No description
Find a file
2022-02-03 10:38:20 +01:00
docs/uml first commit 2022-02-03 10:38:20 +01:00
README.md first commit 2022-02-03 10:38:20 +01:00

Backup

Personal backup application

Threat Model

Objectives

  • Data is securely encrypted at rest and cannot be extracted without the repository private key
  • Data can be verified to come from any specific device
  • Without the encryption key it should be possible to make a safe guess as to what data is no longer in use.
  • Access to the repository private key requires hardware-backed multi-factor access
  • An attacker with write-access to the storage backend should not be able to modify or forge data in an unnoticeable manner
  • The backup clients cannot cause harm to the already backed-up data.

Out of scope

  • The owner gives an attacker both the hardware key and the password to it
  • The backup server host is compromised
  • An attacker with write-access to the storage backends deleting or otherwise destroying the data contained within.
  • An attacker with write-access to the backed up device can modify the data that is backed up

Diagrams

Creating a repository

UML Diagram of repository creation