Amit Agarwal
2 min readJun 6, 2021

Sony Website Architecture: System Design

High Level Expectation:

■As a user, I should be able to view products list and see product description.

■As a user, I should be able to buy a products and review the products items.

■As a user, I should be able to see my transactions and download previous data

■As a user, I should be able to navigate company related static pages

■As an admin, I should be able to see analytics.

■As an operation team members, I should be able to see user orders and contact information.

■As a vendor, I should be able to deliver the parcel by getting routes.

Website: Architecture

Security

■For Security purpose we can use below mentioned technologies.

■JWT token for information exchange.

■AWS WAF to stop hackers

■HTTPS, 4028 Bits Secured SSL protocol.

■We can use SHA-256 bits encryption, AWS-KMS

PGP key to store customer sensitive data.

Secuirty: Architecture(AWS: WAF)

AWS Managed Rules (A): This set of AWS managed core rules provides protection against exploitation of a wide range of common application vulnerabilities or other unwanted traffic.

Manual IP lists (B and C):. This component creates two specific AWS WAF rules that allow you to manually insert IP addresses that you want to block or allow

SQL Injection (D) and XSS (E): The solution configures two native AWS WAF rules that are designed to protect against common SQL injection or cross-site scripting (XSS) patterns in the URI, query string, or body of a request.

HTTP flood (F): This component helps protect against attacks that consist of a large number of requests from a particular IP address, such as a web-layer DDoS attacks or a brute-force login attempt. This feature supports thresholds of less than 100 requests within a 5 minute period.

Scanners and Probes (G): This component parses application access logs searching for suspicious behavior, such as an abnormal amount of errors generated by an origin. It then blocks those suspicious source IP addresses for a customer-defined period of time.

IP Reputation Lists (H): This component is the IP Lists Parser AWS Lambda function which checks third-party IP reputation lists hourly for new ranges to block.

Bad Bots (I): This component automatically sets up a honeypot, which is a security mechanism intended to lure and deflect an attempted attack.

Amit Agarwal
Amit Agarwal

Written by Amit Agarwal

0 Followers

Engineering@15+

No responses yet