Hitchhiker's Guide To Privacy Engineering Chapter 6: How Websites Work? (Part 3)
Mert Can Boyar
Founder at Compliance Detective I Director at Bilgi University Privacy Innovation Lab I Author of Hitchhiker's Guide to Privacy Engineering
?? Author's Salute - Community Update #7
Hello dear reader, welcome to the seventh issue of my "creative privacy" passion project, where we try to discover experiences that harmonize?creativity and privacy.
?? Now you can visit the?HGPE?website, the single source of knowledge where you can read about privacy engineering, creative privacy, creative AI, comic book?storylines, reading episodes, videos and soundtracks.?
?? If you wonder what happened to Red after she was touched by the darkness, jump on to the new chapter to discover how the story unfolds?in?Chapter VII : The Fall of the Academy
What you will learn?
Privacy engineers need to have a strong understanding of modern data processing environments, service-oriented architectures, and cloud computing technologies. This chapter helps you get the full picture of data processing on modern websites.
This chapter will consist of three parts, and this second part will introduce you to the following technologies used on modern websites: ??
?? Web APIs
??? Webhooks
???HTTPS
?? Web Application Firewalls
?? Single Sign-On (SSO)
?? OAuth 2.0
You can?check out last week's episode on?How do Websites Work (Part 2)?
How do websites work? (Part 3)
Web APIs
If you want to interact with a computer or system to retrieve information or perform a function, an API helps you communicate what you want to that system so it can understand and fulfill the request.
APIs let your product or service communicate with other products and services without having to know how they’re implemented.
These services provide features such as data storage, user administration, and push notifications via software development kits (SDKs) and application programming interfaces (APIs). These APIs and SDKs allow developers to integrate the service into their products with just a few lines of code.
Order members were fighting off the droids which were possessed by the Dark Entity. Some of them tried to reach what remained of the high Tower to save the Grandmaster.It was not only the droids anymore. Portals opened in the air that unleashed the darkness of the galaxy on the Academy grounds. - Journals of Order of Epoch 2345 Anno Domini
API Gateways
An API gateway is an API management tool that sits between a client and a collection of backend services.
An API gateway acts as a reverse proxy to accept all application programming interface (API) calls, aggregate the various services required to fulfill them, and return the appropriate result.
The API gateway intercepts all incoming requests and sends them through the API management system, which handles a variety of necessary functions
REST stands for representational state transfer and was created by computer scientist Roy Fielding.
The services within the microservices architecture use a common messaging framework, like RESTful APIs. They use RESTful APIs to communicate with each other without difficult data conversion transactions or additional integration layers. Using RESTful APIs allows, and even encourages, faster delivery of new features and updates.
Red and Kyle were close to the communications sector. Where the Academy’s central AI network was located in a tower nearby. Red stopped running. The medical droids were still after them. “We need to get to the communications sector to reset the network using the kill switch. That’s the only way we can synthetic troops to defend the Academy.” - Journals of Order of Epoch, 2341 Anno Domini
API Usecase
Different services and technologies can communicate with each other through API services. Some API services are a collection of thousands of prebuilt APIs, while another type of API service is API gateways that help you manage traffic when you need to send and receive large amounts of information.
For example, we want to register the users who registered with our product to our CRM system, which we use for customer relationship management. For this, we need to send the "e-mail address" information of our users through the APIs of the Hubspot product we are using.
At this point, we should not forget that we need to comply with various data protection compliance requirements with regard to SCCs, DPAs and privacy notices.
from hubspot.crm.contacts import SimplePublicObjectInp
from hubspot.crm.contacts.exceptions import ApiException
try:
? ? simple_public_object_input = SimplePublicObjectInput(
? ? ? ? properties={"email": "[email protected]"}
? ? )
? ? api_response = api_client.crm.contacts.basic_api.create(
? ? ? ? simple_public_object_input=simple_public_object_input
? ? )
except ApiException as e:
? ? print("Exception when creating contact: %s\n" % e)tu
We can use the services of Stripe, a payment system, to receive payments from users of our SaaS product. At this point, we need to save the newly registered user information to the Stripe database via an API in order to receive payment, apart from just writing it to our own database.
In order to achieve this, we can send this information to the Stripe database via the API with a piece of code like the example below.
import strip
stripe.api_key = "sk_test_51GXRo6CjQJDRi0Nm1"
stripe.Account.create(
? type="custom",
? country="TR",
? email="[email protected]",
? capabilities={
? ? "card_payments": {"requested": True},
? ? "transfers": {"requested": True},
? },
)e
For the use of Stripe, we need to conduct TIAs and execute SCCs and DPA for the data exchange between us and Stripe.
Webhooks
A webhook is an HTTP-based callback function, triggered by an event in a source system and sent to a destination system, often with a payload of data.
Webhooks are used by a wide variety of web apps to receive small amounts of data from other apps.
