You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm considering to refactor the architecture of a monolith desktop application into a new one, splitting the solution into multiple processes: the UI, a backend service and multiple workers, which will together perform a time-consuming operation.
Some of these workers will need to run with elevation privileges (in fact this is one of the reason for changing the architecture).
Additionally, sensitive information might be transmitted between all these processes (e.g.: user credentials, keys derived from user-provided password, etc.). Therefore, inter-process info needs to be encrypted. However, since all the processes will run on the same machine, I would not like to install any SSL certificates on the machine, since that could be exposed for attackers.
Can Akka.NET be used for this new architecture? I would implement Actors on all processes, and I believe Akka.Remote can take care of inter-process messaging, but I'm still unsure about the security mechanism.
Docs mention TLS, but the installation of a certificate is mandatory. Is it possible to tune that configuration? Maybe someway of generating the RSA key-pair randomly on demand, and sending the public key to the processes (and keeping the private key in-memory on the backend service; maybe use an expiration time for it, etc).
Are there other ways, or settings, to implement inter-process actor messaging security like mentioned above?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I'm considering to refactor the architecture of a monolith desktop application into a new one, splitting the solution into multiple processes: the UI, a backend service and multiple workers, which will together perform a time-consuming operation.
Some of these workers will need to run with elevation privileges (in fact this is one of the reason for changing the architecture).
Additionally, sensitive information might be transmitted between all these processes (e.g.: user credentials, keys derived from user-provided password, etc.). Therefore, inter-process info needs to be encrypted. However, since all the processes will run on the same machine, I would not like to install any SSL certificates on the machine, since that could be exposed for attackers.
Can Akka.NET be used for this new architecture? I would implement Actors on all processes, and I believe Akka.Remote can take care of inter-process messaging, but I'm still unsure about the security mechanism.
Docs mention TLS, but the installation of a certificate is mandatory. Is it possible to tune that configuration? Maybe someway of generating the RSA key-pair randomly on demand, and sending the public key to the processes (and keeping the private key in-memory on the backend service; maybe use an expiration time for it, etc).
Are there other ways, or settings, to implement inter-process actor messaging security like mentioned above?
Thanks in advance!
Beta Was this translation helpful? Give feedback.
All reactions