Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
What to Upload to SlideShare
Loading in …3
×
1 of 65

How to Add Data Privacy to Your Angular Application

0

Share

Download to read offline

Even the coolest user interfaces won’t cover for apps that are insecure and leak private information. As JavaScript developers, we need to build apps that stand up to the demands of our industry and protects the data and privacy of our users.

In this talk, you will learn:
* Why your app requires data control to guard against data proliferation.
* How HTTP Interceptors work in Angular.
* How class decorators work in Angular / Typescript.
* How to add policy based encryption to your application using HTTP Interceptors and decorators.
* How to separate what data to encrypt from who should be able to decrypt it.
* How data control works under the hood.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

How to Add Data Privacy to Your Angular Application

  1. 1. HOW TO ADD DATA PRIVACY TO YOUR ANGULAR APPLICATION
  2. 2. // @IronCoreLabs @cipher_sift IronCoreLabs @ironcorelabs madison-kerndt @cipher_sift ironcorelabs.com madison@ironcorelabs.com
  3. 3. // @IronCoreLabs @cipher_sift Show of hands…
  4. 4. // @IronCoreLabs @cipher_sift
  5. 5. // @IronCoreLabs @cipher_sift DATA PROLIFERATESMy Data
 (Personality & Likes)
  6. 6. // @IronCoreLabs @cipher_sift DATA PROLIFERATES Vendors
 (e.g., Facebook)
  7. 7. // @IronCoreLabs @cipher_sift DATA PROLIFERATES Partners
 (e.g., Personality Quiz)

