mirror of
https://github.com/kuhyx/WUT_Computer_Science.git
synced 2026-07-04 11:43:02 +02:00
feat: final documentation
This commit is contained in:
parent
e2e4e21484
commit
d060e8285a
BIN
docs/final_documentation/images/threat_model.png
Normal file
BIN
docs/final_documentation/images/threat_model.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 238 KiB |
Binary file not shown.
@ -37,6 +37,8 @@ We implemented two caches
|
||||
pull all the data from the ai recommendation every time it wants to notify
|
||||
the users about new movies to recommend
|
||||
\end{enumerate}
|
||||
\paragraph{Database}
|
||||
We use postgresql database to contain data about users, movies and user ratings
|
||||
|
||||
|
||||
\begin{figure}[H]
|
||||
@ -47,8 +49,31 @@ We implemented two caches
|
||||
|
||||
|
||||
\section{Automated Infrastructure Management solution}
|
||||
We use \textbf{Dockerfiles}
|
||||
for each microservice, webinterface and database which
|
||||
later get combined in docker compose file, after each commit on
|
||||
\textbf{GitHub} main repository docker compose gets automatically run
|
||||
on \textbf{Google Cloud} platform and deployed
|
||||
\section{Federated authorization and authentication management in the project}
|
||||
We use industry standard \textbf{OAuth} protocol in our webinterface,
|
||||
user creates their account and logs in, we use user token to
|
||||
authorize their access on backend to their ratings and
|
||||
recommendations. We use \textbf{firebase} services to manage OAuth protocol.
|
||||
\section{Threat model with mitigations}
|
||||
Our single most important asset are user likes for specific movies \\
|
||||
We expect either bots or human agents trying to access those likes for a specific users or to modify user ratings to improve or decrease certain movies ratings \\
|
||||
To mitigate that we use:
|
||||
\begin{enumerate}
|
||||
\item Certificates on our frontend, which encrypt data transmitted between website and user
|
||||
\item OAuth which is used to authenticate user and lower amount of bots accessing our Infrastructure
|
||||
\item TLS encryption between our microservices so that even our inside communication is encrypted
|
||||
\item Google cloud default security policies allowing us to monitor odd and potentially harmfull behaviours
|
||||
\end{enumerate}
|
||||
\begin{figure}[H]
|
||||
\caption{Threat model}
|
||||
\centering
|
||||
\includegraphics[width=\textwidth]{images/threat_model.png}
|
||||
\end{figure}
|
||||
|
||||
|
||||
\end{document}
|
||||
Loading…
Reference in New Issue
Block a user