[Course] System Archietect- Security

Network Security

# Symmetric Key

# Pulic Key Encryption

# Secure Network Protocol (SSL/TLS)

# Hashing

# Digital Signature

# Digital Certificates

# Chain of Trust

# TLS/SSH Handshake

# Security Network Channel

# Firewall

# Network Security { multiple subnet)

Identify Management

# Authentication (stateful and stateless)

# Authorization

# Credential Transfer

==> Certficate Based

# Credential Storage

# Stateful authentication

==> session cache

# Stateless authentication

==> Signed and encrypted Token

==> Decentralization Authentication leads to better scalability

Access Management 

# Role Based Access Control (RBAC)

# JSON Web Tokens

# Securing Data At Rest

==> main public key

==> Client Data Encryption

SEcuring a software system 

Common Vulnerabilities

==> Security 

Public key authentication 

Mutual authentication（Two way authentication)

SSL Server Authentication Vs Client Authentication

X509 certificate

Cipher Suites for TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

Digital signning 

SSL server authentication is an SSL certificate issued to the server to validate their identity to the client

while client authentication is an SSL certificate to validate the client’s identity to the server.