How can we improve Azure Storage?

Provide a way to encrypt or obfuscate blob names

My application stores a lot of files containing user data, where each blob is named after a corresponding primary-key in a relational database.

Currently my blob storage container is private and all requests for blobs are proxied through my web application.

To reduce server load I would like to expose the blobs directly, however this would mean exposing the raw blob name to end-users, which gives away the unencrypted database primary-key value.

I know I can prevent access to blobs using Shared Access Signatures however I don't need that kind of security - I just want to obfuscate blob names - such as through simple symmetric encryption.

Supposing I have a blob at `/tenants/12/users/456/photos/1563445` then it should be possible to access it using `/VW4uTy7Dtn91TMO4Li5nfi91w693w79Sw4nDvsK/ZnhDJjrDjGguayouw55mwpguZi41w7fDki7CscOsXy4=` (which is a base64-encoded representation of an encrypted version of the original blob name, using a symmetric key and fixed IV).

1 vote
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    DavidDavid shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base