![]() ![]() There were attempts to introduce parallel message processing using multiple consumer threads, but the results were not satisfactory because the codebase made use of locks and critical sections, which are well known for limiting concurrency. Moreover, there was data loss-whenever the running instance was terminated or restarted, all the counters were reset to zero. Further consequences were the lack of high availability and the inability to scale the service horizontally, as potential multiple instances had no way to synchronize and split the work between themselves. As a result, this implied that only a single instance of the service could run and handle all the traffic. First, all the calculated results-i.e., counters and statistics-were kept in memory, making the application’s state not persistent. Several challenges impacted the success of the first version of the Risk Factor engine. Some parts of the design could not handle such high traffic volumes and it became more and more difficult to maintain the component. The amount of calls that were sent towards the Identity API increased significantly over the years, as new clients, apps, and services were onboarded. At the time it was believed that all the design decisions were optimal, however, the common truth is that the only constant thing-especially in the IT industry-is change. It was based on top of JMS, which was the standard at the time for messaging. Its main function was to block malicious IP addresses (that exceeded defined thresholds in terms of unsuccessful authentication attempts) and lock compromised user accounts. The first version of the Risk Engine module was created a couple of years ago, when Identity API only supported a few clients. Risk Engine serves one of the essential requirements of the platform-it reduces account takeovers and strengthens security in order to keep customer data safe. Trigger targeted actions and decisions to prevent different types of attacks.Perform analysis based on available data streams, that combined together form risk factors.One of the security measures present in the Identity API is an in-house built component called Risk Engine. Risk management is the collective responsibility of multiple units within Tesco PLC, and Identity provides authentication mechanisms for different types of users. This is why organisations invest a lot of time and money to address this situation to discourage attackers and make them go away. With just basic security mechanisms in place, oftentimes the cost of performing a successful attack is minimal compared to the value gained by the bad actor. Attackers approach certain systems with different motivations, which drives the need for organisations to perform analysis of incoming traffic from multiple perspectives. The ongoing struggle with botnets, crawlers, script kiddies, and bounty hunters is challenging and requires the constant evolution of security platforms. Every organization that exposes its services online is subject to the interest of malicious actors. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |