Enterprise-Grade Trust Infrastructure Built for Scale
A production-ready, cloud-native PKI platform powered by 46 specialized microservices, designed for organizations that demand security, scalability, and compliance at enterprise scale.
Try the platform with demo credentials
46 specialized services working in concert for maximum flexibility and scalability
HSM session pooling and goroutine concurrency for lightning-fast operations
Container-based deployment with minimal attack surface on Kubernetes
eIDAS, GDPR, ISO 27001, SOC 2, PCI DSS built-in from day one
Saga, idempotency, circuit breakers, distributed locking
Multi-tenancy, audit trails, RBAC, policy engine
Battle-tested distributed system patterns for mission-critical operations
Challenge: In distributed systems, network failures can cause duplicate requests. Without idempotency, this leads to duplicate charges, double signatures, or data corruption.
Our Solution: Multi-layered idempotency protection
Challenge: In microservices, traditional ACID transactions don't work across service boundaries. How do you ensure consistency?
Our Solution: Saga pattern with compensating transactions
Check subscription exists and is active
Retrieve plan quotas and limits
Verify usage within limits
Record successful transaction
Challenge: When multiple admins or processes modify the same resource simultaneously, how do you prevent data corruption?
Our Solution: Both optimistic and pessimistic locking strategies
Version-based compare-and-swap
Use case: High read, low contention scenarios
SELECT FOR UPDATE database locks
Use case: Critical operations like key rotation
Redis-based distributed locks (Redlock)
Use case: Multi-admin collision prevention
Challenge: External services fail, networks are unreliable, and dependencies have outages. How do you keep the system running?
Our Solution: Circuit breakers, bulkheads, retries, and timeouts
Automatically stop calling failing services
Resource isolation prevents cascading failures
Separate connection pools per service
Smart retry logic with increasing delays
1s â 2s â 4s â 8s â 16s
Different timeouts for different operations
Fast ops: 5s, Crypto ops: 30s
Built with Go for unparalleled performance and efficient resource utilization
Goroutines and channels for efficient parallelism
~25MB per service vs. 200MB+ for JVM
<1 second vs. 10-30 seconds for Java
No runtime dependencies
Multiple layers of security from infrastructure to application
Hardware-backed cryptographic operations with FIPS 140-2 Level 3 certification. Private keys never leave the HSM.
Complete tenant data isolation at database, network, and application levels. Row-level security policies enforce separation.
Automated key rotation with version tracking and rotation history. Pessimistic locking prevents concurrent modifications.
Kubernetes NetworkPolicy for micro-segmentation. Services can only communicate with authorized peers.
Built-in compliance with major international standards and regulations
Electronic Identification, Authentication and Trust Services
General Data Protection Regulation
Information Security Management
Trust Service Criteria
Payment Card Industry Data Security Standard
RFC 6962
Each service is a focused, production-ready component designed for a specific domain
Purpose: Automated database schema initialization and migration management.
Creates and manages database schemas, tables, indexes, and initial data. Handles version migrations with Flyway/Liquibase-style versioning. Ensures idempotent schema deployment across multiple database instances.
VerziĂłkezelĂ©si technika adatbĂĄzis sĂ©mĂĄhoz: minden mĂłdosĂtĂĄs (Ășj tĂĄbla, index, oszlop) egy verziĂłval van ellĂĄtva. A rendszer automatikusan alkalmazza a hiĂĄnyzĂł verziĂłkat sorrendben.
Olyan mƱvelet, amit többször is el lehet vĂ©gezni anĂ©lkĂŒl, hogy megvĂĄltoztatnĂĄ az eredmĂ©nyt. PĂ©ldĂĄul: "CREATE TABLE IF NOT EXISTS" - ha lĂ©tezik a tĂĄbla, nem csinĂĄl semmit.
NĂ©pszerƱ database migration eszközök. SQL fĂĄjlokat verziĂłz (V1__initial.sql, V2__add_users.sql) Ă©s automatikusan futtatja Ćket a megfelelĆ sorrendben.
Purpose: Complete lifecycle management of Certificate Authorities (Root CA, Intermediate CA, Issuing CA).
Manages the CA hierarchy (Root â Intermediate â Issuing CAs). Handles CA certificate generation, key ceremony workflows, CA certificate renewal, and revocation. Implements optimistic locking for concurrent CA operations and maintains complete audit trails. Key Technology: X.509 certificate chain management, PKCS#10 CSR processing.
TanĂșsĂtvĂĄnykibocsĂĄtĂłk hierarchiĂĄja: Root CA (legfelsĆ, offline) â Intermediate CA (köztes) â Issuing CA (kibocsĂĄtĂł). Ha egy szintet kompromittĂĄlnak, csak azt kell visszavonni, a felette lĂ©vĆket nem.
Formålis, auditålt eljårås CA kulcsok generålåsåra és tårolåsåra. Több személy jelenlétét, videó dokumentåciót és fizikai biztonsågi intézkedéseket (pl. HSM) igényel.
VerziĂł-alapĂș konkurencia kezelĂ©s: minden rekord van egy verziĂł szĂĄm. MentĂ©snĂ©l ellenĆrzi, hogy vĂĄltozott-e. Ha igen, hibĂĄt dob. Jobb teljesĂtmĂ©ny, mint a pessimistic lock.
SzabvĂĄnyos digitĂĄlis tanĂșsĂtvĂĄny formĂĄtum (RFC 5280). Tartalmazza: tulajdonos, kibocsĂĄtĂł, publikus kulcs, Ă©rvĂ©nyessĂ©gi idĆ, digitĂĄlis alĂĄĂrĂĄs, extensions (kulcshasznĂĄlat, stb.).
Purpose: Issues X.509 digital certificates for users, devices, and services.
Processes Certificate Signing Requests (CSR), validates identity information, applies certificate profiles (QCP-n, QCP-l, QCP-n-qscd for eIDAS), and issues certificates. Supports qualified certificates for eIDAS compliance. Integrates with HSM (Service 14) for private key operations. Implements certificate templates with configurable validity periods, key usage, and extended key usage fields.
TanĂșsĂtvĂĄny kĂ©relem: tartalmazza a kĂ©relmezĆ publikus kulcsĂĄt Ă©s adatait (nĂ©v, szervezet, domain). A CA ezt ellenĆrzi Ă©s alĂĄĂrja, Ăgy lesz belĆle tanĂșsĂtvĂĄny.
EU szabvĂĄnyĂș minĆsĂtett tanĂșsĂtvĂĄny (QES - Qualified Electronic Signature). Jogi Ă©rtelemben egyenĂ©rtĂ©kƱ a kĂ©zzel Ărt alĂĄĂrĂĄssal. SzigorĂș identity ellenĆrzĂ©st Ă©s HSM hasznĂĄlatot igĂ©nyel.
TanĂșsĂtvĂĄny sablon: definiĂĄlja az Ă©rvĂ©nyessĂ©gi idĆt, kulcshasznĂĄlatot (signing, encryption), algoritmusokat, Ă©s az X.509 extensionöket. PĂ©ldĂĄul: "TLS Server" vs "Email Signing".
Key Usage: alapvetĆ cĂ©lok (digitalSignature, keyEncipherment). Extended Key Usage: specifikus cĂ©lok (serverAuth, clientAuth, emailProtection, codeSigning).
Purpose: Signs documents with legally binding electronic signatures.
Supports multiple signature formats: PAdES (PDF signatures), CAdES (CMS Advanced Electronic Signatures), XAdES (XML signatures). Implements PAdES-B-LTA for long-term archival with embedded timestamps and validation data. Uses hash-based idempotency (signature_hash UNIQUE constraint) to prevent duplicate signatures. Coordinates with TSA Service (13) for RFC 3161 timestamps.
PDF-specifikus alĂĄĂrĂĄsi szabvĂĄny (ETSI EN 319 142). A dokumentumba beĂĄgyazza az alĂĄĂrĂĄst, timestamp-et, Ă©s validĂĄciĂłs adatokat. A PDF lĂĄthatĂłan mĂłdosul (digitĂĄlis alĂĄĂrĂĄs jelenik meg).
ĂltalĂĄnos alĂĄĂrĂĄsi formĂĄtum bĂĄrmilyen fĂĄjlhoz (ETSI EN 319 122). Az alĂĄĂrĂĄs kĂŒlön fĂĄjlkĂ©nt vagy beĂĄgyazva tĂĄrolhatĂł. Nem mĂłdosĂtja az eredeti fĂĄjlt.
XML dokumentumokra specializĂĄlt alĂĄĂrĂĄsi formĂĄtum (ETSI EN 319 132). Az alĂĄĂrĂĄs XML elemkĂ©nt beĂĄgyazhatĂł a dokumentumba vagy kĂŒlön ĂĄllhat.
AdatbĂĄzis UNIQUE constraint a dokumentum hash-Ă©n: ugyanazt a dokumentumot nem lehet kĂ©tszer alĂĄĂrni. SHA-256 hash az alĂĄĂrt tartalomrĂłl, ami egyedi azonosĂtĂłkĂ©nt mƱködik.
Purpose: Manages the complete lifecycle of issued certificates (renewal, revocation, suspension).
Handles certificate renewal before expiration (configurable warning periods: 90/60/30 days), certificate revocation with CRL reason codes (RFC 5280), and certificate suspension (temporary hold). Implements saga pattern for multi-step revocation: notify CRL service (06), update OCSP responder (05), log audit event (17). Maintains certificate status history.
Ăj tanĂșsĂtvĂĄny kibocsĂĄtĂĄsa a rĂ©gi lejĂĄrata elĆtt. A folyamat sorĂĄn Ășj kulcspĂĄr generĂĄlĂłdik (vagy ĂșjrahasznĂĄljuk a rĂ©git), Ășj CSR-t kĂŒldĂŒnk, Ă©s Ășj tanĂșsĂtvĂĄnyt kapunk hosszabb Ă©rvĂ©nyessĂ©ggel.
