🗃️
PropScreen
  • PropScreen Overview
  • Introduction
    • The Problem
    • Problem Importance and Impact
    • Solution Overview
      • How Propscreen Addresses the Problem
      • Use Cases
      • User Personas
  • System Architecture
    • Core Components of Propscreen
      • PropScreen's Checks
      • Context Strings Database
      • Hashed Organizational Sensitive Information
      • Interdiction Log Database (Reports)
    • Architecture Overview
    • Sequence Diagrams by Use Case
      • Use Case 1 Sensitive Information Disclosure Interdiction
      • Use Case 2 Logging of Interdiction Events
  • Project Considerations
    • Threat Modeling
      • Key Threats
      • Key Threat 1
      • Key Threat 2
      • Key Threat 3
    • Secure by Design
    • Alternative Solutions
      • NER and Regex Based Scans
      • Traditional Data Loss Prevention
    • PropScreen's LLM Implementation
  • The Proof of Concept
    • Demo Video
    • Try the Proof of Concept
  • Going Forward...
    • SIEM Integration
    • Role Based Access Control Dependent Response Filtering
    • The Good, The Bad, and the Learning
Powered by GitBook
On this page
  • Overview
  • Containerization
  • Database Security
  • Vulnerability Assessment
  • PropScreen Fails Closed
  1. Project Considerations

Secure by Design

Overview

As a security tool, PropScreen must be as secure as possible in its design and implementation. If PropScreen fails as a security measure, or becomes a viable avenue of attack then it fails in its purpose altogether. The following considerations have been made to ensure PropScreen is secure by design.

Containerization

PropScreen runs in a container and therefore enjoys all the security benefits that come with the utilization of running inside a container. Some benefits worth noting explicitly are the following:

  • A hardening of PropScreen's security posture due to the isolation of the container and the processes running inside it from the bare metal machine.

  • Since PropScreen is running inside a container, the attack surface against PropScreen is the container and PropScreen's interface as opposed to the entire machine and PropScreen's interface. In other words the attack surface is smaller due to containerization.

  • Containerization allows for PropScreen enjoy a greater level of portability between different operating environments and enables an instance to be quickly deployed or redeployed. These two traits allow for PropScreen to be quickly redeployed in the event of a failure or outage.

Database Security

When interacting with the databases required for its function, PropScreen principles of Zero Trust and Least Privilege. It is worth noting that all databases are assumed to be encrypted and configured in such a way that only authorized users and PropScreen have the ability to access them.

  • Context String Database

    • This is a read only database to PropScreen that contains non-sensitive information.

  • Hashed Organizational Sensitive Information Database

    • This is a read only database to PropScreen that only hashes of the information and nothing in the clear.

  • Interdiction Log Database

    • This is a write only database to PropScreen.

    • A current consideration is obfuscating the sensitive information found in the response even from the security analysts view.

Vulnerability Assessment

PropScreen Fails Closed

If PropScreen fails, it fails closed. What this means is that the user is not longer able to access the Company LLM. This ensures that the Company LLM does not have the opportunity to disclose sensitive information while PropScreen is not operational. This approach dramatically reduces the likelihood of sensitive information disclosure occurring during an unexpected outage of PropScreen.

PreviousKey Threat 3NextAlternative Solutions

Last updated 8 months ago

was used to determine the existence of vulnerabilities in the PropScreen container. Based off of the results a vulnerability remediation plan can be developed and implemented in order to harden PropScreen's security posture. Docker Scout will be a tool that will be continuously used for both vulnerability and supply chain management.

The API fuzzer was utilized to test the security posture of the client web application in the PropScreen PoC. While in an actual deployment, this web interface would not exist in the same form, REST API calls would probably be made. Therefore testing the security posture of the API calls made to PropScreen is justified and necessary.

Docker Scout
CATS