷ؅ཧํ਑ – ਓ͕ؒ؅ཧͨ͘͠ͳ͍ –

    ʢ͜͜͸"DUJWF3FDPSE&ODSZQUJPOͰ΋࣮ݱͰ͖Δʣ • ҉߸Խͷ୯Ґ – ձࣾͦͷ΋ͷͷੑ࣭ˍѻ͏σʔλͷॏཁੑ͔ΒɺϨίʔυ͝ͱʹҟͳΔ҉߸ݤΛ࢖͍͍ͨ • ݸਓ৘ใ • ϚΠφϯόʔʢҰ࣌తʣ • ຊਓ֬ೝॻྨը૾ʢ໔ڐূͳͲʣ • ʢΫϨδοτΧʔυ൪߸ʣ • ݕࡧੑೳ – ͓٬༷͔Βͷ໰͍߹Θ͕ͤ͋ͬͨͱ͖ʹɺຊਓ֬ೝͷͨΊʹҰఆ߲໨Ͱͷݕࡧ͸ඞཁ • ໊લͱੜ೥݄೔ • ॅॴ ݤͷ؅ཧํ਑ ҉߸Խͷ୯Ґ ݕࡧੑೳ
  16. ©2024 Bloomo Securities Inc. ֤छ҉߸Խख๏͝঺հrattr_encryptedͱlockbox • 3BJMT✕҉߸ԽͰ͸Ұ൪ྺ࢙͕ݹ͍ – "DUJWF3FDPSE&ODSZQUJPOҎલ͔Β͋Δ –

    'JSTUSFMFBTF • ଟ͘ͷࢀߟจݙ͕͋Δ • খྛࣗ਎͕ੲ͔Β࢖ͬͯͨܦݧ͕͋Δ • attr_encrypted ͷݱ୅൛తͳҐஔ͚ͮ • ࢖͍ํ͸"DUJWF3FDPSE&ODSZQUJPO΍attr_encryptedͱ͍͍ͩͨಉ͡ • "DUJWF3FDPSE&ODSZQUJPOΑΓগ͚ͩ͠લʹॳظϦϦʔε – "DUJWF3FDPSE&ODSZQUJPO 3BJMT  – lockboxGJSTUSFMFBTF attr_enctypted lockbox
  17. ©2024 Bloomo Securities Inc.  attr_encryptedΛ࢖࣮ͬͨ૷ྫr҉߸ݤͷ؅ཧํ਑ͷΦϓγϣϯ  ؀ڥม਺ʹฏจͷ҉߸ݤΛஔ͘ – Ұ൪γϯϓϧͰ؆୯͕ͩ੬ऑ

     4FDSFU.BOBHFSͳͲΞϓϦέʔγϣϯαʔόͷ֎ʹฏจͷ҉߸ݤΛஔ͘ – 👆ΑΓ͸҆શ͕ͩґવͱͯ͠ਓ͕ؒ؅ཧ͢Δඞཁ͕͋Δ  3BJMTͷ&ODZQUFE$SFEFOUJBMTΛ࢖͏ – credentials.yml.encΛෳ߹͢Δݤʢmaster.keyʣΛͲ͏͢Δ͔ͱ͍͏໰୊͸ݦࡏ – ΍ͬͺΓਓ͕ؒ؅ཧ͢Δඞཁ͕͋Δ  ,FZ.BOBHFNFOU4FSJWDFΛ͔ͭ͏ – "84 ($1 "[VSFͳͲɺΫϥ΢υϓϩόΠμͳΒجຊతʹ͸ఏڙͯ͠Δ
  18. ©2024 Bloomo Securities Inc.  attr_encryptedΛ࢖࣮ͬͨ૷ྫr,FZ.BOBHFNFOU4FSWJDFͱ͸ʢ"84Λྫʹʣ • $VTUPNFS.BTUFS,FZʢ$.,ʣΛࢦఆͯ͠ɺEBUBLFZʢ৽͍͠҉߸ݤʣΛཁٻ͢Δ – "

    • ҎԼͷ΋ͷ͕,.4͔Βฦͬͯ͘Δ – "ฏจͷ҉߸ݤ – #"͕҉߸Խ͞Εͨ΋ͷ • ҉߸Խɿ"Ͱ҉߸Խͯ͠ɺͦΕ͸ফڈɻ#Λ%#ͳͲʹอଘ͓ͯ͘͠ɻ • ෮߸Խɿ#Λ,.4ʹ౤͚͛ͭΔͱ෮߸Խͯ͠ฦͯ͘͠ΕΔʢ"ΛಘΒΕΔʣͷͰɺσʔλຊମ Λ"Ͱ෮߸Խ͢Δ CMK has_many :data_keys
  19. ©2024 Bloomo Securities Inc.  attr_encryptedΛ࢖࣮ͬͨ૷ྫr,.4Λ࢖ͬͨϨίʔυ͝ͱͷ҉߸Խ࣮૷ྫ   ,.4͔Βऔಘͨ͠ʲ҉߸Խ͞Εͨ҉߸ݤ #