TanĂșsĂtvĂĄny visszavonĂĄsa lejĂĄrat elĆtt (privĂĄt kulcs kompromittĂĄlĂłdott, felhasznĂĄlĂł tĂĄvozott, stb.). RFC 5280 reason code-ok: keyCompromise, affiliationChanged, superseded, cessationOfOperation.
Több lĂ©pĂ©sbĆl ĂĄllĂł tranzakciĂł mikroszerviz környezetben. Minden lĂ©pĂ©s sikeres vagy kompenzĂĄlĂł mƱveletet hajt vĂ©gre hiba esetĂ©n. PĂ©lda: revocation â CRL update â OCSP update â audit log.
Ideiglenes felfĂŒggesztĂ©s: a tanĂșsĂtvĂĄny ĂĄtmenetileg Ă©rvĂ©nytelen, de kĂ©sĆbb reaktivĂĄlhatĂł. Reason code: certificateHold. HasznĂĄlat: gyanĂșs aktivitĂĄs vizsgĂĄlata, elveszett kulcs keresĂ©se.
Purpose: Provides real-time certificate status validation via OCSP (RFC 6960).
Responds to Online Certificate Status Protocol (OCSP) requests with signed responses (good/revoked/unknown). Uses Redis caching for sub-10ms response times. Implements OCSP stapling support for TLS servers. Pre-computes OCSP responses for high-volume certificates. Supports OCSP nonces for replay attack prevention. Performance: 8ms p50 latency, 125 ops/sec throughput.
ValĂłs idejƱ tanĂșsĂtvĂĄny stĂĄtusz lekĂ©rdezĂ©s (RFC 6960). Kliens elkĂŒldi a tanĂșsĂtvĂĄny serial number-Ă©t, az OCSP responder vĂĄlaszol: good (Ă©rvĂ©nyes), revoked (visszavont), unknown (ismeretlen).
TLS kiszolgĂĄlĂł elĆre lekĂ©rdezi sajĂĄt OCSP vĂĄlaszĂĄt Ă©s a TLS handshake-ben elkĂŒldi a kliensnek. ElĆny: kliens nem kell kĂŒlön OCSP kĂ©rĂ©st csinĂĄljon, gyorsabb, kevesebb privacy leak.
Egyszer hasznĂĄlatos random szĂĄm az OCSP kĂ©rĂ©sben. A vĂĄlasznak tartalmaznia kell ugyanazt a nonce-t. VĂ©d replay attack ellen: rĂ©gi OCSP vĂĄlaszt nem lehet ĂșjrafelhasznĂĄlni.
OCSP vĂĄlaszok elĆre generĂĄlĂĄsa Ă©s cache-elĂ©se. Nagy forgalmĂș tanĂșsĂtvĂĄnyokhoz (1M+ lekĂ©rdezĂ©s/nap) nem lehet minden kĂ©rĂ©sre generĂĄlni. ElĆre kĂ©szĂtjĂŒk Ă©s Redis-be tesszĂŒk.
Purpose: Generates and distributes Certificate Revocation Lists (CRL).
Creates Certificate Revocation Lists per CA with configurable refresh intervals (hourly/daily). Implements Delta CRLs for bandwidth optimization. Publishes CRLs to HTTP/HTTPS endpoints with CDN support. Handles CRL number sequencing and versioning. Coordinates with Certificate Lifecycle Service (04) for revocation updates. Supports both DER and PEM formats.
Visszavont tanĂșsĂtvĂĄnyok listĂĄja, amit a CA periodikusan publikĂĄl (RFC 5280). Tartalmazza a serial number-eket, revocation date-et, Ă©s reason code-ot. Kliens letölti Ă©s ellenĆrzi a tanĂșsĂtvĂĄnyt.
Csak az Ășj revocation-öket tartalmazĂł CRL a legutĂłbbi teljes CRL Ăłta. Kisebb mĂ©ret, gyorsabb letöltĂ©s. HasznĂĄlat: teljes CRL naponta, Delta CRL ĂłrĂĄnkĂ©nt. Kliens kombinĂĄlja Ćket.
NövekvĆ sorszĂĄm minden CRL kiadĂĄshoz. SegĂt a kliensnek ellenĆrizni, hogy naprakĂ©sz CRL-t hasznĂĄl-e. PĂ©ldĂĄul: CRL #1234 rĂ©gebbi mint CRL #1235.
URL a tanĂșsĂtvĂĄnyban (X.509 extension), ahonnan a CRL letölthetĆ. PĂ©ldĂĄul: http://crl.example.com/ca1.crl. A kliens ezt olvassa Ă©s letölti a CRL-t.
Purpose: S3-compatible object storage for documents, certificates, and binary data.
Provides S3-compatible API for storing signed documents, certificate bundles, audit log archives, and KYC documents. Implements multipart upload for large files (>5GB). Supports versioning and lifecycle policies (auto-deletion after retention period). Uses MinIO or cloud object storage (AWS S3, Azure Blob, GCS). Implements content-addressable storage with SHA-256 hashing for deduplication.
Amazon S3 API kompatibilis object storage. PUT/GET/DELETE mƱveletek HTTP-n keresztĂŒl. MinIO, Ceph, vagy valĂłdi AWS S3. ElĆny: könnyen cserĂ©lhetĆ provider anĂ©lkĂŒl, hogy a kĂłdot mĂłdosĂtanĂĄnk.
Nagy fĂĄjlok (>5GB) feltöltĂ©se darabokban (chunks). Minden chunk kĂŒlön feltöltĆdik (5MB-100MB rĂ©szek), vĂ©gĂ©n összefƱzzĂŒk. ElĆny: retry csak a hibĂĄs chunk-ra, nem az egĂ©sz fĂĄjlra, gyorsabb parallel upload.
Minden mĂłdosĂtĂĄskor Ășj verziĂł kĂ©szĂŒl, rĂ©gi verziĂłk megmaradnak. FĂĄjl törlĂ©se nem valĂłdi törlĂ©s, csak delete marker. VisszaĂĄllĂtĂĄs korĂĄbbi verziĂłra: list versions â restore. VĂ©delem vĂ©letlen törlĂ©s ellen.
FĂĄjlok tĂĄrolĂĄsa hash-ĂŒk alapjĂĄn (SHA-256). Ugyanaz a tartalom = ugyanaz a hash = egyszer tĂĄrolva. Automatikus deduplikĂĄciĂł: 1000 pĂ©ldĂĄny ugyanarrĂłl a PDF-rĆl = 1x tĂĄrolĂĄs.
Purpose: Asynchronous job queuing and message broker for distributed processing.
Manages job queues using Redis Streams or RabbitMQ. Supports multiple queue priorities (high/normal/low). Implements dead letter queues (DLQ) for failed jobs. Provides at-least-once delivery guarantees with acknowledgments. Handles bulk signing jobs, certificate renewal batches, and compliance checks. Coordinates with Worker Orchestration (09) for job execution. Pattern: Producer-consumer with worker pools.
Redis adatstruktĂșra message queue-hoz. Append-only log, consumer groups, acknowledgments. Gyorsabb mint RabbitMQ egyszerƱ use case-ekhez, beĂ©pĂtett persistence, cluster support.
KĂŒlön queue a sikertelen job-oknak. Ha egy job 5x megprĂłbĂĄlva is sikertelen, DLQ-ba kerĂŒl. ManuĂĄlis vizsgĂĄlat: mi okozta a hibĂĄt? Fix utĂĄn Ășjra feldolgozhatĂł. Nem blokkolja a normĂĄl queue-t.
GarantĂĄlja hogy minden ĂŒzenet legalĂĄbb egyszer feldolgozĂĄsra kerĂŒl (de lehet többször is). Worker vesz egy job-ot, feldolgozza, ACK-ot kĂŒld. Ha ACK nem Ă©rkezik (crash), job Ășjra queue-ba kerĂŒl.
Több priority level: high (azonnal), normal (vĂĄrhatĂł), low (kĂ©sĆbb). High priority job-ok elĆre kerĂŒlnek. HasznĂĄlat: urgent signing request elĆre, batch operations hĂĄtra.
Purpose: Distributed worker management for background job processing.
Manages worker lifecycle (registration, heartbeats, health checks). Implements distributed locking (Redis Redlock) to prevent duplicate job processing. Provides exponential backoff retry logic (1s â 2s â 4s â 8s â 16s). Monitors worker health with 30-second heartbeat intervals. Supports graceful shutdown (wait for current job completion). Uses goroutines for concurrent job processing. Tracks job status: pending â processing â completed/failed.
Lock mechanizmus elosztott környezetben Redis-szel. Több worker közĂŒl csak 1 dolgozhatja fel ugyanazt a job-ot. SET NX PX paranccsal: set if not exists, expire after X ms. Redlock algoritmus: 3/5 Redis node.
ĂjraprĂłbĂĄlkozĂĄs növekvĆ vĂĄrakozĂĄsi idĆvel hiba esetĂ©n. 1. prĂłba utĂĄn 1s vĂĄr, 2. utĂĄn 2s, 3. utĂĄn 4s, stb. MegakadĂĄlyozza hogy azonnal Ășjra prĂłbĂĄlkozzon (ami tĂșlterhelheti a rendszert), ad idĆt a recovery-nek.
Worker 30 mĂĄsodpercenkĂ©nt jelzi hogy Ă©l (timestamp update Redis-ben). Orchestrator ellenĆrzi: ha 60s-nĂ©l rĂ©gebbi a heartbeat, worker crashed, job-jai visszakerĂŒlnek a queue-ba. Health monitoring.
Worker leĂĄllĂtĂĄskor befejezi a current job-ot, nem fogad Ășj job-okat. SIGTERM signal â finish current work â close connections â exit. ElkerĂŒli a fĂ©lig kĂ©sz job-okat Ă©s adatvesztĂ©st.
Purpose: Multi-channel notification delivery (email, SMS, webhooks, push notifications).
Sends notifications via SMTP (email), Twilio/Vonage (SMS), webhooks, and push notifications. Uses templating engine (HTML/text templates with i18n support). Implements retry logic for failed deliveries. Tracks delivery status and bounce handling. Supports batch notifications (e.g., certificate expiry warnings to 1000 users). Integrates with third-party services (SendGrid, Amazon SES, Mailgun).
