Crypto Proxy

Introduction

This is a proposal for the 'Crypto Proxy'. It is a server-side component in the Sync Services infrastructure that makes it possible for third party applications to get access to unencrypted sync data.

It tries to solve two problems:

Sharing of Credentials

Sync clients need to use Basic Auth to connect to the Sync Service. This means that a third party application needs to know the user's username and plain text password to be able to access sync data. This is obviously not the right way to do things.

The Crypto Proxy solves this problem by working with a username/access token pair instead of a username/password pair.

The access token is a randomly generated identifier that a third party application can use to access sync data.

These tokens are maintained by the Sync Proxy, which means that the Sync Proxy can also easily deny a specific application or user access through this method.

Sync Key Management

To decrypt records, a Sync Client either needs the Sync Key or the Bulk Key for a specific collection.

Ideally these keys are not shared with third party applications at all because they give you a carte blanche to access sync.

Permissions Management

Because the Sync Proxy is the only way to access sync data for a third party application, it can also implement restrictions like:

• Access from specific IP ranges
• Enforce read-only data or give partial write access
• Enable/disable access based on a username or even a specific application

Operation

Obtaining an Access Token

...

Accessing Sync Data

...