She looked outside the window to see what happened to Kyle. She gasped as she saw what happened to the Academy. It was a scene that Red will never forget. Their home, the Academy was under attack by an army built for only one purpose. - Journals of Order of Epoch, 2341 Anno Domini
What are the use cases?
Webhooks are automated, in other words, they are automatically sent out when their event is fired in the source system.
Let's say you subscribe to a dating app. The dating app wants to send you an email at the beginning of each month when it charges your credit card.
The dating app can subscribe to the payment provider (the source) to send a webhook when a credit card is charged (event trigger) to their emailing service (the destination). When the event is processed, it will send you a notification each time your card is charged.
The payment provider webhooks will include information about the charge (event data), which the emailing service uses to construct a suitable message for you, the customer.
What is the difference between APIs and webhooks?
Webhooks are not APIs; they work together. An application must have an API to use a webhook.
Webhooks are not suitable for transferring sensitive data such as passwords or credit card information.
In general, webhooks are for sending notifications about events. If you’re putting sensitive data inside messages sent out by webhooks, you should reconsider your use case.
She opened the door to the control tower to come face to face with the Grandmaster.He was malformed and twisted into a monster. Red realized what happened. Lilith finally captured the Grand Master during the mission. - Journals of Order of Epoch, 2341 Anno Domini
HTTPS
HTTPS (Hyper Text Transfer Protocol Secure) appears in the URL when a website is secured by an SSL certificate.
HTTP conversations conducted using TLS are called HTTP Secure (HTTPS). HTTPS requires the client and server to perform a TLS handshake in which both parties agree on an encryption method and exchange encryption keys.
The details of the certificate, including the issuing authority and the corporate name of the website owner, can be viewed by clicking on the lock symbol on the browser bar.
TLS Handshake
?? Each TLS certificate consists of a key pair made of a public key and a private key.
???? Every time you visit a website, the client server and web browser communicate to ensure there is a secure TLS/SSL encrypted connection.
领英推荐
?? When a browser directs to a secured website, the website server shares its TLS/SSL certificate and its public key with the client to establish a secure connection and a unique session key.
? The browser confirms that it recognizes and trusts the issuer, or Certificate Authority, of the SSL certificate.
??? The browser sends back a symmetric session key and the server decrypts the symmetric session key using its private key. The server then sends back an acknowledgment encrypted with the session key to start the encrypted session.
?? The server and browser now encrypt all transmitted data with the session key. They begin a secure session that protects message privacy, message integrity, and server security.
A handful of high-ranking Masters, including Master Talia, arrived at the control tower from the opposite sky bridge. As they were crossing the bridge, Grand Master crawled out of the tower to face them. He was holding what seemed to be dark PETs. - Journals of Order of Epoch, 2341 Anno Domini
What is SSL?
SSL was a widely used cryptographic protocol for providing data security for Internet communications.
SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.
SSL was superseded by TLS; however, most people still refer to Internet cryptographic protocols as SSL. TLS (Transport Layer Security) is just an updated, more secure, version of SSL.
Web Application Firewalls
A WAF is a security system that helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet.
Web application firewall protects web applications from a variety of application layer attacks.
Attacks on apps are the leading cause of breaches—they are the gateway to personal data. With the right WAF in place, you can block the array of attacks that aim to exfiltrate that data by compromising your systems.
WAF operates as a reverse proxy that acts as an intermediary that protects the web app server from a potentially malicious client.
WAFs don’t protect against all types of threats and attacks; rather, WAFs are one important element of a wider suite of tools used to protect websites and apps. The rules determining what traffic is deemed safe and what is malicious — in other words, what kind of traffic a WAF will allow or block — are called “policies.”
Here is an example of WAF policy to blacklist certain IPs on AWS.?
## IP Blacklis
## Matches IP addresses that should not be allowed to access content
? wafrBlacklistIpSet:
? ? Type: AWS::WAFRegional::IPSet
? ? Condition: isRegional
? ? Properties:
? ? ? Name: !Join ['-', [!Ref stackPrefix, 'match-blacklisted-ips']]
? ? ? IPSetDescriptors:
? ? ? ? - Type: IPV4
? ? ? ? ? Value: 10.0.0.0/8
? ? ? ? - Type: IPV4
? ? ? ? ? Value: 192.168.0.0/16
? ? ? ? - Type: IPV4
? ? ? ? ? Value: 169.254.0.0/16
? ? ? ? - Type: IPV4
? ? ? ? ? Value: 172.16.0.0/16
? ? ? ? - Type: IPV4
? ? ? ? ? Value: 127.0.0.1/32t
A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application, and prevents any unauthorized data from leaving the app. It does this by adhering to a set of policies that help determine what traffic is malicious and what traffic is safe.
