I am planning a project that requires the transmission of sensitive data from the client-side to the server-side, and then on to an AWS Simple Storage bucket.
This is my plan:
Using SSL/HTTP(S), the data can be posted securely via a web form, which is then retrieved by a PHP script on my web-server.
Once the data is received by the server, the PHP script will immediately send it to AWS using the AWS SDK for PHP with a directive to encrypt the data on the server-side with AES-256- See AWS Encryption.
The problem is that between steps 1 and 2, the data will not be encrypted because it has to hit my web-server first for processing. I'm thinking of having the script write the data into a text file on the server before sending it to AWS, then immediately deleting the temp file from the server after it is sent. Is there any risk in doing this? Is there a way to send a file-stream, rather than an actual file to an AWS Simple Storage bucket, thus avoiding the need to write a temp file to the server?
Am I overlooking better methods of achieving my original goal of data transmission that is encrypted 100% of the way?
