feat: final documentation

This commit is contained in:
Krzysztof Rudnicki 2024-06-18 16:21:02 +02:00
parent e2e4e21484
commit d060e8285a
3 changed files with 25 additions and 0 deletions

Binary file not shown.

After

Width:  |  Height:  |  Size: 238 KiB

Binary file not shown.

View File

@ -37,6 +37,8 @@ We implemented two caches
pull all the data from the ai recommendation every time it wants to notify
the users about new movies to recommend
\end{enumerate}
\paragraph{Database}
We use postgresql database to contain data about users, movies and user ratings
\begin{figure}[H]
@ -47,8 +49,31 @@ We implemented two caches
\section{Automated Infrastructure Management solution}
We use \textbf{Dockerfiles}
for each microservice, webinterface and database which
later get combined in docker compose file, after each commit on
\textbf{GitHub} main repository docker compose gets automatically run
on \textbf{Google Cloud} platform and deployed
\section{Federated authorization and authentication management in the project}
We use industry standard \textbf{OAuth} protocol in our webinterface,
user creates their account and logs in, we use user token to
authorize their access on backend to their ratings and
recommendations. We use \textbf{firebase} services to manage OAuth protocol.
\section{Threat model with mitigations}
Our single most important asset are user likes for specific movies \\
We expect either bots or human agents trying to access those likes for a specific users or to modify user ratings to improve or decrease certain movies ratings \\
To mitigate that we use:
\begin{enumerate}
\item Certificates on our frontend, which encrypt data transmitted between website and user
\item OAuth which is used to authenticate user and lower amount of bots accessing our Infrastructure
\item TLS encryption between our microservices so that even our inside communication is encrypted
\item Google cloud default security policies allowing us to monitor odd and potentially harmfull behaviours
\end{enumerate}
\begin{figure}[H]
\caption{Threat model}
\centering
\includegraphics[width=\textwidth]{images/threat_model.png}
\end{figure}
\end{document}