Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Designing Secure APIs with State Machines

Ashwini Oruganti
May 20, 2017
Programming
1
180

Designing Secure APIs with State Machines

Did you ever need to create an application whose behavior varies with its state, while still presenting a consistent interface to its callers? A good, layered design using state machines can help avoid the tedious 'if' checks for flags, and ensure that if your code runs at all, it will run with all the required values initialized. I will demonstrate this with examples, and talk about some available tools and libraries to build state machines in Python.

I will also discuss how to effectively use the process of threat modeling to build secure web applications. Threat modeling is a computer security technique that helps you better understand the systems you create, identify attacks, and build defenses. I will talk about things that we, as software developers, can do to assess the security of our applications in the real world through this process.

Ashwini Oruganti

May 20, 2017
Tweet

More Decks by Ashwini Oruganti

See All by Ashwini Oruganti
Dispelling the 'Genius Programmer' Myth
ashfall
0
560
PyCon 2015: Introduction to HTTPS - A comedy of errors
ashfall
0
210
PyTennessee 2015: HTTPS
ashfall
2
150
pyca/tls
ashfall
0
240
Kneel And Disconnect: Getting The Fastest Connection Out Of A Hostname
ashfall
1
300
Asynchronous Event-driven Architecture - The Twisted Way
ashfall
1
1.4k
Twisted Logic: Endpoints and Why You Shouldn't Be Scared of Twisted
ashfall
1
140

Other Decks in Programming

See All in Programming
今、知っておきたい! 生成AIエージェントの世界
elith
3
340
AWS Application Composerで始める、 サーバーレスなデータ基盤構築 / 20240406-jawsug-hokuriku-shinkansen
kasacchiful
1
250
educure_カリキュラム生操作マニュアル.pdf
linew_official
0
470
From Spring Boot 2 to Spring Boot 3 with Java 22 and Jakarta EE
ivargrimstad
0
900
はてなにおける CSS Modules、及び CSS Modules に足りないもの / CSS Modules in Hatena, and CSS Modules missing parts
mizdra
3
340
甘い香りに誘われてVanilla Extractを1年間運用してみた
miyahkun
1
110
Rubyでたのしむクリエイティブコーディング/Enjoy Creative coding with Ruby
chobishiba
1
160
Elm 0.19.0 Changes
bkuhlmann
0
480
SwiftUI Performance 不要なViewの再描画と更新を抑える
bigamitiongit
1
160
Code Reviews
bkuhlmann
4
880
[技育CAMPアカデミア]アイディアを形に!【超入門】スマホアプリ開発〜リリースまでの流れをご紹介
teamlab
PRO
0
350
今の SmartHR にエンジニアで入社するとどうなるの?
daisukeshinoku
5
4.6k

Featured

See All Featured
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.9k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
9
8.3k
Music & Morning Musume
bryan
41
5.6k
Thoughts on Productivity
jonyablonski
57
3.8k
Scaling GitHub
holman
457
140k
Put a Button on it: Removing Barriers to Going Fast.
kastner
58
3k
The Cult of Friendly URLs
andyhume
74
5.7k
Code Review Best Practice
trishagee
54
15k
The Pragmatic Product Professional
lauravandoore
24
5.8k
What’s in a name? Adding method to the madness
productmarketing
PRO
15
2.6k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
The Power of CSS Pseudo Elements
geoffreycrofte
59
5k

Transcript

  1. Designing Secure APIs with State Machines Ashwini Oruganti PyCon 2017

  2. twitter.com/_ashfall_ Security Engineer, Docker < pyca/tls, Twisted >

  3. Problem Solution

  4. Forgot Password

  5. None

  6. A single token belongs to a single user.

  7. None

  8. Threat Modeling a computer security technique to help defenders understand

    their own systems and drive the process of building better defenses. -https://alexgaynor.net/2016/jul/29/intro-to-threat-modeling/

  9. Tokens should be generated via a cryptographically secure random number

    generator.
  10. None

  11. Tokens should expire after use / a set period of

    time
  12. None

  13. State happens.

  14. Complexity -> Bugs

  15. (Computer) Science!

  16. None
  17. None
  18. None

  19. Hard to: * Test * Read * Debug * Change

  20. State Machines!

  21. A state machine is a piece of software that accepts

    input and then (usually) generates a deterministic (probably) output.

  22. Settings, values, data == “state”

  23. None
  24. None
  25. None

  26. Maintainable

  27. Automated Testing

  28. STATES = [HAVE_PASSWORD, TOKEN_CREATED] INPUTS = [REQUEST_RESET, ENTER_PASSWORD] AT LEAST

    4 CASES TO TEST. Enhanced Unit Testing

  29. How do I state machine in Python?

  30. None

  31. Automat https://github.com/glyph/automat

  32. “Automat is designed from the perspective of a deep and

    abiding sense of shame” - Glyph, Author

  33. Q. How do I get the current state of a

    state machine?

  34. Q. How do I get the current state of a

    state machine? A. You don’t.
  35. None
  36. None
  37. None
  38. None

  39. If you are designing a system, threat modeling it as

    early as possible is ideal.

  40. Threat modeling forces you to look at all of your

    assets.

  41. Threat modeling forces you to identify how all of those

    assets are used.

  42. Threat modeling forces you to identify mutable state.

  43. If you find yourself writing a lot of if-else checks,

    Remember there’s one or more explicit State Machines to explore. To summarize:

  44. https://clusterhq.com/2013/12/05/ what-is-a-state-machine/ https://github.com/glyph/automat https://gist.github.com/markrwilliams/ 9caf35e2dc2dfa07f4f64af6a77ec170

  45. Thank You! twitter.com/_ashfall_ State Machines Open Space: 5pm @ b114