  8. 8. // @IronCoreLabs @cipher_sift DATA PROLIFERATES Partners of Partners
 (e.g., Cambridge Analytica)
  9. 9. // @IronCoreLabs @cipher_sift OUT OF CONTROL
  10. 10. 87,000,000
  11. 11. // @IronCoreLabs @cipher_sift DON’T GET ZUCKED
  12. 12. // @IronCoreLabs @cipher_sift WHAT IF ?
  13. 13. // @IronCoreLabs @cipher_sift Data
  14. 14. // @IronCoreLabs @cipher_sift DECIDE WHO HAS ACCESS
  15. 15. // @IronCoreLabs @cipher_sift MONITOR VISIBILITY
  16. 16. // @IronCoreLabs @cipher_sift REGARDLESS OF WHERE DATA LIVES
  17. 17. // @IronCoreLabs @cipher_sift REVOKE ACCESS AT ANY TIME
  18. 18. DATA CONTROL.
  19. 19. // @IronCoreLabs @cipher_sift HOW ?
  20. 20. End-to-End Encryption Transform Encryption Groups
  21. 21. // @IronCoreLabs @cipher_sift Encryption in Transit + Encryption at Rest !== End to End Encryption
  22. 22. // @IronCoreLabs @cipher_sift CLIENT SIDE ENCRYPTION Client Client
  23. 23. // @IronCoreLabs @cipher_sift HTTP INTERCEPTOR
  24. 24. // @IronCoreLabs @cipher_sift IRON HTTP INTERCEPTOR
  25. 25. DEMO
  26. 26. // @IronCoreLabs @cipher_sift
  27. 27. // @IronCoreLabs @cipher_sift > NG GENERATE CLASS ORDER CREATE SRC/APP/SERVICES/ORDER.TS
  28. 28. // @IronCoreLabs @cipher_sift [STAND-IN]: [CODE] : encryption order.ts import { IronEncrypt } from '../iron/iron-encrypt'; @IronEncrypt({ groupId: ‘away-team’ }) export class Order { constructor() { public title: string; public message: string; public id?: string; } }
  29. 29. // @IronCoreLabs @cipher_sift > NG GENERATE SERVICE ORDER CREATE SRC/APP/SERVICE/ORDER.SERVICE.SPEC.TS CREATE SRC/APP/SERVICES/ORDER.SERVICE.TS
  30. 30. // @IronCoreLabs @cipher_sift [STAND-IN]: [CODE] : encryption order.service.ts … export class OrderService { private url = “api/order"; constructor(private http: HttpClient) {} create(bloodTest: Order): Observable<Order> { return this.http.post<Order>(this.url, order); } list(): Observable<Order[]> { return this.http.get<Order[]>(this.url); } get(id: Number): Observable<Order> { return this.http.get<Order>(`this.url/${id}`); } delete(id: Number): Observable<Order> { return this.http.delete<Order>(`this.url/${id}`); } }
  31. 31. // @IronCoreLabs @cipher_sift [STAND-IN]: [CODE] : encryption app.module.tsapp.module.ts import { NgModule } from '@angular/core'; import { HttpClientModule, HTTP_INTERCEPTORS } from '@angular/common/http'; import { IronHttpInterceptor } from './services/iron/iron-http-interceptor'; @NgModule({ ... providers: [{ provide: HTTP_INTERCEPTORS, useClass: IronHttpInterceptor, multi: true }], ... }) export class AppModule { }
  32. 32. 1 2 HTTP Interceptor Encryption Decryption 3
  33. 33. // @IronCoreLabs @cipher_sift
  34. 34. Bonus…
  35. 35. End-to-End Encryption Transform Encryption Groups
  36. 36. // @IronCoreLabs @cipher_sift Your Data Order { title: “Stay safe.”, message: “And set phasers to stun.”, id: “6339192471668405” } END-TO-END ENCRYPTION
  37. 37. // @IronCoreLabs @cipher_sift EncryptedDocument { id: 6339192471668405 document:“AVxdaY3t0n14XleGN3DjkCVJAyKo9UvTCU +uMaGQUC89OluCkEMCe0Y8qOUZPyXpHnP9sK” } Your Data END-TO-END ENCRYPTION
  38. 38. // @IronCoreLabs @cipher_sift
  39. 39. @cipher_sift Public Key Cryptography Kirk Kirk’s Private Key Kirk’s Public Key Spock Spock’s Private Key Spock’s Public Key
  40. 40. @cipher_sift Encrypt and Decrypt Spock’s Public Key Encrypted Document Document
  41. 41. @cipher_sift Encrypt and Decrypt Spock’s Public Key Document Spock’s Private Key Encrypted Document
  42. 42. // @IronCoreLabs @cipher_sift
  43. 43. @cipher_sift Encrypting to a Group User’s Public Key User’s Public Key Document Document encrypted to the group of usersUser’s Public Key User’s Public Key
  44. 44. // @IronCoreLabs @cipher_sift [STAND-IN]: [CODE] : encryption order.ts import { IronEncrypt } from '../iron/iron-encrypt'; @IronEncrypt({ groupId: ‘away-team’ }) export class Order { constructor() { public title: string; public message: string; public id?: string; } }
  45. 45. // @IronCoreLabs @cipher_sift INTRODUCING GROUPS
  46. 46. // @IronCoreLabs @cipher_sift INTRODUCING GROUPS Spock McCoy Redshirt Chekov Sulu Uhura
  47. 47. // @IronCoreLabs @cipher_sift INTRODUCING GROUPS Spock McCoy Redshirt Chekov Sulu Uhura
  48. 48. // @IronCoreLabs @cipher_sift Transform Service Spock
  49. 49. // @IronCoreLabs @cipher_sift Transform Service Spock Spock
  50. 50. // @IronCoreLabs @cipher_sift Lab accessing data: { id: 6339192471668405 document:“AVxdaY3t0n14XleGN3DjkCVJAyKo9UvTCU+uMaGQUC89OluC kEMCe0Y8qOUZPyXpHnP9sK” } Doctor accessing data: { id: 6339192471668405 document:“AVxdaY3t0n14XleGN3DjkCVJAyKo9UvTCU+uMaGQUC89OluC kEMCe0Y8qOUZPyXpHnP9sK” } Doctor accessing data: { id: 6339192471668405 document:“AVxdaY3t0n14XleGN3DjkCVJAyKo9UvTCU+uMaGQUC89OluC kEMCe0Y8qOUZPyXpHnP9sK” } Lab accessing data: { id: 6339192471668405 document:“AVxdaY3t0n14XleGN3DjkCVJAyKo9UvTCU+uMaGQUC89OluC kEMCe0Y8qOUZPyXpHnP9sK” } Lab accessing data: { id: 6339192471668405 document:“AVxdaY3t0n14XleGN3DjkCVJAyKo9UvTCU+uMaGQUC89OluC kEMCe0Y8qOUZPyXpHnP9sK” } Doctor accessing data: { id: 6339192471668405 document:“AVxdaY3t0n14XleGN3DjkCVJAyKo9UvTCU+uMaGQUC89OluC kEMCe0Y8qOUZPyXpHnP9sK” } Transform Service Spock MONITOR VISIBILITY
  51. 51. // @IronCoreLabs @cipher_sift Transform Service Spock REVOKE ACCESS AT ANYTIME
  52. 52. // @IronCoreLabs @cipher_sift Transform Service Spock ✨
  53. 53. // @IronCoreLabs @cipher_sift Transform Service Spock MATH *PKC ECC
  54. 54. @cipher_sift Transform Service Away Team Spock Away Team Private Key Spock Public Key Away Team => Spock Transform Key Transform Key Generation Group to User // @IronCoreLabs
  55. 55. @cipher_sift Away Team Public Key Away Team Document Encrypted to Away Team Document Encrypt to a Group // @IronCoreLabs
  56. 56. @cipher_sift Group to User Transformation File Encrypted to Away Team Away Team => Redshirt Transform Key File Encrypted to Spock Spock’s Private Key Transform Service // @IronCoreLabs
  57. 57. @cipher_sift Revoke Access Transform Key // @IronCoreLabs
  58. 58. End-to-End Encryption Transform Encryption Groups
  59. 59. // @IronCoreLabs @cipher_sift CHANGING THE MODEL
  60. 60. // @IronCoreLabs @cipher_sift CHANGING THE MODEL
  61. 61. DATA CONTROL.
  62. 62. // @IronCoreLabs @cipher_sift WANT A ?T
  63. 63. // @IronCoreLabs @cipher_sift
  64. 64. // @IronCoreLabs @cipher_sift Thank you! IronCoreLabs @ironcorelabs madison-kerndt @cipher_sift ironcorelabs.com madison@ironcorelabs.com
  65. 65. // @IronCoreLabs @cipher_sift Questions? IronCoreLabs @ironcorelabs madison-kerndt @cipher_sift ironcorelabs.com madison@ironcorelabs.com

×