    ʳΛอଘ͢ΔͨΊͷΧϥϜ encrypted_data_keyΛ҉߸Խର৅Ϋϥεʢςʔϒϧʣʹ௥Ճ  ԼهͷΑ͏ͳϝιουΛ΋ͭmoduleΛఆٛ module KmsKey def data_key kms_client = Aws::KMS::Client.new(region: aws_region) if self.encrypted_data_key kms_client.decrypt(ciphertext_blob: self.encrypted_data_key) else resp = kms_client.generate_data_key( key_id: Rails.application.config.x.common['kms_cmk_id’], key_spec: 'AES_256’, ) self.encrypted_data_key = resp.ciphertext_blob resp.plaintext end end
  20. ©2024 Bloomo Securities Inc.  attr_encryptedΛ࢖࣮ͬͨ૷ྫr,.4Λ࢖ͬͨϨίʔυ͝ͱͷ҉߸Խ࣮૷ྫ   ҉߸Խର৅ϑΟʔϧυΛఆٛ class

    PersonalInfo < ApplicationRecord include KmsKey attr_encrypted :first_name, key: :data_key, algorithm: 'aes-256-gcm’ attr_encrypted :last_name, key: :data_key, algorithm: 'aes-256-gcm'
  21. ©2024 Bloomo Securities Inc.  attr_encryptedΛ࢖࣮ͬͨ૷ྫr,.4Λ࢖ͬͨϨίʔυ͝ͱͷ҉߸Խ࣮૷ྫ   Ϩίʔυ͝ͱʹ҉߸ݤΛม͑ͭͭɺಁաతʹѻ͑ΔΑ͏ʹͳΔ personal_info.first_name

    = ”ϊΤϧ” personal_info.last_name = “খྛ” personal_info.save! personal_info = PersonalInfo.find(1) puts personal_info.first_name # => “ϊΤϧ” puts personal_info.last_name # => “খྛ”
  22. ©2024 Bloomo Securities Inc.  attr_encryptedΛ࢖࣮ͬͨ૷ྫrΞοϓϩʔυը૾ͷ҉߸Խ class IdDocumentImage < ApplicationRecord

    include KmsKey mount_uploader :uploader, IdDocumentImageUploader before_save :encrypt_file! def encrypt_file! iv = Cipher.generate_iv self.uploader_iv = Base64.strict_encode64(iv) cipher = Cipher.new(key: data_key, cipher_iv: iv) resp = cipher.encrypt(value: uploader.file.read) File.binwrite(uploader.file.path, resp) end • DBSSJFSXBWFΛྫʹ͝঺հ • Ϩίʔυ͝ͱʹ҉߸ݤΛม͑ͭͭɺΞοϓϩʔυը૾ͦͷ΋ͷ΋҉߸Խͯ͠อଘ
  23. ©2024 Bloomo Securities Inc. ҉߸Խͭͭ͠ݕࡧՄೳʹ͢Δํ๏ͷ঺հr҉߸Խͭͭ͠ݕࡧՄೳʹ͢ΔΦϓγϣϯ  ܾఆ࿦త҉߸ԽΛ࢖͏ – "DUJWF3FDPSE&ODSZQUJPO͕࠾༻͍ͯ͠Δํ਑ –

    ಉ͡҉߸ԽݤͰ҉߸Խ͍ͯ͠Δσʔλ܊ʹରͯ͠͸Մೳͳख๏  &MBTUJD4FBSDIͳͲͷݕࡧϞδϡʔϧΛ༻ҙ͠ɺͦ͜ʹฏจͷσʔλΛ֨ೲ͢Δ – &MBTUJD4FBSDI͸ΞϓϦέʔγϣϯαʔό͔ΒͷΈΞΫηεՄೳͰɺܦ࿏΍ྖҬ͸҆શͱ ͍͏લఏ  ݕࡧ࣌͸ΞϓϦέʔγϣϯαʔό಺ͰҰׅෳ߹ͯ͠ɺίʔυ্Ͱݕࡧ͢Δ – PersonalInfo.all.eachΈ͍ͨʹ͢ΔΠϝʔδ  ݕࡧ༻ʹର৅ϑΟʔϧυʢࢯ໊ɺॅॴͳͲʣͷϋογϡ஋Λผςʔϒϧʹอଘ͢Δ – ׬શҰகͷݕࡧͷΈՄೳ
  24. ©2024 Bloomo Securities Inc. ҉߸Խͭͭ͠ݕࡧՄೳʹ͢Δํ๏ͷ঺հr҉߸Խର৅σʔλΛอଘͭͭ͠ݕࡧ༻)BTIΛ࡞੒͢Δྫ  class PersonalInfoHash < ApplicationRecord

    belongs_to :personal_info end class PersonalInfo < ApplicationRecord include KmsKey …… has_many :personal_info_hashes • PersonalInfoHashϞσϧʢςʔϒϧʣΛఆٛ – key: string – value: string
  25. ©2024 Bloomo Securities Inc. ҉߸Խͭͭ͠ݕࡧՄೳʹ͢Δํ๏ͷ঺հr҉߸Խର৅σʔλΛอଘͭͭ͠ݕࡧ༻)BTIΛ࡞੒͢Δྫ  class PersonalInfo < ApplicationRecord

