We have talked about security-related topics for three issues, involving security audit and insight, source code security detection, data backup and recovery, and today we will talk about access control and data trust .
In the virtual world of the Internet, countless people interact and communicate in it, creating massive amounts of data and information. In this world, there are naturally malicious users with ulterior motives, hoping to gain benefits through information. Therefore, service providers typically implement a series of access control measures to enforce isolation of untrusted visitors.
So what is access control ?
Access control is to control resource access requests based on authorization, prevent unauthorized access, and avoid unauthorized use, disclosure, destruction and tampering.
After preventing and controlling access rights, enterprises also need to be concerned about the security of the data itself, including the reliability of data submission, the compliance and quality of submission, and avoid risks warehousing and affecting online security.
The link is aimed at data credibility. Cloud Effect Codeup provides code GPG signature, rejects unsigned submissions; supports code owner verification, and restricts the owner of submission records.
In terms of quality control, Cloud Effect Codeup refines the control of read and write permissions, supports the code submission card point mechanism, and ensures the quality of submission.
Next, let's take a look at how these security protection functions of Cloud Codeup are used.
Access Control - IP Whitelisting
Access control is to prevent danger from entering. Codeup supports restrictions on the access IP of the warehouse, including page access restrictions and deployment key access restrictions.
- Page access restrictions: including all codeup page access, deployment key access, code cloning, downloading, submitting, merging and other behaviors are consistently restricted;
- Deployment key access: The risk scenario of deployment keys being stolen due to poor personnel management is fully considered, and IPs outside the whitelist are prohibited from using deployment keys to access the enterprise code base to strengthen the security of the code base;
Access control - code does not drop
Modern enterprises often need to hire outsourcing teams to support development work. However, due to the strong liquidity of outsourcing and relatively weak standardization, enterprises usually hope to restrict the download rights of some personnel to the code, but how can the development work be carried out without downloading the code? Cloud Effect Codeup provides a solution for such scenarios.
If the code is not placed on the disk, the data will not be placed on the local disk, ensuring that the code is not accidentally or maliciously taken away and leaked. It supports setting which roles are allowed to download the code to the local, and developers who cannot download the code are allowed to use the cloud WebIDE for development work.
Trusted data - GPG signature
GPG signatures prevent forgery submissions. Git, while cryptographically secure, is not foolproof. When the user's password is leaked, or someone wants to maliciously forge other people's submissions, it is possible to impersonate a trusted person and submit malicious code to your code repository. You can use GPG to sign your commits or tags locally, and Codeup will verify these signatures to ensure that the commits or tags are from a trusted source.
Trusted data - submit owner check
Before we start using git for version management, we all know that we need to do user configuration first.
git config --global user.name "your name"
git config --global user.email "your email"
Maybe you use it every day, but do you know the difference between the author (Author) and the committer (Committer) of the commit record?
Git itself allows rewriting history, or committing code on behalf of others. Usually, when we use git log to view the historical submission records, the author is displayed. We often use Author as the attribution basis for code statistics. From this point of view, the author is directly linked to the code contributors. Therefore, in scenarios such as statistical code contribution, it is necessary to standardize the correspondence between the owner of the submitted code and the currently logged-in user on the server.
When executing git commit, you can specify who the contributor of this commit record is by --author. There are also such examples in the open source community. Although I have not used your code, I have used your creativity and still use you as the author to show respect for the originality.
So simply understand that the Author is the first author, and the Committer is the one who generates the Commit. Codeup supports checking the currently logged-in user's verified cloud effect master email for Author and Committer. If the email information does not match, you can warn or prohibit its push to ensure the accuracy of the code contribution owner and avoid unmatched users. Contribution calculation distortion.
Data Security - Submission Permission Restrictions
For enterprises, submitting to a remote repository is usually a serious process. In order to standardize the submission format and restrict permissions, Codeup supports the setting of submission rules at the enterprise and warehouse levels.
First of all, on the submission and push rules, support:
- Commit comment check: Commit Message must be described in the specified regular format, and push is allowed only when it matches;
- Submit email check: The email information of the submitter (Committer) needs to match the regular expression to allow push;
- Force push is prohibited;
- Code owner check: Based on whether the author and submitter mailboxes in the submission match with the primary mailbox bound by the user on the cloud effect side for verification, two security levels of warning and push prohibition can be set;
In addition, on the control of commit permissions, support is set by protecting the branch:
- Pushing rules: You can choose which roles are allowed to push code directly, and you can control that users are not allowed to directly submit protected branches, but must be merged and submitted after automatic testing and manual review of merge requests to ensure that the content of the merged important branches are all trusted and secure;
- Merge rules: which roles can be set to have permission to merge codes;
In the most stringent data security scenarios, if each submission is required to undergo automatic inspection and manual review, it can be set that no one is allowed to submit code directly, and all submissions must be merged after passing the merge request review.
However, this situation may generate a lot of temporary development branches, which are not easy to manage. Don’t worry, Cloud Effect Codeup has complete support for the trunk-based R&D model, based on the innovative Agit-Flow (Alibaba’s centralized Git workflow ) without creating a new branch, making creating code reviews as easy as executing a git push command. Isn't it cool that developers don't need to switch tools and shorten the code review creation process that took minutes to complete to a few seconds?
more capabilities
In addition to the above rich security features, there are more practical security capabilities waiting for you to discover, such as:
- Support DingTalk integrated and unified member permission security management, such as DingTalk organization member synchronization, automatic clearing of cloud effect side permissions after DingTalk organization members leave, etc.;
- Enterprise-level code encryption will be released soon to ensure that the storage layer code data is highly encrypted. In the case of unauthorized keys, the stored content cannot be deciphered by anyone, including cloud service providers, to strengthen the security of user data storage;
This article is original content of Alibaba Cloud and may not be reproduced without permission.