52 lines
1.4 KiB
Plaintext
52 lines
1.4 KiB
Plaintext
@startuml
|
|
title Notification System - Threat Model
|
|
|
|
actor "Attacker" as attacker
|
|
actor "Legitimate User" as user
|
|
component "React Frontend" as frontend
|
|
component "Python Backend" as backend
|
|
component "Notification Service" as notif
|
|
database "User Preferences" as prefs
|
|
|
|
package "Attack Vectors" {
|
|
note right of attacker
|
|
1. XSS via notification content
|
|
2. Spam/DoS flooding
|
|
3. Token theft/replay
|
|
4. Authorization bypass
|
|
5. MitM on WebSocket
|
|
end note
|
|
}
|
|
|
|
package "Security Controls" {
|
|
rectangle "Input Sanitization" as sanitize
|
|
rectangle "Rate Limiting" as ratelimit
|
|
rectangle "WSS + JWT Auth" as auth
|
|
rectangle "ACL Checks" as acl
|
|
}
|
|
|
|
' Normal flow
|
|
user -> frontend : Authenticate
|
|
frontend -> backend : Get notification token
|
|
backend -> auth : Validate & issue JWT
|
|
frontend -> notif : Connect via WSS + token
|
|
backend -> sanitize : Sanitize content
|
|
sanitize -> ratelimit : Check limits
|
|
ratelimit -> acl : Verify user permissions
|
|
acl -> notif : Send notification
|
|
notif -> frontend : Deliver notification
|
|
|
|
' Attack attempts
|
|
attacker -[#red]-> notif : <script>alert('xss')</script>
|
|
sanitize -[#green]-> attacker : ✗ Blocked
|
|
|
|
attacker -[#red]-> notif : 10000 notifications/sec
|
|
ratelimit -[#green]-> attacker : ✗ Rate limited
|
|
|
|
attacker -[#red]-> notif : Stolen token
|
|
auth -[#orange]-> attacker : ✗ Token expired (5min TTL)
|
|
|
|
attacker -[#red]-> frontend : Read other user's notifications
|
|
acl -[#green]-> attacker : ✗ Authorization failed
|
|
|
|
@enduml |