    after_save :save_hashes def save_hashes save_name_hash save_tel_hash ... end def save_name_hash raw_value = last_name + first_name pi_hash = personal_info_hashes.find_or_initialize_by(key: 'last_name_and_first_name’) pi_hash.value = BCrypt::Engine.hash_secret(raw_value, ENV['HASH_SALT’]) pi_hash.save! end • after_save ͱ͔ͰPersonalInfo ͷϨίʔυͱҰॹʹ࡞Δ • ҉߸ֶత)BTIؔ਺͸ͱΓ͋͑ͣBcrypt࢖͓͚ͬͯ͹ྑͦ͞͏
  26. ©2024 Bloomo Securities Inc. ҉߸Խͭͭ͠ݕࡧՄೳʹ͢Δํ๏ͷ঺հr҉߸Խର৅σʔλΛอଘͭͭ͠ݕࡧ༻)BTIΛ࡞੒͢Δྫ  hash_value = BCrypt::Engine.hash_secret(searching_value, ENV['HASH_SALT’])

    personal_infos = PersonalInfoHash .where(key: 'last_name_and_first_name', hash_value: hash_value) .map(&:personal_info) • ݕࡧ͢Δͱ͖͸ݕࡧϫʔυͷϋογϡ஋Λܭࢉͯ͠ݕࡧ
  27. ©2024 Bloomo Securities Inc. ·ͱΊ Ұׅ҉߸Խ ςʔϒϧ͝ͱʹ҉߸Խ Ϩίʔυ͝ͱʹ҉߸Խ ؀ڥม਺ 4FDSFU.BOBHFS

    DSFEFOUJMBTZNMFOD ,.4 ܾఆ࿦త҉߸ԽʹΑΔݕࡧ &MBTUJD4FBSDI ۪௚ݕࡧ ϋογϡԽʹΑΔݕࡧ "DUJWF3FDPSE&ODSZQUJPO attr_encrypted lockbox ॳظϦϦʔε 3BJMT    ఏڙݩ CVJMUJO HFN HFN σϑΥϧτͷ࢖͍ํ ΧελϚΠζ͢Ε͹Ͱ͖Δ • ࠓճ͝঺հͨ͠ํ๏Λಛੑ͝ͱʹ·ͱΊ·͢ ҉߸Խͷ ୯Ґ ҉߸ݤͷ ؅ཧ ݕࡧख๏
  28. ©2024 Bloomo Securities Inc. ·ͱΊr"DUJWF3FDPSE&ODSZQUJPO Ұׅ҉߸Խ ςʔϒϧ͝ͱʹ҉߸Խ Ϩίʔυ͝ͱʹ҉߸Խ ؀ڥม਺ 4FDSFU.BOBHFS

    DSFEFOUJMBTZNMFOD ,.4 ܾఆ࿦త҉߸ԽʹΑΔݕࡧ &MBTUJD4FBSDI ۪௚ݕࡧ ϋογϡԽʹΑΔݕࡧ "DUJWF3FDPSE&ODSZQUJPO attr_encrypted lockbox ॳظϦϦʔε 3BJMT    ఏڙݩ CVJMUJO HFN HFN σϑΥϧτͷ࢖͍ํ ΧελϚΠζ͢Ε͹Ͱ͖Δ • େ఍ͷཁ݅͸ຬͨͤΔ • ಋೖͷෑډ΋௿͍ – config.active_record.encryption.support_unencrypted_data = true ҉߸Խͷ ୯Ґ ҉߸ݤͷ ؅ཧ ݕࡧख๏
  29. ©2024 Bloomo Securities Inc. ·ͱΊrBUUS@FODSZQUFEMPDLCPY Ұׅ҉߸Խ ςʔϒϧ͝ͱʹ҉߸Խ Ϩίʔυ͝ͱʹ҉߸Խ ܾఆ࿦త҉߸ԽʹΑΔݕࡧ &MBTUJD4FBSDI

    ۪௚ݕࡧ ϋογϡԽʹΑΔݕࡧ "DUJWF3FDPSE&ODSZQUJPO attr_encrypted lockbox ॳظϦϦʔε 3BJMT    ఏڙݩ CVJMUJO HFN HFN σϑΥϧτͷ࢖͍ํ ΧελϚΠζ͢Ε͹Ͱ͖Δ • "DUJWF3FDPSE&ODSZQUJPOͰཁ͕݅ຬͨͤͳ͍৔߹ʢϨίʔυ͝ͱ҉߸ԽͳͲʣʹݕ౼ • ,.4ར༻ kms_encrypted ɺϋογϡԽݕࡧ blind_index ͸ผͷgem͕͋Δ • ৽نҊ݅ͳΒlockboxɺطଘίʔυΛ࢖͍·Θ͍ͨ͠৔߹͸attr_encrypted ҉߸Խͷ ୯Ґ ҉߸ݤͷ ؅ཧ ݕࡧख๏ ؀ڥม਺ 4FDSFU.BOBHFS DSFEFOUJMBTZNMFOD ,.4