36 lines
1.5 KiB
Markdown
36 lines
1.5 KiB
Markdown
# Security
|
|
|
|
## List of important things
|
|
|
|
* Actors
|
|
* Users: uses probably a web browser
|
|
* Administrator: host data and source code
|
|
* Software
|
|
* SQL Database: external software that holds data
|
|
* Ruby and dependencies: source code from open source external software
|
|
* Bootstrap CDN: css and javascript from external source
|
|
* Hardware
|
|
* Host server
|
|
* Sensitive data
|
|
* Private user's data
|
|
|
|
## Trust, privacy, threat model
|
|
|
|
* 1. Because we handle private data, it is important to protect it against leak.
|
|
User's private data should not be exposed publicly, and it should not be
|
|
possible to impersonate users.
|
|
|
|
* 2. Data inputed should not include financial information, making it
|
|
less a target for attackers. It should also not include many personnal
|
|
information, so even in case of security leak, exploiting data should be harder.
|
|
However, it is possible that the user find interest into putting sexual,
|
|
religious or medical information in the database. This is might be dangerous
|
|
for individuals if they are not aware of the point 3.
|
|
|
|
* 3. Because of the way it is currently used, the administrator has a complete
|
|
technical control over the data which are very easy to extract and export.
|
|
The administrator is probably close from some of the users and may have a
|
|
interest into looking these easly accessible private data.
|
|
The user must consider the administrator trustworthy of the information he
|
|
will input or not fear them to be read by the administrator.
|