Security Issues

Identify sensitive information kept by your software. Explain how you plan to protect it.

The types of user-sensitive information that is kept by our website include full names, emails, passwords, phone numbers, job titles, and job departments. In order to protect this information, we will store the data in a secure PostgreSQL database. The data kept by the database will be encrypted, and we will configure the database so that it will only listen to the specific IP addresses of the developers. We will ensure that the database can only be accessed by developers and no one else. We also plan to (aspirationally) verify each user of our application in order to reduce the chance of unwanted users gaining access to the application.

Identify possible attack vectors, that is, ways malicious users could try to use your software to escalate their privileges. This includes root access to your server, access to other user's sensitive information (say via XSS attacks), root access to your database, etc. Explain protection plan.

Malicious users can attack the application's server via DDOSing, an attack where an application is overwhelmed by numerous fake requests. This is already mitigated by our use of Fly.io, which employs the use of automated and manual DDoS mitigation. Another potential attack is cross-site scripting (or XSS), where attacks insert malicious code into the web application and is then executed by the browser of the victim. The victim may then click a malicious link or visit a malicious site by mistake due to there being no notice or sign of any malicious change. Depending on the code, the attacker could gain access to the victim's sensitive information or perform actions under the guise of the victim. This can be combatted by validating and sanitizing user input and site data as well as implementing output encoding so that variables will be interpreted as text rather than raw code.

Malicious users can also gain access to the application's database via SQL injection, an attack where the perpetrator inputs malicious SQL commands into the application’s input fields, such as search boxes or forms. These commands could then be executed by the database server. Once they gain access, they would have the ability to view, alter, or delete the stored data based on the commands inputted. This can be combatted by using prepared statements with parameterized queries; this mix separates SQL code from user input and binds the input values to the query parameters, thereby setting it so that user input does not alter the queries' logic.

We plan to protect our application by implementing the above security protocols and potentially more that we find useful and by finding and fixing security vulnerabilities that we discover throughout the development process. We also plan to understand and utilize Fly.io's (our deployment platform) infrastructure/cloud security practices.