We are looking to integrate Memcached into our infrastructure, but have a security concern before we do. We run several platforms including ASP.NET and Coldfusion and have many app developers working many little applications across the different platforms. The concern is this:
App A places item “dog” into cache.
App B reads item “dog” (or worse: App B updates item “dog”)
After this happens, App A either retrieves bad information, or has already had its information viewed, aka “stolen”. What we would like to do is make it so that each app can only interact with its own sandbox, and may not interfere with or read other application’s data.
Is this possible? Thanks.
Answer
You will simply have to ensure that there are no key collisions by accident. See here. I know that velocity allows you to have named cache regions (not sure if that is the right name or not). This helps alleviate some of the collisions. Aside from that these collisions when intentional are exactly the intent with these cacheing technologies, we just have to accomodate their functionality.
Attribution
Source : Link , Question Author : Community , Answer Author : doug_w
