I have a web application implemented using java spring. Each user in the application can store critical information. When the user enters this data, he must be saved. Is there any standard way to store this protected information. I can think of the following places to store this information.
1) In database
2) On Webserver as different files for each user. We can encrypt data in those files using some key.
I prefer for the web server as files for each user. But I have the following questions:
1) Where can we store those files on webserver
2) How can we restrict access to those files?
3) Is there something available in spring to achieve this?
4) What kind of encryption library I can use to achieve this. And where I can store key for each user.
5) How we can sync those files on multiple instances. Is there some standard library for this also?
source
share