{"id":16271083,"url":"https://github.com/b4rtaz/anti-data-leak-pattern-example","last_synced_at":"2025-10-04T06:30:38.911Z","repository":{"id":38168388,"uuid":"235664730","full_name":"b4rtaz/anti-data-leak-pattern-example","owner":"b4rtaz","description":"Example project of the Anti-Data-Leak Pattern.","archived":false,"fork":false,"pushed_at":"2023-05-07T20:06:22.000Z","size":1140,"stargazers_count":4,"open_issues_count":9,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-12T21:33:30.305Z","etag":null,"topics":["cryptography-concepts","cryptography-project"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/b4rtaz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-22T20:53:43.000Z","updated_at":"2024-06-06T01:57:29.000Z","dependencies_parsed_at":"2024-10-27T21:53:46.757Z","dependency_job_id":null,"html_url":"https://github.com/b4rtaz/anti-data-leak-pattern-example","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b4rtaz%2Fanti-data-leak-pattern-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b4rtaz%2Fanti-data-leak-pattern-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b4rtaz%2Fanti-data-leak-pattern-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b4rtaz%2Fanti-data-leak-pattern-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/b4rtaz","download_url":"https://codeload.github.com/b4rtaz/anti-data-leak-pattern-example/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235222568,"owners_count":18955330,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography-concepts","cryptography-project"],"created_at":"2024-10-10T18:12:22.212Z","updated_at":"2025-10-04T06:30:33.533Z","avatar_url":"https://github.com/b4rtaz.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Anti Data Leak Pattern\n\n\u003cimg src=\"images/anti-data-leak-pattern.png\" width=\"800\" title=\"Anti Data Leak Pattern\"\u003e\n\nThis repository is an example project for the article \"Anti-Data-Leak Pattern for Web Services\".\n\n\u003e (...) Current cloud services look similar; each has a database, which stores every sensitive data in plain text, credit card numbers, PIN codes, or personal ID numbers. To get all of this information, hackers must gain access to the database. Of course, this isn’t easy, but if they achieve it, they have every information that people sent to the service. The next significant weakness of this architecture is that many people can access the infrastructure. Developers, network administrators, back-up team, or cleaning staff, have access to the server. That gives thousands of attack vectors.\n\u003e \n\u003e With the help of asymmetric cryptography, we can prevent many attack vectors, and make the theft of database resistant to data leak. (...)\n\n[πŸ“° Read the full article here](https://b4rtaz.github.io/blog/anti-data-leak-pattern)\n\n**user-client** tested on:\n* πŸ’š Mozilla Firefox (72.0.1)\n* πŸ’š Chrome (79.0.3945.117)\n* πŸ‘Ž Microsoft Edge (44.17763.831.0) ([Edge doesn't support ECDH algorithm](https://diafygi.github.io/webcrypto-examples/)).\n\n## Installation\n\n* Install Apache + MariaDB + PHP 7.3+ (e.g. [XAMPP](https://www.apachefriends.org/index.html)).\n* Install/activate [GMP](https://www.php.net/manual/en/book.gmp.php) extension for PHP.\n\t* For XAMPP you should uncomment the line `;extension=gmp` in `~/xampp/php/php.ini`.\n* Install [Composer](https://getcomposer.org/).\n* Install [NodeJS](https://nodejs.org/en/).\n* Install Angular CLI.\n\t* `npm install -g @angular/cli`\n* Download this repo to `~/htdocs/anti-data-leak-pattern` folder.\n* Create a empty database `anti-data-leak-pattern`.\n* Import the database structure from the file `database.sql`.\n\t* `mysql -u USERNAME -p anti-data-leak-pattern \u003c database.sql`\n* Install **web-service** dependencies.\n\t* `cd web-service`\n\t* `composer install`\n* Set your database user/password in `web-service/settings.php`.\n\n```php\n$settings = [\n # ...\n 'db' =\u003e [\n 'dsn' =\u003e 'mysql:host=localhost;dbname=anti-data-leak-pattern',\n 'username' =\u003e 'USERNAME',\n 'password' =\u003e 'PASSWORD'\n ],\n # ...\n];\n```\n\n* Install **admin-client** dependencies.\n\t* `cd admin-client`\n\t* `composer install`\n* Install **user-client** dependencies and build the client.\n\t* `cd user-client`\n\t* `npm install`\n\t* `npm run ng build`\n\n## Run\n\n\u003cimg src=\"images/user-client-screenshot.png\" width=\"800\" title=\"User Client Screenshot\"\u003e\n\nTo run **user-client** open the web browser and put the address: `https://localhost/anti-data-leak-pattern/user-client/dist/`. \n\n* If you have a certificate error you can ignore it. But remember, on the production you must have a valid SSL certificate!\n\n\u003cimg src=\"images/admin-client-screenshot.png\" width=\"800\" title=\"Admin Client Screenshot\"\u003e\n\nTo run **admin-client** enter:\n\n* `cd admin-client`\n* `php admin-client.php`\n* If you have a certificate error (`SSL certificate problem: self signed certificate`) you can disable SSL verification. Set `verifySSL` to `false` in `admin-console/settings.php`. But remember, on the production you must have a valid SSL certificate!\n\n## License\n\nThis project is released under the MIT license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb4rtaz%2Fanti-data-leak-pattern-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fb4rtaz%2Fanti-data-leak-pattern-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb4rtaz%2Fanti-data-leak-pattern-example/lists"}