System Design Flashcards
When designing for security what are the main vulnerabilities you need to look out for?
1) Broken Access (AuthN and AuthZ). You need to be aware of how to authenticate and authorize users and make sure you dont have gaps.
2) Cryptographic Failures. Your calls need to be encrypted, data needs to be encrypted etc.
3) Injection. - Your APIs and methods need to avoid SQL injection or query injection.
4) Insecure Design -
5) Outdated Components.
When designing for security, how would you summarize Broken Access Control with some examples?
Access control enforces policy such that users cannot act outside of their intended permissions.
This includes a host of things like violating principle of least privilege, Bypassing access by modifying URLs, Missing Access controls on APIs, metadata manipulation (cookie or hidden field), CORS misconfiguration etc..
fix this with deny by default, implement access control mechanisms, log access control failures and alert, rate limit APIs, session identifiers should be invalidated. Include testing!
When designing for security, how would you summarize Cryptographic failures with some examples?
This is encryption of data in transit and at rest. Thinking of data requirements of GDPR (General Data Protection Regulation or PCI (Payment Card Idustry Data Security Standards).
Check if data being transmitted on HTTP, SMTP, FTP is encrypted, even internal between loadbalancers etc. Are crypto keys up to date, not deprecated like MD5, not default, not user generated etc…
Make sure data is classified, dont store sensitive data unnecessarily, encrypt at rest,
When designing for security, how would you summarize injection with examples?
An application is vulnerable to attack when:
User-supplied data is not validated, filtered, or sanitized by the application. Dynamic queries or non-parameterized calls without context-aware escaping are used directly in the interpreter. Hostile data is used within object-relational mapping (ORM) search parameters to extract additional, sensitive records. Hostile data is directly used or concatenated. The SQL or command contains the structure and malicious data in dynamic queries, commands, or stored procedures.
Some of the more common injections are SQL, NoSQL, OS command, Object Relational Mapping (ORM), LDAP, and Expression Language (EL) or Object Graph Navigation Library (OGNL) injection.
You should use Safe APIs, server side input validation, escape special characters, use LIMIT in sql queries.