Email kĂŒldĂ©si protokoll. Service SMTP szerverre csatlakozik (SendGrid, SES, Gmail), autentikĂĄl, Ă©s elkĂŒldi az email-t. Port 587 (TLS), 465 (SSL). Bounce handling: delivery failure notification.
Dinamikus tartalom generĂĄlĂĄs sablonokbĂłl. Sablon: "Szia {{name}}, tanĂșsĂtvĂĄnyod {{days}} nap mĂșlva lejĂĄr." Engine behelyettesĂti a vĂĄltozĂłkat. TĂĄmogatja az i18n-t (multi-language), HTML/text formĂĄtumokat.
HTTP POST kĂ©rĂ©s egy kĂŒlsĆ URL-re esemĂ©ny bekövetkeztekor. Payload: JSON adatok az esemĂ©nyrĆl. KĂŒlsĆ rendszer fogadja Ă©s feldolgozza. Retry: exponential backoff ha a webhook endpoint nem Ă©rhetĆ el.
Több cĂmzettnek egyszerre kĂŒld notification-t (1000 user). Nem kĂŒlön 1000 request, hanem batch API. SendGrid: 1000 email 1 API call-ban. Rate limiting figyelembevĂ©tel, progress tracking, partial failure handling.
Purpose: User authentication with OAuth2, OIDC, MFA, and SSO support.
Implements OAuth 2.0 and OpenID Connect (OIDC) protocols. Supports Multi-Factor Authentication (MFA) with TOTP (RFC 6238), SMS, and email codes. Provides Single Sign-On (SSO) with SAML 2.0 and OIDC. Issues JWT tokens with configurable expiration (15min access, 7day refresh). Implements session management with Redis. Supports password policies and account lockout after failed attempts.
AuthorizĂĄciĂłs protokoll: lehetĆvĂ© teszi hogy az app hozzĂĄfĂ©rjen user adataihoz a user jelszava nĂ©lkĂŒl. Flow: user bejelentkezik â engedĂ©lyt ad â app kap access token-t. Token-nel elĂ©ri a vĂ©dett resource-okat.
2FA kĂłd generĂĄlĂĄs RFC 6238 alapjĂĄn. Közös secret (QR code), current time, HMAC-SHA1 â 6 szĂĄmjegyƱ kĂłd. 30 mĂĄsodpercenkĂ©nt vĂĄltozik. App: Google Authenticator, Authy. Offline mƱködik, nincs SMS cost.
Egyszer bejelentkezĂ©s, több app hasznĂĄlata. Identity Provider (IdP) centralizĂĄlja az auth-ot. SAML 2.0 vagy OIDC protokoll. User bejelentkezik IdP-be â megkapja a token-t â app-ok elfogadjĂĄk.
ĂnĂĄllĂł, alĂĄĂrt JSON token auth-ra. Tartalmazza: user_id, role, exp (lejĂĄrat). Base64 encoded, digitĂĄlisan alĂĄĂrva. Server nem tĂĄrol session-t, mindent a token tartalmaz. Stateless auth, könnyen skĂĄlĂĄzhatĂł.
Purpose: Fine-grained access control with RBAC and ABAC.
Implements Role-Based Access Control (RBAC) with hierarchical roles (admin â manager â user) and Attribute-Based Access Control (ABAC) for complex policies. Evaluates permissions in <5ms with Redis caching. Supports resource-level permissions (user can sign document X but not Y). Uses policy engine with boolean logic (AND/OR/NOT). Integrates with Policy Compliance Engine (46) for advanced rules.
JogosultsĂĄgok szerepkörök alapjĂĄn. User â Role â Permissions. PĂ©ldĂĄul: "admin" role â all permissions, "viewer" role â read-only. Hierarchia: admin > manager > user (öröklĂ©s). EgyszerƱ, könnyen kezelhetĆ.
JogosultsĂĄgok attribĂștumok alapjĂĄn. User attribĂștumok (department, clearance level), resource attribĂștumok (classification, owner), environment (time, location). Policy: "IF user.dept == 'Finance' AND doc.type == 'invoice' THEN allow".
Rule-based motor policy-k kiĂ©rtĂ©kelĂ©sĂ©re. Boolean logika: (role == 'admin' OR dept == 'IT') AND time < '18:00'. JSON policy definition, gyors evaluation (<5ms), cache-elhetĆ eredmĂ©nyek. Flexible, programozhatĂł permissions.
Részletes jogosultsåg konkrét resource-okra. Nem csak "user can sign documents", hanem "user can sign document #12345". Tårolås: permissions tåbla (user_id, resource_id, action). Hasznålat: document sharing, multi-tenancy.
Purpose: RFC 3161 compliant timestamping for proof of existence.
Issues RFC 3161 timestamps (TST tokens) proving document existence at a specific time. Uses NTP-synchronized clocks with atomic time sources. Supports Qualified Timestamps (QTST) for eIDAS compliance. Implements TSA certificate chain separate from signing certificates. Provides 12ms p50 latency for timestamp generation. Critical for PAdES-B-LTA long-term archival and legal compliance.
DigitĂĄlis timestamp: bizonyĂtja hogy egy dokumentum lĂ©tezett egy adott idĆpontban. TSA alĂĄĂrja a dokumentum hash-Ă©t Ă©s a pontos idĆpontot. Nem lehet visszadatĂĄlni, nem lehet mĂłdosĂtani. Kritikus: long-term signatures.
EU minĆsĂtett timestamp szolgĂĄltatĂĄs eIDAS szerint. SzigorĂș követelmĂ©nyek: atomi Ăłra, audit, HSM, qualif ied TSA certificate. Jogi Ă©rtĂ©k: bĂrĂłsĂĄgon elfogadott bizonyĂtĂ©k. DrĂĄgĂĄbb, mint a sima TSA.
Ăra szinkronizĂĄciĂłs protokoll. TSA szerver NTP-vel szinkronizĂĄl atomi ĂłrĂĄkhoz (NIST, PTB). PontossĂĄg: ±1ms. RedundĂĄns NTP forrĂĄsok, health monitoring. GarantĂĄlja a timestamp pontossĂĄgĂĄt.
Time Stamp Token: ASN.1 DER encoded structure. Tartalmazza: hash algorithm, hash value, timestamp, TSA signature, TSA certificate chain. BeĂĄgyazhatĂł PAdES-be, CAdES-be. VerifikĂĄlhatĂł a TSA publikus kulcsĂĄval.
Purpose: Hardware Security Module integration for cryptographic operations.
Interfaces with Hardware Security Modules (HSM) via PKCS#11 API. Manages HSM session pool (10-50 concurrent sessions) for <50ms signing performance. Provides key generation, signing, encryption, and random number generation operations. Implements FIPS 140-2 Level 3 compliance. Uses channel-based worker pool for parallel operations. Private keys never leave the HSM. Tracks signature counters and HSM health metrics.
Fizikai kriptogrĂĄfiai eszköz (USB dongle vagy rack-mount). A privĂĄt kulcsok SOHA nem hagyjĂĄk el, minden kriptogrĂĄfiai mƱvelet (alĂĄĂrĂĄs, titkosĂtĂĄs) bent törtĂ©nik. Tamper-proof (fizikai vĂ©delem).
Public-Key Cryptography Standard #11 - szabvĂĄnyos API HSM-ek programozĂĄsĂĄhoz. FunkciĂłkat definiĂĄl: kulcs generĂĄlĂĄs, alĂĄĂrĂĄs, titkosĂtĂĄs, session management. Platform-fĂŒggetlen.
HSM kapcsolatok ĂșjrafelhasznĂĄlĂĄsa (connection pooling). Ăj session lĂ©trehozĂĄsa lassĂș (100-200ms), ezĂ©rt 10-50 session-t elĆre lĂ©trehozunk Ă©s ĂșjrahasznĂĄljuk. Go channels-szel kezeljĂŒk.
USA kormĂĄnyzati kriptogrĂĄfiai szabvĂĄny. Level 3: fizikai tamper protection (Ă©rzĂ©kelĆk), identity-based authentication, belĂ©ptetĂ©s logolĂĄsa. Magasabb mint Level 2 (software), alacsonyabb mint Level 4 (környezeti vĂ©delem).
Purpose: Unified API entry point with routing, authentication, and rate limiting.
Single entry point for all API requests with request routing, load balancing, and service discovery. Implements rate limiting (per-user, per-IP, per-endpoint) with Redis. Provides API versioning (/v1, /v2). Handles CORS, request validation, and response transformation. Integrates with Authentication (11) for JWT validation. Supports circuit breaker pattern for upstream services. Observability: Distributed tracing with OpenTelemetry.
EgysĂ©ges belĂ©pĂ©si pont a mikroszervizekhez. Routing: /api/certs â Service 02, /api/sign â Service 03. Központi auth, rate limiting, logging. Kliens 1 endpointot lĂĄt, belĂŒl 47 service. EgyszerƱsĂti a kliens oldalt.
KĂ©rĂ©sek korlĂĄtozĂĄsa idĆegysĂ©genkĂ©nt. Redis sliding window: 100 req/min per user, 1000 req/min per IP. Ha tĂșllĂ©pi â 429 Too Many Requests. VĂ©d DDoS ellen, biztosĂtja fair hasznĂĄlatot, megĂłvja backend-et.
VĂ©delem upstream service failure ellen. 3 state: closed (OK), open (service down, instant fail), half-open (prĂłba). Ha 5 error/10 req â open state â nem hĂvja a service-t 30s. VĂ©d cascade failure ellen.
Distributed tracing Ă©s metrics collection. Trace ID követi a request-et service-eken ĂĄt. LĂĄtszik: Gateway â Auth â Cert Issuance â HSM â total 250ms. SegĂt bottleneck-eket talĂĄlni.
Purpose: User profiles, organization management, and user lifecycle.
