Skip to main content

Security Considerations

Page Outline

Security Considerations

Security is implemented at multiple layers to protect data and ensure compliance.

API Gateway Authentication

  • OIDC JWT Validation: All requests must include valid JWT tokens
  • Tenant Isolation: tenant_id is extracted from JWT claims and verified
  • Role-Based Access: User roles determine which endpoints are accessible
  • Rate Limiting: Per-tenant rate limits prevent abuse

Request Validation

  • Input Sanitization: All user inputs are sanitized to prevent injection attacks
  • Schema Validation: Pydantic models validate request structure and types
  • Size Limits: Request body size limits prevent DoS attacks
  • Parameter Validation: Scenario parameters are validated against allowed values

Governance Token Verification

  • Token Validation: GA tokens are cryptographically signed and verified
  • Expiration Checking: Tokens have expiration times and are rejected when expired
  • Policy Binding: Tokens are bound to specific policies and cannot be reused for different scenarios

Data Protection

  • Encryption at Rest: S3 audit logs are encrypted using server-side encryption
  • Encryption in Transit: All communications use TLS 1.3
  • Sensitive Data Masking: PII and sensitive data are masked in logs
  • Access Logging: All data access is logged for audit purposes

Database Security

  • Connection Pooling: Limited connection pool prevents resource exhaustion
  • Parameterized Queries: All database queries use parameterized statements
  • Row-Level Security: Database enforces tenant isolation at the row level
  • Backup Encryption: Database backups are encrypted before storage

Kafka Security

  • SASL Authentication: Kafka connections use SASL/SCRAM authentication
  • TLS Encryption: All Kafka traffic is encrypted in transit
  • Topic ACLs: Access control lists restrict which services can produce/consume
  • Message Encryption: Sensitive message payloads are encrypted before publishing