Summary
Encrypt data that is passed between Airtable, Twilio, and OpenAI and setup security authentication between all endpoints to take preventative security measures to move forward and continue on with new projects knowing we have a base security system and layer setup
Client
Assigned To
Eli WeldonStatus
Completed
Start & Finish Date
September 22, 2023
Needs Review
Project Resources
Project Outline
Project Planning TasklistGo through For each Goal outlined turn its individual item in
Problems, Goals, & Summary
What are the problems we hope to solve with this project?
- Right now conversation data is passed as plain text between Airtable, Twilio, and OpenAi need to make sure it is encrypted and the endpoints are secure that way we donβt have to worry about any security issues as we move past the project
What are the Goals to create in order to solve the problems?
- Encrypt all the data that is passed through the api middleman that routes messages between Airtable, Twilio, and OpenAi
- Setup security auth for all endpoints
Based on the problems and goals summarize what the project hopes to accomplish:
- Encrypt data that is passed between Airtable, Twilio, and OpenAI and setup security authentication between all endpoints to take preventative security measures to move forward and continue on with new projects knowing we have a base security system and layer setup
Goals & Deliverables
Goal: Encrypt client-sensitive data within the database.Outline Deliverables associated with GoalOutline & complete any Tasklist - Research / Outline / Client Question Create list of Tasks to achieve goalConfirm Goal & Deliverables with client, get any questions answered
Goal Planning Tasklist
Turn goal deliverables into 
Tasks , add task details
Tasks , add task detailsDeliverables
- In mongoDB, store data in encrypted form
- Generalise data encryption/decryption logic
Tasklist - Research / Outline / Client Question
- Client Question: Do you have any requirement to use some specific type of encryption?
- Client Question: Encryption consumes hardware resources to process data. I think we should decide specific attributes to encrypt instead of encrypting all the data. What do you think?
- Research: Best way to generalise the encryption/decryption logic. It must be DRY.
Tasklist - Final
- (0.5 hours) Task: Integrate crypto library to encrypt data
- (0.5 hours) Task: Identify & List critical data attributes to be encrypted
- (1 hours) Task: Generalize the logic to encrypt all the data in/out from DB
- (1 hours) Task: Test implementation on existing Models/Schema
- (1 hours) Task: Write migration script for the existing data
- (1 hours) Task: Review/Test PR β Merge it β Deploy
Goal: Setup security auth for all endpointsOutline Deliverables associated with GoalOutline & complete any Tasklist - Research / Outline / Client Question Create list of Tasks to achieve goalConfirm Goal & Deliverables with client, get any questions answered
Goal Planning Tasklist
Turn goal deliverables into Tasks , add task details
Tasks , add task detailsDeliverables
- Admin can create System Users
- A user can SignIn after providing its credentials.
- A user verify itself via 2FA if the session device a new.
- A user can manage its auth sessions
Tasklist - Research / Outline / Client Question
- Client Question: What features you need in authentication?
- Client Question: What are the entities involved in this system?
- Client Question: Should we write APIs for admin to create users?
- Client Question: Will there be any SAAS users or any API consumer who is not a person but another machine?
- Research: Add IP whitelisting from AirTable servers to ensure only AirTable can hit our SMS endpoints.
- Research: Other possibility is to use proxy server to forward public request to the authenticated resource.
- Research: Understand client requirements and draft a plan
Tasklist - Final
- (1.5 hours) Task: Set whitelist IPs middleware for Airtable, Twilio, and Podium web-hooks.
- (0.5 hours) Task: Add user credentials for ORM Manager users
- (2 hours) Task: Setup Basic Authentication using JWT
- (0.5 hours) Task: Write Token Issuing and Revoking Logic
- (1 hours) Task: Implement basic login with credentials
- (0.5 hours) Task: Implement basic logout
- (1 hours) Task: Review/Test PR for deployment