3tier

A prototype 3-tier web application written in PureScript. Currently extracting re-usable parsing/validation, FFI, control flow, DSL, and event collection packages for a follow-up / future project(s).

Current Status: (Archived)

In a follow-up project with analogous overarching goals: I would like to develop a model SIEM/IDS software solution (as a 3-tier web application) written in PureScript, e.g. like a model / lightweight FOSS alternative to Splunk. I would like to continue to explore and evaluate of PureScript and formal methods to manage and "provably" mitigate OWASP Top 10 web application security risks as well. In the near future, I would like to finish: transitioning the current iteration of this project for future projects, conduct a final post-mortem analysis, and review / revise the lessons learned throughout the duration of this project for an analogous future project.

Contents

• Proposal
  • Purpose
  • Introduction
    • Diagram of 3-Tier Architecture
  • Goals
    • Tier 3
    • Tier 2
    • Tier 1
  • Schedule
  • Issues
  • Timeline

Proposal

Purpose

Introduction

Diagram

Goals

Tier 3

• Awaits Tier 3 resource requests to retrieve statistics reports about forwarded & audited events.
• Awaits Tier 3 resource requests to store forwarded and audited events, abstracting over a suitable choice of DBMS backend(s).
• Audits all incoming Tier 3 resource requests according to specification.
• Enforces authentication, authorization/access control, and project risk management policies for Tier 3 resource requests.

Tier 2

• Emits Tier 3 resource requests to retrieve statistics reports about forwarded & audited events.
• Awaits Tier 2 resource requests to retrieve statistics reports at the report route(s) defined by the backend web application.
• Awaits Tier 2 resource requests to forward Windows Security Event Log and Linux Auditing System data in JSON format at the forward route(s) defined by the backend web application.
• Awaits Tier 2 traffic/gateway event data in JSON format, e.g. flow records in SiLk rwfilter/rwcut format at the appropriate forward route defined by the backend web application.
• Audits all incoming Tier 2 resource requests according to specification.
• Emits Tier 3 resource requests to store audited & forwarded events after parsing & validation.
• Enforces authentication, authorization/access control, and project risk management policies for Tier 2 resource requests.

Tier 1

• Emits Tier 2 resource requests to retrieve statistics reports about forwarded & audited events.
• Awaits Tier 1 resource requests to retrieve summary reports about forwarded & audited events (e.g. in feature matrix format).
• Triggers alerts, e.g. based on application-defined rules and/or automated document classification approaches, from sets of Tier 2 statistics reports.
• Awaits Tier 1 resource requests to poll and view triggered alerts at the report route(s) defined by the frontend web application.
• Awaits Tier 1 resource requests to push and forward triggered alerts to an incident response platform, such as PagerDuty or JIRA, at the forward route(s) defined by frontend web application.
• Audits all incoming Tier 1 resource requests according to specification.
• Enforces authentication, authorization/access control, and project risk management policies for Tier 1 resource requests.

Schedule

See milestones.

Issues

See issues.

Timeline

See timeline.