Manages user profiles (name, email, phone, preferences), organization hierarchies (parent/child orgs), and user-organization relationships. Implements user invitation workflows with email verification. Handles user deactivation and deletion (soft delete with 30-day retention). Provides user search with full-text indexing. Integrates with GDPR Rights Service (37) for data export/erasure. Multi-tenancy: Row-level security (org_id filter).
Szervezeti fa struktĂșra: parent company â subsidiaries â departments. PostgreSQL: parent_org_id foreign key. Recursive query-k: WITH RECURSIVE... HasznĂĄlat: billing aggregĂĄciĂł, permission inheritance, resource sharing.
Logikai törlĂ©s: deleted_at timestamp beĂĄllĂtĂĄsa NULL-rĂłl Ă©rtĂ©kre. Record megmarad, de query-k kihagyjĂĄk (WHERE deleted_at IS NULL). 30 nap utĂĄn permanent delete. VĂ©d vĂ©letlen törlĂ©s ellen, compliance (audit trail).
Ăj user meghĂvĂĄs: admin elkĂŒldi email-t â user kap link-et (token) â regisztrĂĄciĂł token-nel â account aktivĂĄlĂĄs. Token: random UUID, expire 7 nap. Security: token-t csak 1x lehet hasznĂĄlni, email validation.
PostgreSQL policy: minden query automatikusan WHERE org_id = current_user.org_id-t kap. Database szinten biztosĂtja a tenant isolation-t. User nem lĂĄthatja mĂĄs org adatait mĂ©g SQL injection-nel sem.
Purpose: Comprehensive audit logging for ISO 27001, SOC 2, PCI DSS compliance.
Logs all security-relevant events (authentication, authorization, data access, modifications) with structured JSON format. Implements immutable audit trail (append-only, tamper-evident). Stores before/after values for compliance. Provides JSONB queries for flexible searching. Streams logs to external SIEM (Splunk, ELK, DataDog, Sumo Logic). Retention: 90 days hot storage, 7 years archive. Standards: ISO 27001 A.12.4.1, SOC 2 CC7.2, PCI DSS Req 10, GDPR Art. 30.
Append-only log: insert mƱveletek megengedettek, update/delete tiltottak. Database constraint vagy permission. Tamper-evident: hash chain minden entry-re (elĆzĆ hash rĂ©sze a jelenlegi hash-nek). UtĂłlag nem mĂłdosĂthatĂł.
JSON tĂĄrolĂĄs binĂĄris formĂĄtumban PostgreSQL-ben. IndexelhetĆ, query-elhetĆ (WHERE data->>'action' = 'login'). Flexible schema: minden event tĂpushoz mĂĄs mezĆk. Gyorsabb mint text JSON parsing.
Központi log aggregåció és security analysis. Real-time monitoring, anomaly detection, alerting. Eszközök: Splunk, ELK Stack, DataDog. Log shipping: Filebeat, Fluentd, vagy direct API.
Audit log tartalmazza a vĂĄltozĂĄs elĆtti Ă©s utĂĄni Ă©rtĂ©keket. PĂ©lda: {before: {role: 'user'}, after: {role: 'admin'}}. Compliance: ki, mit, mikor mĂłdosĂtott. Rollback lehetĆsĂ©g. SOC 2, ISO 27001 követelmĂ©ny.
Purpose: Cryptographic key generation, rotation, escrow, and lifecycle management.
Manages key lifecycle: pending â active â rotated â deactivated â destroyed. Implements automated key rotation with configurable schedules (90/180/365 days). Uses pessimistic locking (SELECT FOR UPDATE) for rotation operations. Provides key escrow for enterprise backup/recovery. Tracks key usage (signature count, encryption operations). Integrates with HSM Proxy (14) for key generation. Maintains key rotation history with old/new key IDs. Supports key derivation (HKDF, PBKDF2).
RĂ©gi kulcs cserĂ©je Ășj kulcsra biztonsĂĄg Ă©rdekĂ©ben. Scheduled rotation: 90 naponta automatikus. RĂ©gi kulcs: deactivated de megmarad (rĂ©gi alĂĄĂrĂĄsok validĂĄlĂĄsĂĄhoz). Ăj kulcs: active (Ășj mƱveletek).
SELECT FOR UPDATE: sor zĂĄrolĂĄs a tranzakciĂł vĂ©gĂ©ig. MĂĄs tranzakciĂł vĂĄr. HasznĂĄlat: key rotation (biztosĂtja hogy csak 1 worker rotĂĄlja a kulcsot). Lassabb mint optimistic lock, de garancia a consistency.
Kulcsok biztonsĂĄgos backup-ja harmadik fĂ©lnĂ©l vagy secure storage-ban. Enterprise use case: employee tĂĄvozĂĄsa utĂĄn data recovery. Encryption key escrow: titkosĂtott adatok visszafejtĂ©se.
Master key-bĆl szĂĄrmaztatunk több kulcsot (RFC 5869). 1 master key â encryption key, signing key, MAC key. ElĆny: csak 1 kulcsot kell tĂĄrolni biztonsĂĄgosan, többit runtime generĂĄljuk. Determinisztikus.
Purpose: Prometheus metrics, Grafana dashboards, and intelligent alerting.
Collects metrics (counters, gauges, histograms) via Prometheus. Monitors performance (latency p50/p95/p99), errors (error rate, 5xx responses), business metrics (signatures/day, certificates issued), and resource usage (CPU, memory, disk I/O). Provides Grafana dashboards with real-time visualization. Sends alerts via email, SMS, Slack, PagerDuty for: SLA violations, error spikes, certificate expiry, HSM failures. Alerting rules: p99 latency > 1s, error rate > 1%, disk > 80%.
Time-series metric database. Pull-based: Prometheus scrape-eli a /metrics endpoint-okat (15s interval). Metric tĂpusok: counter (növekvĆ), gauge (aktuĂĄlis Ă©rtĂ©k), histogram (eloszlĂĄs). PromQL query language.
Latency eloszlĂĄs: p50 = median (50% gyorsabb), p95 (95% gyorsabb), p99 (99% gyorsabb). PĂ©lda: p50=20ms, p95=100ms, p99=500ms. P99 fontos: outlier-ek (worst case) lĂĄthatĂłak. SLA-ban definiĂĄlt.
Prometheus alert routing Ă©s notification. Alert rule: IF p99_latency > 1s FOR 5m THEN alert. Routing: critical â PagerDuty, warning â Slack. Grouping, silencing, inhibition. ElkerĂŒli az alert flood-ot.
VizuĂĄlis dashboard metrics-hez. Panels: time-series graph, gauge, heatmap, table. Variables: környezet, service. Drill-down: klikk egy spike-ra â rĂ©szletes log. Real-time refresh, shareable link. NOC (Network Operations Center) hasznĂĄlja.
Purpose: Validates digital signatures across multiple formats (PAdES, CAdES, XAdES).
Verifies cryptographic signatures, validates certificate chains up to trusted root CAs, checks revocation status (OCSP/CRL), and validates timestamps. Supports long-term validation (LTV) for archived documents. Implements European Signature Validation Algorithm (ETSI TS 102 853). Returns detailed validation reports (signature valid, certificate status, timestamp valid, trust anchor). Handles multiple signatures per document and counter-signatures.
TanĂșsĂtvĂĄny lĂĄnc ellenĆrzĂ©se a trusted root CA-ig. Leaf certificate â Intermediate CA â Root CA. Minden lĂ©pĂ©sben: signature valid? period valid? revoked? chain of trust builds up. Trusted root: pre-installed vagy explicit.
ArchivĂĄlt dokumentumok validĂĄlĂĄsa Ă©vek mĂșlva. BeĂĄgyazott timestamp, OCSP/CRL response, certificate chain. MĂ©g ha a CA megszƱnt is, a dokumentum validĂĄlhatĂł. PAdES-B-LTA tĂĄmogatja. Kritikus: legal documents.
AlĂĄĂrĂĄsra tett alĂĄĂrĂĄs. User1 alĂĄĂr dokumentumot â User2 counter-signĂĄlja User1 alĂĄĂrĂĄsĂĄt (idĆbĂ©lyeg, notary). BizonyĂtja hogy User1 alĂĄĂrĂĄsa adott idĆpontban lĂ©tezett. Nested signatures: signature of signature.
European szabvåny signature validation algoritmushoz. Definiålja a validation policy-ket, validation constraints-eket, és a validation report formåtumot. EU-szerte egységes signature verification.
Purpose: Integrates with external Qualified Trust Service Providers (eIDAS).
Connects to external QTSPs for qualified signatures when local platform is not qualified. Implements remote signing workflows with user authorization (OTP, mobile app). Supports CSC API (Cloud Signature Consortium) for standardized remote signing. Handles signature activation data (SAD) securely. Coordinates with multiple QTSP providers for redundancy. Tracks QTSP transaction costs and usage quotas.
EU minĆsĂtett szolgĂĄltatĂł eIDAS szerint. Jogosult qualified certificates, qualified timestamps, qualified signatures kibocsĂĄtĂĄsĂĄra. SzigorĂș audit, supervision, liability insurance. ListĂĄn: EU Trusted List.
AlĂĄĂrĂĄs tĂĄvoli HSM-mel, privĂĄt kulcs a QTSP-nĂ©l. User autorizĂĄlja (OTP, mobile app push), QTSP alĂĄĂr a user nevĂ©ben. ElĆny: nincs helyi HSM szĂŒksĂ©g, QTSP certified. HĂĄtrĂĄny: network dependency, per-signature cost.
SzabvĂĄnyos REST API remote signing-hoz. Workflow: credentials/list â credentials/authorize â signatures/signHash. Multi-provider support: 1 API, több QTSP. Elterjedt EU-ban remote signing platformokhoz.
AlĂĄĂrĂĄs aktivĂĄlĂĄsi adat: OTP, biometric, PIN, ami autorizĂĄlja a remote signing-ot. BizonyĂtja hogy a user valĂłban akarta az alĂĄĂrĂĄst. eIDAS követelmĂ©ny qualified signatures-hez. Secure channel-en (TLS) kĂŒldve.