After a grim smile, the Grand Master used the PETs on the sky bridge. It caused a sonic blast killing certain Masters instantly and knocking some of them down from the sky bridge. Only Master Talia and Master Ya’zz were still standing thanks to the plasma shield created by Master Talia. - Journals of Order of Epoch, 2341 Anno Domini
Single Sign-On (SSO)
A single sign-on solution can simplify username and password management for both users and administrators. Users no longer have to keep track of different sets of credentials and can simply remember a single more complex password. SSO often enables users to just get access to their applications much faster.
SSO works based upon a trust relationship set up between an application, known as the service provider, and an identity provider.
Traditionally, after our users register with our website we assign a unique cookie to the user when they want to log in to our product. These cookies keep track of whether a user is logged in and under what name. It also saves login information to prevent users from repeatedly entering their passwords.
This process occurs once until our users terminate their session or until the validity period defined for the session expires.
When we use the SSO, the username and password are forwarded to the SSO server, after verifying the information, the session is started and a session key is generated. This generated key can be used jointly with other associated applications and/or services.
The point we need to pay attention to here is that our users lose control over their personal data due to the use of SSO, and we should not forget that we are expanding the tracking and targeting of the big tech SSO providers on our website users.
In addition, due to the fact that we do not have control over exactly what information is shared with these companies, it becomes difficult for us to comply with transparency and accountability principles.
Red and Kyle worked together to rewire and managed to reboot the AI network. The reset triggered the defense systems of the Academy. The synthetic troops were unleashed upon the ranks of cyborg zombies. Fighter jets and air defense systems started shooting at the portals in the sky. - Journals of Order of Epoch, 2341 Anno Domini
OAuth 2.0
OAuth 2.0, which stands for “Open Authorization”, is a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user.
OAuth 2.0 is an authorization protocol. As such, it is designed primarily as a means of granting access to a set of resources, for example, remote APIs or user data.
It gives an application to access another application's data on you. The authorization is made through the exchange of keys.
You don't give your password and revoke your authorization whenever you want. Different services talk to each other, the other services such an email service) checks if you are logged in, if not asks you to log in. Then email service asks you to first service wants to access your contacts prompt. Then you go back to the first service and do what you want to do.
How does Oath 2.0 work?
The client is the application the first website that wants to access the data on you or perform actions on behalf of you the resources owner.
An authorization server is an application that knows the resource owner is you where the resource server already has an account.
The resource server is the API or service the client wants to use on behalf of the resource owner. Redirect URI is the URL the authorization server will redirect the resource owner after granting access to the client, also called the callback URL.
Response type is the type of information the client expects to receive. The client expects to receive an authorization code. The scope is the granular permissions the clients want like accessing the data or performing actions.
Consent, the authorization server takes the scope the client requests and verifies with the resource owner whether they want to give the client permission.
Client ID is used to identify the client with the authorization server. Client Secret, only the client and the authorization server know to share information safely. An authorization code is a short-lived temporary code that the authorization server sends back to the client.
The client then sends back to the authorization server the authorization code and client secret in exchange for an access token.
This is like a keycard to communicate with the resource server on your behalf.
Kyle pulled Red out of the sky bridge just before Master Talia used her PETs to seal off the sky bridge door and lock them away from the Grand Master. Red tried to break loose from his grip yet Kyle didn't allow her to go free until the doors were sealed. - Journals of Order of Epoch, 2341 Anno Domini
OAuth 2.0 Example using Sign in with Google
The user presses the button "Sign in with Google". This will redirect to the identity providers /authorize endpoint (could be different for each provider) which goes to their login page.
The user is redirected to Google's accounts page. If not already logged in, the user can enter their Google email/password here.
Google redirects back to Netflix with an authorization_code (for example, it redirects to https://netflix.com/authcallback?code=XYZ...)
Netflix's backend server sends this authorization_code with the client_id and client_secret (from their project in google), and receives an access_token (usually to the /token endpoint)
Netflix can then use the access_token to access the user's profile from Google.
This is the end of the first part of the?How the Internet Works Chapter.
?? Comic Book Issue #7 - Want to read the plot and immerse yourself in the story even more?
?? ♂??Chapter 7: The Fall of the Academy?--> Jump on the?story from here, as it is written and hosted on the?Gitbook platform.
??Early Access is available?to the?privacy engineering materials. You can still witness the story of our protagonist Red, and her journey to find her brother through?environmental storytelling while you learn about privacy engineering.
???Listen to the story of Red as Reading Episodes?released every week with original music. You can check out the?HGPE Trailer,?Chapter 1: The Prologue, and?Chapter 2 : The Battle for Earth,?Chapter 4 : The Academy,?Chapter 5 : The Approaching Darkness,?Chapter 6 : The Invasion, Chapter 7 : The Fall of the Academy reading sessions on?Youtube with subtitles.?The narrator is supported by the?original soundtrack?where the music is also composed by me, so I would love to hear what you think about them.