We are at the 6th stop from roadmap. I’ll talk about security in this article.
Strategic level
The first step is to pick a reliable security mechanism.
Up to now there’re only two mechanism: symmetrical encryption and asymmetric encryption.
Symmetrical encryption means that client and server uses the same key to encrypt and decrypt, which implies that you needs to store the key on server.
To an expert in cryptography, designing a password database is wrong in the first step.
If you want to go this way for some reason, don’t use plain text, don’t use fast hashing(MD5, SHA), use slow hashing(Argon2i).
Asymmetric encryption means the client uses a private key to encrypt and server uses its corresponding public key to decrypt.
It is the state-of-the-art method because the server only needs to store the public key, which can be distributed freely on the Internet.
Also, if you just need authentication without encryption, consider public key signature.
Tactical Level
After you have chosen a mechanism, there’re still a few things to be aware in order to protect your server from attacks.
1.Cloud service firewall
Nowadays cloud service providers offer free/paid firewall to increase your security. Different service providers have different ways to do this. Make sure you read related documents.
Whatever the format, the gist is the cloud firewall filters incoming traffic at network level so that it will not be visible to your server.
2.OS firewall
I assume you are using linux severs. There’re some tools to help you, for example iptables or ufw.
The gist is these tools filter incoming traffic at OS level so that it will not be visible to your application.
Also keep your OS updated.
3.Application layer
Now the traffic goes all the way through the cloud/OS firewall and arrives at your application. As a developer you need to consider possible attack scenarios and do something.
Here’re a few things to consider:
- idle socket -> timeout
- arbitrary content -> format parser
- repeated attack -> make message unique like adding a number
- malicious parameter/SQL injection attack -> always sanitize input
- unwanted side effects -> design API properly
The list can go on…