Purpose: Identity verification workflows for qualified certificate issuance.
Implements identity verification workflows: document upload (ID card, passport), liveness detection (video selfie), document OCR extraction, and identity matching algorithms. Integrates with third-party KYC providers (Onfido, Jumio, Veriff) via Service 31. Supports multi-level verification (basic, enhanced, qualified). Maintains verification status: pending â verified â rejected. Stores verification evidence for audit trails. Required for eIDAS qualified certificates.
BizonyĂtja hogy Ă©lĆ szemĂ©ly van a kamera elĆtt, nem fĂ©nykĂ©p. Video selfie: user mozdĂtja fejĂ©t, pislog. AI analĂzis: 3D depth detection, texture analysis. VĂ©d photo spoofing, video replay ellen. KYC kritikus komponens.
Optical Character Recognition: text extraction szemĂ©lyi igazolvĂĄnybĂłl, ĂștlevĂ©lbĆl. Machine learning (Tesseract, cloud API). Kinyert adatok: nĂ©v, szĂŒletĂ©si dĂĄtum, szemĂ©lyi szĂĄm. ValidĂĄciĂł: checksum, format, expiry. AutomatizĂĄlja a KYC-t.
Selfie vs ID photo face matching. Facial recognition AI: similarity score 0-100%. Threshold: >85% = match. BiztosĂtja hogy a dokumentum tulajdonosa van jelen. Kritikus: identity fraud prevention.
Basic: email verification. Enhanced: document upload + OCR. Qualified: enhanced + liveness + video interview. Qualified szĂŒksĂ©ges QES-hez (Qualified Electronic Signature). Minden level növeli a trust level-t Ă©s a cost-ot.
Purpose: Helps users discover and select appropriate certificates for signing operations.
Provides certificate discovery based on user identity, organization, and purpose. Filters certificates by validity period, key usage (digitalSignature, nonRepudiation), and certificate type (qualified, advanced, simple). Implements certificate ranking (prefer qualified over advanced, newer over older). Checks revocation status before presenting certificates. Supports certificate preview (subject DN, issuer, validity). Used in signing workflows to present valid certificates to users.
User-hez tartozĂł tanĂșsĂtvĂĄnyok felderĂtĂ©se. Query: user_id + valid + not_revoked. Filter by purpose (signing, encryption, auth). Result: lista a hasznĂĄlhatĂł tanĂșsĂtvĂĄnyokrĂłl. UI: dropdown "Select certificate for signing".
TanĂșsĂtvĂĄny extension: mire hasznĂĄlhatĂł a kulcs. digitalSignature (signing), nonRepudiation (nem tagadhatĂł alĂĄĂrĂĄs), keyEncipherment (titkosĂtĂĄs), dataEncipherment, keyAgreement. Critical extension: csak ezekre hasznĂĄlhatĂł.
TanĂșsĂtvĂĄnyok rendezĂ©se preferencia szerint. Score: qualified (+100), validity remaining (+days/365), newer issued_at (+points). Legmagasabb score kerĂŒl elsĆ helyre. User lĂĄtja a legjobb vĂĄlasztĂĄst default-kĂ©nt. JavĂtja UX-et.
TanĂșsĂtvĂĄny tulajdonosĂĄnak azonosĂtĂłja X.509-ben. Format: CN=John Doe, OU=Engineering, O=Company, C=US. CN=Common Name (nĂ©v), OU=Organizational Unit, O=Organization, C=Country. Hierarchikus struktĂșra.
Purpose: Issues privacy-preserving certificates without revealing user identity.
Issues pseudonymous certificates where subject DN contains pseudonym instead of real name. Maintains identity mapping (pseudonym â real identity) in secure, encrypted storage. Supports multiple pseudonyms per user for different contexts. Implements pseudonym rotation for enhanced privacy. Used for whistleblower platforms, anonymous surveys, and privacy-sensitive applications. Complies with GDPR privacy-by-design principles. Can reveal identity with court order/legal process.
TanĂșsĂtvĂĄny ĂĄlnĂ©vvel valĂłdi nĂ©v helyett. Subject DN: CN=User_47a3b9, nem CN=John Doe. AlĂĄĂrĂĄsok validĂĄlhatĂłk de a signer szemĂ©lye nem nyilvĂĄnos. Use case: whistleblower, anonymous voting, privacy-first apps.
AdatbĂĄzis tĂĄbla: pseudonym â real_user_id. TitkosĂtva (AES-256) master key-vel. Access control: admin only, audit log. BĂrĂłsĂĄgi vĂ©gzĂ©ssel feltĂĄrhatĂł. GDPR Art. 32: technical measures for pseudonymization.
Pseudonym vĂĄltĂĄsa idĆvel privacy fokozĂĄshoz. User_47a3b9 â User_8d21f4 (3 hĂłnap utĂĄn). RĂ©gi tanĂșsĂtvĂĄny revoke, Ășj kibocsĂĄt. NehezĂti a long-term tracking-et. Enhanced privacy.
Privacy beĂ©pĂtĂ©se a rendszer design-jĂĄba (nem utĂłlag). Pseudonymization: data minimization, purpose limitation. Default: privacy-friendly. Technical Ă©s organizational measures. GDPR compliance by design.
Purpose: Handles large file uploads with chunked/multipart upload support.
Manages chunked uploads for files >100MB with resume capability. Implements presigned URLs for direct-to-S3 uploads (bypass backend). Provides upload progress tracking with websockets/SSE. Validates file size limits (max 5GB) and allowed MIME types. Performs virus scanning (ClamAV integration) and malware detection before accepting files. Generates SHA-256 checksums for integrity verification. Coordinates with File Storage (07) for final storage.
Nagy fĂĄjl feltöltĂ©se kis darabokban (chunks). 1GB fĂĄjl = 100x 10MB chunk. Minden chunk kĂŒlön HTTP request. Server összerakja a vĂ©gĂ©n. ElĆny: retry csak a failed chunk-ot, nem az egĂ©szet. Progress tracking könnyebb.
IdĆkorlĂĄtozott URL direct S3 upload-hoz. Backend generĂĄlja (15 perc TTL), kliens direct S3-ba tölt. ElĆny: backend nem proxy-zza a fĂĄjlt (bandwidth spĂłrolĂĄs), gyorsabb upload. Signing: HMAC-SHA256 AWS credentials.
Open-source antivirus engine. Stream-based scanning: fĂĄjl chunk-onkĂ©nt scan-elve memĂłriĂĄban. Virus signature database (daily update). Integration: socket vagy REST API. Infected file â reject + notify.
Upload folytatĂĄsa megszakĂtĂĄs utĂĄn. Server tĂĄrolja: file_id, uploaded_chunks (bitset vagy list). Kliens ĂșjracsatlakozĂĄskor: "which chunks are missing?" â folytatja. Critical: nagy fĂĄjlok, lassĂș network.
Purpose: Verifies file integrity, detects tampering, and validates checksums.
Computes cryptographic hashes (SHA-256, SHA-512) for uploaded files. Verifies file integrity by comparing computed hash with provided hash. Detects file tampering and corruption. Validates digital signatures embedded in files (PDF signatures, Office document signatures). Checks metadata consistency (file size, modification time). Integrates with Format Detection (38) to identify file types. Provides verification reports (hash match, signature valid, no tampering detected).
EgyirĂĄnyĂș hash fĂŒggvĂ©ny: input â 256-bit fingerprint. Ugyanaz az input = ugyanaz a hash. 1 bit vĂĄltozĂĄs â teljesen mĂĄs hash. Collision-resistant: gyakorlatilag lehetetlen 2 kĂŒlönbözĆ input-nak ugyanaz a hash. File integrity check alapja.
FĂĄjl mĂłdosĂtĂĄs Ă©szlelĂ©se. Upload-kor hash-t szĂĄmolunk Ă©s tĂĄroljuk. KĂ©sĆbb ĂșjraszĂĄmoljuk Ă©s összehasonlĂtjuk. Hash mismatch = fĂĄjl megvĂĄltozott (tampered, corrupted). Critical: signed documents, evidence files.
FĂĄjlba beĂĄgyazott signature (PDF /ByteRange, Office XML signature). Verification: extract signature â validate certificate chain â verify signature bytes â check revocation. Report: valid/invalid/unknown.
File metadata validĂĄlĂĄsa: file size (Content-Length vs actual), modification time (realistic?), format (extension vs magic bytes). Inconsistency = file corruption, malicious upload, spoofing attempt. Security + integrity control.
Purpose: Batch processing for signing, issuance, and revocation operations.
Handles batch signing (sign 1000 documents in parallel), batch certificate issuance (IoT device onboarding), and batch revocation (compromised key scenario). Uses worker pool pattern with configurable concurrency (10-100 workers). Implements progress tracking (45/100 documents signed) and partial failure handling (continue on error). Provides batch status API (queued â processing â completed/failed). Generates batch reports (summary, failed items, success rate). Performance: 125 ops/sec for batch PDF signing.
Fix szĂĄmĂș worker goroutine (pl. 50) feldolgozza a job-okat. Job channel: buffered channel (capacity 1000). Workers: for range channel loop. Concurrency limit: vĂ©d tĂșlterhelĂ©s ellen. Go: goroutines + channels.
Batch job ĂĄllapotĂĄnak követĂ©se. DB: batch_id, total_count, completed_count, failed_count, status (processing/completed). Update minden job completion-nĂ©l (atomic increment). API: GET /batch/{id}/progress â 45/100 (45% done). Real-time UI update.
Batch job nem ĂĄll meg elsĆ hiba utĂĄn, folytatja a többi item-et. Failed items: kĂŒlön listĂĄzva (reasons). Success rate: 95/100 = 95%. Retry: failed items kĂŒlön batch-kĂ©nt. Critical: IoT bulk onboarding (1000s devices).
Summary report batch job befejezésekor. Tartalmaz: total, success, failed, success rate, duration, throughput (ops/sec). Failed items detail: item_id, error message. Export: PDF, CSV. Email notification: admin-oknak. Audit trail.
