Secure Cloud AppBuild and host cloud system with highly-sensitive data for a start-up.Full blog is here.
Solution Overview
IntroductionObjective was to deliver service-oriented architecture foronline system to store and to search through a highl...
Challenges and DecisionsTechnology selection: Microsoft stack primarily due tohigher productivity using well-supported sof...
Software ArchitectureFront-End: Html 5 and JavaScript over Https withemphasis on streamlined and lean user-interfaces with...
Security ArchitectureFront-End: User authentication at first using Verisign OpenId,and later switched to Username/Password...
Hosting ArchitectureFront-End: Windows Azure Web Role with two instances for load-balancing and fault tolerance purposes. ...
Upcoming SlideShare
Loading in …5
×

Secure Cloud App

396 views
367 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
396
On SlideShare
0
From Embeds
0
Number of Embeds
17
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Secure Cloud App

  1. 1. Secure Cloud AppBuild and host cloud system with highly-sensitive data for a start-up.Full blog is here.
  2. 2. Solution Overview
  3. 3. IntroductionObjective was to deliver service-oriented architecture foronline system to store and to search through a highlysensitive data using budget effective approach.Captivated by the benefits of cloud computing decided totake a plunge into the new world.Objectives: high-security of the data at all time, ability tomove around cloud providers and the world, minimaldowntime due to outage, disaster or even court shutdownorder.
  4. 4. Challenges and DecisionsTechnology selection: Microsoft stack primarily due tohigher productivity using well-supported software/tools andamount of information available from community.Cloud Provider Selection: Azure, Amazon, Rackspace,and etc.- decided to try few of the above, with objective tobe able to move between cloud providers and sharedhosting providers with no source code changes.Multi-Level Security: username/password forauthentication, end-user identity token through all layers ofapplication, data-in-transit encryption, data at restencryption, backup encryption.
  5. 5. Software ArchitectureFront-End: Html 5 and JavaScript over Https withemphasis on streamlined and lean user-interfaces with fastresponse whether on Desktop, on Internet Tables, or onSmartPhone.Web Server - IIS 7.5 the latest available as of time ofdevelopment. Coding - C# MVC3 with Razor syntax as thelatest flavour for web application development.Service Layer: WCF over Https on IIS7.5. EntityFramework with C# POCO objects for WCF serialization inN-tier environment. Connection to the Db TCP/IP over SslBack-End: Sql Server 2008 R2 Enterprise Edition withTransparent Data Encryption for data protection at rest.
  6. 6. Security ArchitectureFront-End: User authentication at first using Verisign OpenId,and later switched to Username/Password with passwordhashed and stored in Sql Server - users did not like theintermediate step during sign-in. All traffic is over Https.Service Layer: End-user time-sensitive token issued uponauthentication and is being used to validate user identity andpermission on each service operation request. All traffic is overHttps.Back-End: Application account with permission to execute fewstored procedures to validate user credentials and user-token.Secondary application account with full access using 15 mintime-to-leave password and encrypted for each user-token. Allconnections encrypted using Ssl. Data at-reset protected by SqlServer TDE, ISP administrative account(s) disabled.
  7. 7. Hosting ArchitectureFront-End: Windows Azure Web Role with two instances for load-balancing and fault tolerance purposes. Since there is no credentialsstored here - the web application can be deployed anywhere includingshared hosting.Service Layer: Amazon EC2 Windows Server 2008 R2 two instanceswith load-balancing enabled. Encrypted credentials for limited accessdatabase account - not end of the world even if hacked.Back-End: few were tried: Virtual on Amazon EC2 Windows Server R2(robust but not cheap), Virtual on Go-Daddy VPS (cheap but slow), andiHost physical server for best combination of cost and performance.Hosting company must have no login credentials to the box.Backup: few tried and rejected due to lousy security practices -confirmation email sent contained password. One that supported in-transit and at-rest data encryption was selected, additionally Sqlbackup file was also encrypted by TDE itself - no unencrypted dataanywhere.

×