01. talk about what
Concerned about "a small ape stresses" are aware, we have shared before application architecture, application monitoring, logging and imputation programmer daily inner Jiu Jiu those small, almost as small talk, topics for a third of an acre.
To be honest, quite amazing, I do not know what each will bring you a surprise.
Today's share was no exception, and you certainly unexpected, and today I share the theme actually is: spear and shield, the shield system how to do it; that were so, that is, " to talk about security architecture model" .
Eat walnuts, sit tight, good help, we started.
02. chat away
Designing an application architecture is certainly not from the security module, left the security module design, the equivalent system in streaking, especially in the financial system.
From the user's perspective. When we open the APP, when you click the buy button, the page will be prompted to purchase the success or failure of purchase. From the user's point of view, functional experience is that simple. Road to SR, simple is beautiful.
Standing on the perspective of the system. Commonplace, we believe that APP is terminal, when the user clicks on the purchase button, will request access layer (also considered a security layer), the access layer will record the user key actors, and then forwards the service request message service system business processes.
As shown above, the APP system is divided into a terminal, access layer, business systems. So the production run is certainly not unusual.
But have not considered, terminal APP sent me a message credibility is low, if a malicious packet tampering occurs how to do?
We can think of for the communication packets using RSA encryption. However, if only the message of RSA encryption, encryption rules all requests are the same, so taking into account the double insurance, it may wish to every request dynamically generated AES Key, first message is to use AES Key generated dynamically perform AES encryption, AES Key is then encrypted using the RSA transport. At this time, the structure as shown in FIG.
At this point there will be a problem if the analog initiated message when sensitive fields (phone number, name, ID, etc.) occurs tampering, will not be mistaken identity, incredible?
Taking into account the previous design, you may wish for sensitive field, then an RSA encryption. At this architecture design really became as follows ( focus on the red part ).
This step, the architecture is certainly a lot more than streaking system, increased security, attacks also increased the threshold.
But clever of you, have found no communications certificate, the sensitive field of the certificate (ie RSA public keys) are preset in the APP service, so if you can design a key management module, which can provide a pull for a certificate, You can also set the certificate expires, off the assembly line and other operations at any time.
So at this time of architecture into what look like? ( Focus on the red part of the change following figure ).
If you follow my train of thought, to this point you will certainly find the following two points:
接入层,需要采用 RSA 解密报文加密的 AES Key;
业务系统,需要采用 RSA 解密报文中的敏感字段;
Then this design, the certificate's private key will cause scattered and not easy to manage. However, as shown above, as with the key management system, you may wish to decrypt action, to have a unified key management systems.
As a result, the access layer, business systems do not need to care about things related to key, high probability of improving the credibility of between systems.
So this time, it is a framework look like? ( Focus on the red part of the change following figure ).
03. chat Bi
Foot step ahead, system security as spear and shield, spear there is a shield, the shield under the premise of good casting, also advocates we all do have a professional conduct programmers.
Combined with personal understanding and practical application, to which the security architecture model also talk pretty close friends, I do not know you get wise to how much?
Write Message Last: technology does not push the body, learning not to learn than strong, develop the habit of learning, do not stand still.