Purpose: Document encryption/decryption with key management.
Provides document encryption using hybrid cryptography (RSA/ECC for key exchange, AES-256-GCM for content). Supports multi-recipient encryption (encrypt once, decrypt by multiple authorized users). Implements envelope encryption (data encryption key wrapped by key encryption key). Handles key escrow for enterprise recovery scenarios. Provides decryption APIs with access control checks. Supports encrypted email (S/MIME) and encrypted PDFs. Integrates with Key Management (18) for KEK storage.
Asymmetric (RSA/ECC) + Symmetric (AES) kombinĂĄciĂłja. Symmetric gyors de shared key kell. Asymmetric lassĂș de key exchange biztonsĂĄgos. MegoldĂĄs: AES-sel titkosĂtunk, AES kulcsot RSA-val titkosĂtjuk. Best of both: sebessĂ©g + biztonsĂĄg.
Advanced Encryption Standard, 256-bit kulcs, Galois/Counter Mode. GCM: authenticated encryption (titkosĂtĂĄs + integrity check). Gyors (hardware acceleration), biztonsĂĄgos (NIST approved). GCM tag: tamper detection. Industry standard.
Data Encryption Key (DEK) titkosĂtja az adatokat. Key Encryption Key (KEK) titkosĂtja a DEK-et. ElĆny: KEK rotation nem igĂ©nyli az adatok ĂșjratitkosĂtĂĄsĂĄt, csak a DEK-et. AWS KMS, GCP KMS hasznĂĄlja.
1 dokumentum, több cĂmzett. DEK-kel titkosĂtunk 1x. DEK-et minden cĂmzett publikus kulcsĂĄval titkosĂtjuk. Envelope: DEK_Alice, DEK_Bob, DEK_Charlie (mindegyik ugyanaz a DEK, de kĂŒlönbözĆ KEK-kel). Efficient.
Purpose: Advanced PDF signatures and media provenance (C2PA) for images/videos.
Implements PAdES (PDF Advanced Electronic Signatures) with all profiles: PAdES-B-B (basic), PAdES-B-T (with timestamp), PAdES-B-LT (long-term with validation data), PAdES-B-LTA (archival with archive timestamps). Supports visible signatures (signature appearance on PDF page) and invisible signatures. Implements C2PA (Coalition for Content Provenance and Authenticity) for image/video authenticity and provenance tracking. Embeds content credentials in media files. Critical for combating deepfakes and ensuring media authenticity.
PAdES-B-B: basic (signature + cert). B-T: + timestamp. B-LT: + validation data (OCSP, CRL) long-term-hez. B-LTA: + archive timestamp (Ășjabb timestamp Ă©vekkel kĂ©sĆbb). LTA: 10-20 Ă©v mĂșlva is validĂĄlhatĂł.
Signature appearance PDF oldalon: signer neve, dĂĄtum, reason, grafika (kĂ©zjegy image). Annotation object a PDF-ben. User lĂĄtja hogy alĂĄĂrt dokumentum. Invisible: csak metadata, nincs visual representation. VĂĄlaszthatĂł.
Coalition for Content Provenance and Authenticity. Metadata manifest beĂĄgyazĂĄsa kĂ©pekbe, videĂłkba: ki kĂ©szĂtette, mikor, hol, milyen eszközzel, törtĂ©nt-e AI editing. Chain of custody. Deepfake detection, news authenticity.
C2PA manifest: JSON-LD format, digitĂĄlisan alĂĄĂrva. Tartalmaz: author, timestamp, edits (crop, filter), AI usage, device info. BeĂĄgyazva EXIF-be vagy video metadata-ba. Viewer tools: verify authenticity, show provenance chain.
Purpose: Business process automation and multi-party signing workflows.
Orchestrates multi-step workflows (document review â approval â signing â archival). Supports sequential signing (Alice signs â Bob signs â Charlie signs) and parallel signing (all three sign independently). Implements workflow states (draft â in-progress â completed â rejected) with state machine pattern. Provides workflow templates (contract approval, expense approval, HR onboarding). Handles notifications (Service 10) and reminders for pending tasks. Tracks SLA compliance (task due in 48 hours).
Workflow ĂĄllapotok Ă©s ĂĄtmenetek (transitions) definiĂĄlĂĄsa. Draft â (submit) â Review â (approve) â Signing â (sign) â Completed. ValidĂĄciĂł: csak megengedett transition-ök (nem lehet Draft-bĂłl Completed-be). Go: switch/case, state pattern.
Sequential: sorrendben (Alice â Bob â Charlie). Bob nem kezdheti el amĂg Alice nem fejezte be. Parallel: mindenki egyszerre, order nem szĂĄmĂt. Parallel gyorsabb, sequential biztosĂtja az order-t (pl. manager approval before CEO).
ElĆre definiĂĄlt workflow steps Ă©s participants. "Contract Approval": Legal review (2 days) â Finance approval (1 day) â CEO sign. Template instantiation: Ășj document â template alapjĂĄn workflow lĂ©trehozĂĄs. Reusable, consistent process.
Task-ok hatĂĄridĆ követĂ©se. Task created_at + SLA duration (48h) = due_date. Monitoring: overdue tasks (due_date < now). Alerts: 24h before due, at due, 24h after due. Escalation: auto-reassign ha late. KPI: SLA compliance %.
Purpose: Integration layer for third-party KYC/AML providers.
Provides unified API for multiple KYC providers (Onfido, Jumio, Veriff, Trulioo, Sumsub). Implements adapter pattern to normalize different provider APIs. Handles webhook callbacks from providers for async verification results. Provides fallback logic (try provider A, if fails try provider B). Tracks verification costs and provider performance (success rate, avg duration). Implements provider routing rules (use provider X for EU, provider Y for US). Caches verification results to avoid duplicate checks.
Design pattern: kĂŒlönbözĆ interface-ek egysĂ©gesĂtĂ©se. Minden KYC provider interface â közös internal interface. Code: VerifyIdentity(user) â provider-specific API call â common Response struct. Ăj provider: Ășj adapter, nem mĂłdosĂtjuk a core logic-ot.
Async verification: request â pending â provider callback (webhook) â update status. Provider POST /webhook/kyc/{provider}. Payload: verification_id, status, details. Validate: HMAC signature. Update DB: pending â verified/rejected. Non-blocking.
Primary provider fail â try secondary. Onfido down â Jumio. Circuit breaker: ha 5 error/10 req â open (skip provider 60s). Automatic failover: high availability. Cost optimization: cheaper provider first, expensive fallback.
Geo-based routing: EU users â Veriff (GDPR compliant, EU servers), US users â Trulioo (US local). Rule engine: IF user.country IN ['DE', 'FR'] THEN provider='Veriff'. Config-driven, nem hardcoded. Regulatory compliance.
Purpose: Enterprise tenant management with hierarchical organizations.
Manages organization hierarchies (parent company â subsidiaries â departments). Implements tenant isolation
at database level (WHERE org_id = ? on every query) and network level (Kubernetes NetworkPolicy). Supports
resource sharing (parent org shares CA with child orgs) and billing aggregation (roll up usage to parent).
Provides org switching for users belonging to multiple orgs. Handles org lifecycle
(create â active â suspended â deleted). Implements row-level security (RLS) in PostgreSQL for additional isolation.
1 application instance, több tenant (szervezet). Tenant isolation: minden tenant adatai elkĂŒlönĂtve (org_id). Shared database, shared schema, de WHERE org_id filter mindenhol. Efficient: 1 deployment, skĂĄlĂĄzhatĂł. SaaS model basis.
BiztosĂtja hogy Org A nem lĂĄthassa Org B adatait. Database: minden query WHERE org_id = current_org. Network: Kubernetes NetworkPolicy (pod-ok közti traffic filter). Code: middleware inject org_id minden request-be. Security critical.
Parent org erĆforrĂĄsai elĂ©rhetĆk child org-oknak. PĂ©lda: parent CA â child org-ok hasznĂĄlhatjĂĄk certificate issuance-hez. Permission: shared_with_children flag. Query: org_id = child OR (org_id = parent AND shared = true). Hierarchical access.
HasznĂĄlat összesĂtĂ©se parent org-hoz. Child1: 100 signatures, Child2: 200 signatures â Parent invoice: 300 total. Recursive query: WITH RECURSIVE orgs AS (SELECT ... parent_org_id). Enterprise billing: 1 invoice, több department.
Purpose: Document sharing with granular permissions and access links.
Enables document sharing with external users via shareable links (public, password-protected, expiring). Implements granular permissions (view, download, sign, admin). Supports access groups (share with "Finance Team" instead of individual users). Tracks access logs (who accessed what, when). Provides link expiration (expire after 7 days or 10 views). Implements watermarking for sensitive documents. Handles access revocation (immediately invalidate all active links).
URL token-nel: https://app.com/share/a3f9b2c1. Token: random UUID vagy JWT. No auth kell, bĂĄrki aki ismeri a linket. Types: public (no password), password-protected (kell password), expiring (TTL). Use case: external collaboration.
RĂ©szletes permission levels: view (read only), download (save local), sign (add signature), admin (manage permissions). Permission matrix: user_id x resource_id x action. Check: canUserPerformAction(user, resource, 'download').
User-ek csoportosĂtĂĄsa: "Finance Team", "Legal Department". Share with group: 1 operation, minden member kap access-t. Group membership: users_groups join table. Query: user IN group members â has access. Simplifies management.
PDF-re user-specifikus watermark runtime generĂĄlĂĄsa: "Viewed by john.doe@company.com 2024-01-15". Prevent leaks: ha screenshot/print leak, lĂĄtszik ki volt. On-the-fly PDF modification: text overlay. Deterrent.
Purpose: Event-driven integrations with external systems via webhooks.
Publishes events (certificate_issued, signature_created, quota_exceeded) to external systems via webhooks. Implements retry logic (exponential backoff: 1s, 2s, 4s, 8s, 16s) for failed deliveries. Provides webhook signing (HMAC-SHA256) for authenticity verification. Supports event filtering (only subscribe to specific event types). Tracks delivery status and failure reasons. Implements webhook management UI (register, test, view logs). Handles high-volume events with queue buffering.
