How to manage a while-the-server-runs secret using PHP?

I probably need to protect a LAMP based server against being stolen or hijacked by a third party.

My idea is to use hard encryption to encrypt all data records using a master ke开发者_如何学JAVAy, which can't be recovered, if the server shuts down. Thus, the master key can't be stored in the file system.

I'd provide the master key using a secure channel if the server runs.

The server should be able to use it, as long as it continues to run. If the server fails, the key should not be recoverable.

What would be the best solution in this case (shared memory?).

Do you mean you are trying to protect a physical server against theft? If so, I suggest that beyond the operating system's built-in security, the primary mechanism for physical security is not code-based at all, but rather a good old fashioned lock and key. Wonky home-brewed encryption mechanisms are not the answer - security through obscurity is not security.

Please provide more details on the kind of application and what data needs to be protected.

A pretty common way is:

• run a standard linux distribution
• have a root password and/or restrict login to ssh only
• ssh into it when they system is up
• mount the encrypted drives (provide the keyfiles over ssh or something, but only temporarily - delete them afterwars - you can have a script for that that downloads from an external sftp server that you can activate/deactive for the process)
• when the server stops (power down etc) the drives get dismounted and the data is safe
• when the server runs there is no way of getting to the data
• additional chassies intrusion can be set up but is not really necessary and can be worked around by by a trained technician that really wants to

edit:

it is theoretically possible - with perfect knowledge of all involved chips and extremly high sensitive equipment to physically hijack into live conductor paths and catch some data. (i once saw a demonstration on ata-33 PATA cables.

the server would have to be put on a mobile power supply and brought into a fully equipped lab for that.

but you can totally avoid that if you have a system level encryption layer. theres no equipment on earth that can do somthing then.