Skip to main content

Security Goals

Purpose

The purpose of this document is to outline security goals for the entire system

Goals

There are multiple goals that need to be met to provide users with the most secure platform as possible. We will be defending against many common attacks such as:

  • Session hijacking and forging
  • Database leaks
  • Attackers gain knowledge of the internal system
  • Attackers gaining access to the internal system and stealing data

End to End Encryption

All data must be encrypted with some sort of encryption while in transport. The microservices must only accept data from HTTP sources and data that is going from the microservice to the database must be encrypted with TLS. Data that is at rest or not in use will be encrypted. Messages from one microservice to another will also be encrypted with TLS.

Verifiable Data

Certain data should be signed by the user so other users can verify it was them. Some examples include messages, files, commits, ect.

Authentic Microservices

We should be able to verify microservices before they start that it was signed by a trusted user. Moreover, users should be able to see who has signed the microservice. This problem can be solved by using PGP keys. See the infrastructure chapter for more information on how it is set up

Cryptic but Useful Errors

Having general errors displayed to the user allows for people to see what went wrong and prevents bad actors from gaining inside knowledge about the system. For example, if a resource can not be found we would not display:

 

Back to top