Rendszer komponensek event-ekkel kommunikĂĄlnak. Service publikĂĄl event (certificate_issued) â Subscribers reagĂĄlnak (notification, audit log, analytics). Loose coupling: services nem ismerik egymĂĄst directly. Async, scalable.
Webhook delivery fail â retry exponential backoff-fal. 1. attempt fail â wait 1s â 2. attempt fail â wait 2s â stb. Max 5 attempts. After: move to DLQ. Status tracking: attempt_count, last_error, next_retry_at. Ensures delivery.
Webhook authenticity verification. Sender szĂĄmĂt HMAC(secret, payload) â X-Signature header. Receiver ugyanazt szĂĄmol, összehasonlĂt. Match = authentic webhook, nem fake. Prevent: malicious webhook injection. GitHub, Stripe hasznĂĄlja.
Subscription-ok event type alapjĂĄn. User subscribe: ['certificate_issued', 'certificate_revoked'], nem kell 'signature_created'. Filter: IF event.type IN subscription.event_types THEN send webhook. Reduce noise, save bandwidth, relevant notifications only.
Purpose: Advanced security controls: rate limiting, brute-force protection, anomaly detection.
Implements rate limiting (per-user: 100 req/min, per-IP: 1000 req/min) using Redis sliding window. Provides brute-force protection (lock account after 5 failed login attempts). Detects anomalous behavior (login from unusual location, unusual time, new device). Implements CAPTCHA integration (reCAPTCHA, hCaptcha) for suspicious requests. Tracks failed login attempts and suspicious IPs. Provides security alerts (email on login from new device). Supports IP whitelisting and blacklisting.
Redis-based rate limiting: ZSET (sorted set) timestamp-ekkel. Count requests in [now-60s, now] window. Remove old entries (ZREMRANGEBYSCORE), add new (ZADD), count (ZCOUNT). If count > 100 â rate limit. Accurate, memory efficient.
Login attempts tracking: failed_attempts counter (Redis). 5 failed â lock account 15 min. Unlock: time-based (TTL expire) vagy admin unlock. Protection: credential stuffing, dictionary attacks. Essential security.
ML-based vagy rule-based unusual activity Ă©szlelĂ©s. Features: login location (GeoIP), time (usual hours?), device fingerprint. Score: 0-100 (suspicious). High score â MFA challenge, alert. Example: user normally Germany, suddenly China login â suspicious.
Bot detection: user interaction score 0.0-1.0 (1.0 = human, 0.0 = bot). Invisible challenge (no checkbox). Integration: frontend widget â backend verify token (Google API). Score < 0.5 â block or require v2 (checkbox). Spam prevention.
Purpose: Billing, quotas, metering, and usage tracking.
Manages subscription plans (Free, Professional, Enterprise) with quotas (100 signatures/month). Tracks usage (signatures created, certificates issued, storage used) with idempotent recording (resource_id prevents duplicates). Implements saga pattern for usage tracking: validate subscription â check quota â record usage â trigger alerts. Provides usage analytics (daily/monthly reports). Handles quota enforcement (block operation if quota exceeded). Integrates with billing systems (Stripe, Chargebee). Generates invoices based on usage.
Limit tracking: plan quotas (Free: 100 signatures/month) vs current usage (used: 85/100). Check before operation: IF usage >= quota THEN block + "Upgrade plan". Reset: monthly cron job (usage = 0). Tiered pricing basis.
Usage event UNIQUE constraint (resource_id): ugyanaz a signature ne szĂĄmĂtson kĂ©tszer. INSERT ... ON CONFLICT DO NOTHING. Retry-safe: ha request retry â nem dupla billing. Critical: accurate metering.
Billing alapja: actual usage (pay-as-you-go). Metering: count operations (signatures, certificates, GB storage). Invoice generation: usage_records aggregate â line items â Stripe invoice. Flexible pricing: $0.10/signature.
Dashboard: daily/monthly/yearly usage trends. Metrics: signatures per day (time series), top users (bar chart), usage by service (pie chart). Data warehouse: usage_events â analytics DB (ClickHouse, BigQuery). Business intelligence.
Purpose: GDPR compliance automation (access, erasure, portability, rectification).
Implements GDPR rights: Art. 15 (access - export all user data), Art. 16 (rectification - correct errors), Art. 17 (erasure - right to be forgotten), Art. 18 (restriction - hold account), Art. 20 (portability - export in JSON/XML), Art. 21 (object - opt-out marketing). Manages request workflow: pending_review â approved/rejected â in_progress â completed. Uses pessimistic locking (SELECT FOR UPDATE) during approval. Implements identity verification before processing requests. Generates data exports in machine-readable formats. Handles data anonymization for erasure.
User kĂ©rheti összes szemĂ©lyes adatĂĄt. Service összegyƱjti: profile, documents, certificates, audit logs, usage history. Export: JSON vagy XML (machine-readable). Delivery: secure download link vagy email. 1 hĂłnapon belĂŒl teljesĂtendĆ.
"Right to be forgotten": user kĂ©rheti adatai törlĂ©sĂ©t. Anonymization: personal data â anonymized (hash, generic). Retention exceptions: legal obligation (audit logs 7 years), contract (active subscription). Hard delete vs anonymize.
User kérheti adatait structured, machine-readable format-ban (JSON, XML, CSV). Mås service provider-hez åtviheti. Include: user-provided data, generated data (preferences). Exclude: inferred data (analytics). Interoperability.
Personal data irreversibly removal. Techniques: hashing (SHA-256), generalization (age 34 â 30-40), suppression (delete field). Result: not personal data anymore (GDPR not applicable). Use: erasure request de audit trail retention kell.
Purpose: Automatic document format identification and MIME type detection.
Identifies file formats by analyzing magic bytes (file header signatures) and file structure. Detects 200+ formats: PDF, Office docs (DOCX, XLSX, PPTX), images (JPEG, PNG, TIFF), archives (ZIP, TAR), etc. Validates file integrity (corrupted PDFs, truncated images). Provides detailed format info (PDF version 1.7, JPEG with EXIF metadata). Prevents MIME type spoofing (file extension .pdf but actually .exe). Uses libmagic library for detection. Critical for security (reject dangerous file types).
File header elsĆ bĂĄjtjai azonosĂtjĂĄk a formĂĄtumot. PDF: %PDF, PNG: 89 50 4E 47, JPEG: FF D8 FF, ZIP: 50 4B 03 04. Extension (.pdf) nem megbĂzhatĂł (ĂĄtnevezhetĆ), magic bytes: valĂłdi formĂĄtum. libmagic library: signature database.
Attack: malware.exe ĂĄtnevezve document.pdf. Browser vagy app megnyitja â execute. Defense: magic bytes check (ez egy EXE, nem PDF) â reject. Content-Type header vs actual format validation. Security critical.
Unix `file` command library. Magic signature database (20MB+, 1000s patterns). C library, Go binding: github.com/rakyll/magicmime. Input: byte stream â Output: MIME type + description. Fast (<1ms), accurate, battle-tested.
Structure validation: PDF-ben valid xref table? ZIP-ben valid central directory? Truncated file detection (file size vs expected size). Corruption detection: parse error â invalid file. Reject before processing.
Purpose: Validates X.509 certificate chains up to trusted root CAs.
Performs certificate chain validation: validate signature â check validity period â verify key usage â check revocation (OCSP/CRL) â validate chain up to trusted root. Implements path building (find valid chain from intermediate to root). Validates certificate policies and policy constraints. Checks name constraints and basic constraints (CA:TRUE for intermediates). Handles cross-certificates and bridge CAs. Provides validation reports (chain valid, revocation status, trust anchor). Algorithm: RFC 5280 path validation.
Path finding: leaf cert â intermediate CA(s) â root CA. AIA (Authority Information Access) extension: URL intermediate cert-hez. Download intermediates, build chain. Multiple paths possible: valid path selection.
X.509 extension: CA:TRUE (can issue certs), CA:FALSE (end-entity). Path length constraint: max intermediate levels. Validation: intermediate-nek kell CA:TRUE. Leaf cert: CA:FALSE. VĂ©d: end-entity cert nem adhat ki cert-eket.
CA extension: korlåtozza milyen domain-ekre adhat ki cert-et. Permitted: .example.com, Excluded: internal.example.com. Validation: leaf subject DN within permitted subtrees. Véd: CA nem ad ki cert måsik org domain-jére.
2 PKI hierarchy összekapcsolĂĄsa cross-certificate-tel. PKI A Ă©s PKI B nem bĂznak egymĂĄsban directly. Bridge CA: mindkettĆ trust. A â Bridge â B. Use case: government PKIs, international trust.
Purpose: Enterprise key backup and recovery for business continuity.
Provides key escrow (secure backup of encryption keys) for enterprise scenarios (employee leaves, device loss, regulatory compliance). Implements M-of-N key splitting (split key into 5 shares, require 3 to recover). Uses Shamir's Secret Sharing algorithm. Stores key shares in separate HSMs for security. Implements key recovery workflow: request â approval (multi-party) â recovery â audit log. Requires dual control (two admins) for recovery operations. Maintains recovery audit trail. Use case: Recover encrypted documents after employee departure.
KriptogrĂĄfiai algoritmus: secret split N rĂ©szre, M-bĆl összeĂĄllĂthatĂł. 3-of-5: secret â 5 share, bĂĄrmelyik 3-bĂłl recover. Polynomial interpolation (Lagrange). Security: 2 share â semmit nem tudunk, 3 share â teljes secret. Distributed trust.
Encryption key backup harmadik fĂ©lnĂ©l vagy secure storage-ban. Enterprise: employee encryption key escrowed. Employee tĂĄvozik â company recover key â decrypt documents. Regulatory: law enforcement access (controversial).
2 admin szĂŒksĂ©ges kritikus mƱvelethez. Admin1 kezdemĂ©nyezi key recovery â Admin2 jĂłvĂĄhagyja â operation proceeds. Neither alone can recover. Prevents: rogue admin, insider threat. Banking: dual control wire transfers. High security.
Multi-step process: request (reason, justification) â approval (manager + security) â identity verification â recovery (combine shares) â key usage â audit log (who, when, why). Compliance: SOX, HIPAA.
Purpose: Certificate discovery, inventory management, and expiration monitoring.
Provides certificate inventory (all certificates issued, pending, revoked, expired). Implements certificate discovery (scan networks for TLS certificates, find shadow IT). Monitors expiration dates and sends alerts (30/7/1 days before expiry). Provides certificate search (by subject DN, serial number, thumbprint, validity period). Tracks certificate usage (which services use which certificates). Generates inventory reports (certificates by org, by type, expiring soon). Implements full-text search with PostgreSQL indexes. Use case: Prevent outages from expired certificates.
HĂĄlĂłzat scan TLS certificate-ekĂ©rt: nmap, openssl s_client minden IP:443-ra. Extract cert â parse â inventory-ba. Find shadow IT (unauthorized services), rogue certificates. Scheduled job: weekly scan.
Daily cron job: SELECT certs WHERE expires_at - now() < 30 days. Alert levels: 30d (warning), 7d (urgent), 1d (critical). Notification: email, Slack, PagerDuty. Auto-renewal trigger. Prevents: expired cert â service outage.
SHA-1 vagy SHA-256 hash certificate-rĆl (DER encoding). Egyedi azonosĂtĂł (fingerprint). Usage: certificate pinning (mobile app csak ezt a cert fogadja el), inventory search, deduplication. Short, human-readable (hex).
tsvector + tsquery: search certificate subject DN, issuer, san (Subject Alternative Name). GIN index gyors keresĂ©shez. Query: "certificate for *.example.com" â full-text match. Multi-field search, relevance ranking.
Purpose: TPM/SGX attestation for secure device enrollment and trusted computing.
Verifies device integrity using Trusted Platform Module (TPM) and Intel SGX enclaves. Implements remote attestation protocols: device generates attestation quote â service validates quote against trusted baseline â issues certificate if valid. Validates boot measurements (UEFI Secure Boot, OS integrity). Supports TPM 2.0 and SGX EPID/DCAP attestation. Issues device identity certificates (AIK, DAA keys). Use case: IoT device onboarding, confidential computing, zero-trust networks. Integrates with Certificate Issuance (02).
Hardware chip (vagy firmware) a mainboard-on kriptogrĂĄfiai mƱveletekhez. Secure storage: encryption keys soha nem hagyjĂĄk el. Platform measurement: boot process hash-ek (PCR registers). Attestation: quote generation (digitĂĄlisan alĂĄĂrt report).
BizonyĂtja tĂĄvolrĂłl hogy egy device megbĂzhatĂł ĂĄllapotban van. Device: TPM quote (PCR values + nonce + signature) â Server: validate quote (signature OK? PCR match baseline?). Valid â issue cert, Invalid â block. Zero-trust networking.
CPU feature: secure enclave (protected memory region). Code + data enclave-ben: OS sem lĂĄtja (encrypted RAM). Attestation: enclave quote (prove code integrity). Use case: confidential computing (ML model secure execution).
UEFI Secure Boot: bootloader, kernel hash measurement boot közben. TPM PCR registers tåroljåk. Golden measurement: trusted baseline. Attest: current PCR vs golden. Mismatch = compromised boot (malware, rootkit).
Purpose: RFC 8555 ACME protocol server (Let's Encrypt-compatible) for automated TLS certificate issuance.
Implements ACME protocol (RFC 8555) for automated certificate lifecycle management. Supports domain validation challenges: HTTP-01 (place file at /.well-known/acme-challenge), DNS-01 (add TXT record), TLS-ALPN-01 (TLS handshake). Provides automatic renewal (certbot, acme.sh integration). Issues TLS certificates for web servers (nginx, Apache, IIS). Handles wildcard certificates (*.example.com). Implements rate limiting to prevent abuse. Use case: Automated TLS certificate management for DevOps.
Automated Certificate Management Environment. Workflow: account registration â order creation â authorization (domain validation challenges) â CSR submit â certificate issuance. REST API (JSON), JWS signed requests.
Domain ownership bizonyĂtĂĄs: ACME server token-t ad â client file-t hoz lĂ©tre http://domain/.well-known/acme-challenge/TOKEN â server HTTP GET ellenĆrzi. Success â domain validated. Limitation: port 80 szĂŒksĂ©ges, no wildcard support.
DNS TXT record: _acme-challenge.domain.com TXT "token". ACME server DNS query-vel ellenĆrzi. Advantage: wildcard certificate support, nem kell port 80. Limitation: DNS API access szĂŒksĂ©ges (automation).
EFF ACME kliens: automated cert issuance + renewal. Command: certbot --nginx -d example.com â HTTP-01 challenge â cert install nginx config-ba. Cron job: auto-renewal 30 nap elĆtt. Most popular ACME client. Python.
Purpose: RFC 6962 public certificate transparency log for audit and monitoring.
Implements Certificate Transparency (RFC 6962) - public, append-only log of all issued certificates. Uses Merkle tree for cryptographic proof of inclusion. Issues Signed Certificate Timestamps (SCT) that must be embedded in TLS certificates. Provides audit endpoints (get-entries, get-proof-by-hash, get-sth). Enables certificate monitoring (detect misissued certificates for your domains). Required for browser trust (Chrome, Safari require CT). Publishes Signed Tree Head (STH) every hour. Use case: Detect rogue CAs issuing certificates for your domain.
Public audit log: minden CA ĂĄltal kibocsĂĄtott cert bekerĂŒl CT log-ba. Transparency: bĂĄrki monitorozhatja domain-jĂ©t. Prevent: rogue CA misissued cert (pl. NSA fake Google cert). Browser-ek: CT kötelezĆ Chrome/Safari-ban (SCT required).
Hash tree: leaf nodes = cert hashes, parent = hash(left + right), root = tree hash. Inclusion proof: log(N) hashes bizonyĂtjĂĄk hogy egy cert a tree-ben van. Tamper-proof: root hash vĂĄltozik ha bĂĄrmi mĂłdosul. Efficient verification.
CT log ĂgĂ©rete: cert be fog kerĂŒlni a log-ba X idĆn belĂŒl (Maximum Merge Delay: 24h). DigitĂĄlisan alĂĄĂrt timestamp. TLS handshake-ben: SCT embedded cert-be vagy OCSP stapled. Browser validation: legalĂĄbb 2 SCT different logs-tĂłl.
CT log-ok scan-elĂ©se domain-edre kibocsĂĄtott cert-ekĂ©rt. Service: crt.sh, Facebook CT monitor. Alert ha Ășj cert: expected (te kibocsĂĄtottad) vagy suspicious (rogue CA). Early detection: misissued cert before attack.
Purpose: Service mesh identity (SPIFFE) for zero-trust microservice authentication.
Implements SPIFFE (Secure Production Identity Framework For Everyone) for workload identity. Provides SPIRE (SPIFFE Runtime Environment) server for identity issuance and validation. Issues SVID (SPIFFE Verifiable Identity Document) - short-lived X.509 certificates (1-hour validity) for services. Supports workload attestation (verify service identity via Kubernetes SA, AWS IAM role, Unix process). Enables mutual TLS (mTLS) between microservices. Implements automatic rotation of SVIDs. Use case: Service-to-service auth in Kubernetes, Istio, Envoy service mesh.
URI-based service identity: spiffe://trust-domain/path/to/workload. PĂ©lda: spiffe://example.com/backend/api. Trust domain: PKI root. Path: hierarchikus namespace (org/team/service). SVID Subject Alt Name extension-ben.
1 ĂłrĂĄs Ă©rvĂ©nyessĂ©gƱ service certificate. Auto-rotation: 30 perc mĂșlva Ășj SVID kĂ©rĂ©s. Subject: SPIFFE ID. mTLS: mindkĂ©t service validĂĄlja egymĂĄs SVID-jĂĄt. Compromise window: max 1 Ăłra. No long-term secrets.
BizonyĂtja a workload identity-t. Kubernetes: ServiceAccount token â SPIRE verify â issue SVID. AWS: IAM role â instance metadata â verify. Unix: process PID â parent PID chain â validate. Zero-trust basis.
TLS handshake: mindkét fél bemutatja cert-et (nem csak a server). Client + Server authentication. Verify: cert valid? SPIFFE ID authorized? Service mesh: minden service-to-service call mTLS-sel. Zero-trust network.
Purpose: Rule-based policy enforcement and compliance checking.
Implements policy engine with rule evaluation (boolean logic: AND, OR, NOT). Defines policies (certificate_key_length >= 2048, certificate_validity <= 365 days, signature_algorithm != SHA1). Evaluates policies using context data (certificate fields, user attributes, organization settings). Supports operators: ==, !=, <, >, REGEX, CONTAINS, STARTS_WITH. Provides compliance checks (run all policies, generate compliance score). Records policy violations with detailed messages. Runs saga pattern: create check â evaluate policies â record violations â update check status. Use case: Enforce company security policies, regulatory compliance.
Rule-based decision motor. Policies JSON-ben: rules (conditions + actions). Evaluation: context data + rules â decision (allow/deny). Engine: Rego (Open Policy Agent), CEL (Common Expression Language), vagy custom Go logic. Flexible, auditable.
Complex rules composition. (key_length >= 2048 AND algorithm != "SHA1") OR (is_qualified_cert = true). Nested conditions, precedence, short-circuit evaluation. Expression tree parsing and evaluation.
Percentage: passed policies / total policies. 85/100 policies passed = 85% compliance score. Weighted score: critical policy (10 points), warning (1 point). Dashboard: compliance trend over time. KPI for audits.
Record minden failed policy check: violation_id, policy_id, resource_id, timestamp, details (why failed). Remediation workflow: violation â assign to team â fix â re-check. Audit trail: prove compliance to auditors.