| 1.7 Infomation Security
22. Hardware Architecture | |
|---|
| 27.22. Hardware Architecture: | | 1. Security begins at the hardware level, how machines are designed, configured and deployed. Dedicated servers are used without too much virtualization. Each dedicated server is locked down to do one and only one job so it can be very secure in that dedicated role. Each email server must be on its own unique IP address with no connection to a web or any other server. A server has no keyboad, no mouse, no screen, no USB ports, no media drive - so access can only be communicated via protected Ethernet ports. All software drivers for keyboard, mouse, screen, USB and media is disabled to malware cannot hide in drivers. A server is not permitted to have any installed application software does note have services to permit applications to be installed. |
| Eliza Hardware: | | 1. The millions of pounds worth of hardware that Eliza uses is a trade secret for simple security reasons. If the criminal does not know what hardware is involved, then its harder to attack. | | 2. Eliza hardware uses the proven three tier architecture with web servers, application servers and database servers. One rack will typically have a UPS power distribution server, load-balanced firewall server, intrusion detection-prevention server, set of web servers, set of application servers, database server and email server. The web servers are connected to the load balancing firewall that connects to the heart of the Internet. Web servers have a private router connected to the application servers. Application servers are not connected to the internet and so cannot be subject to criminal attacks. Application servers have a second private router to the database server - the database server is not connected to the Internet. | | 3. Many such racks with multiple servers can exist in only data center. | | Racks are replicated to a swarm of secure data centers with inter-connected private tunnels for replicated data. | | Private virtual networking enables many data centers to appear to have the same IP address that can be dynamically moved to other data centers. |
| Eliza Request Flow: | | 1. User computer browser via Internet to load-balanced firewall. | | 2. Load-balanced firewall to one of the many web servers. | | 3. Web server via a private router to one of many application servers. | | 4. Application server via a second private router to database server. | | 5. Database server via the second private router to original application server. | | 6. Application server via the private router to original web server. | | 7. Web server via the firewall to original user computer browser. |
| Multi-Tenancy: | | 1. A large number of redundant servers are deployed to host hundreds of customers with thousands of concurrent users. | | 2. Every customer will operate from many different physical locations - many offices. | | 3. Every customer will approve many people to be supported from different physical locations. | | 4. Each approved person will work from a known office in a country with an assigned currency and known time zone. | | 5. Every day, some customers will arrive and some customers will depart - tenancy is dynamic. | | 6. Every day, some new people will arrive and some existing people will depart - people are dynamic. | | 7. Every day, hundreds of criminal attacks will be attempted and rejected - lessons will be learnt. | | 8. Bespoke Application Services means multi-tenancy - each tenant or Customer specifies their own unique bespoke service. Multi-tenancy means cost reduction with shared development, shared hardware and shared software licenses. Multi-tenancy means least-cost provider because in-house teams with themselves as the only tenant cannot match the saving made by sharing costs between a large number of tenants. Multi-tenancy means cost reduction by supporting any number of users in any number of locations in any number of countries - things that an in-house service can only dream about. | | 9. The Customer is the tenant, but some Customers have multiple applications in multiple branches across multiple countries with a supply chain interchange with other companies as business suppliers. Multi-tenancy provides the most cost effective solution for the most exacting Customer requirement and can handle the simple Customer requirement with least cost. Multi-tenancy enables data aggregation, consolidation and sharing with many suppliers in a long supply chain. This has proved to be essential to rapidly share customer data between many firms that make up an insurance supply chain; from brokers agent to reinsurer can cooperate in real-time. |
| Simplicity: | | 1. Only three types of web page are known to an application server: web page (dashboard or guide), spreadsheet (list) or form. | | 2. Only two types of form controls are used: data entry field or drop down list. | | 3. Only two types of navigation can be clicked: menu (icon) button or list row. | | 4. Web pages can be stacked on top of web pages - limit is nine stacked web pages. | | 5. Spreadsheet list pages may be read-only (normal) or updatable. | | 6. Form pages may be updatable (normal) or read-only. |
| Jobs: | | 1. Eliza is an assistant that needs lots of highly qualified people to help. Eliza shall not have any liabilities, so professional help is contracted as and when needed - Eliza shall not have any payroll staff. Eliza pays all taxes as applicable in all countries that are involved for a multi-national without any staff. Eliza shall not provide holiday pay, shall not pay into pensions, but does pay corporation tax on any profits that have not been reinvested in buying more servers. | | 2. Eliza enables qualified people to contract for work for money or for equity. Experienced engineers who understand the power of Eliza may bid to do risk analysis projects in return for equity or pay. Eliza shall not provide training, shall not take on apprentices because such behaviour could become a liability. However Eliza will contract knowledge gathering projects from people who provide training and have apprentices to do much of the work. Projects are published and many people are invited to bid to do the work - they best bid may not be the lowest bid. | | 3. Eliza understands that recruiting is a noble profession that involves a lot of face-to-face networking - something that Eliza chooses to leave to others. Eliza is contracting recruiting experts to build networks of people who know people. Eliza needs help to expand her knowledge of motivation, values, talent and psychology when recruiting some kings of people. | | 4. Eliza knows that education is a noble profession that involves a lot of video authoring - something that Eliza chooses to leave to others. Eliza is contracting education experts to build ebooks that will help millions of people to better themselves. Eliza needs to help a large number of people to become better educated in the power of an Artificial intelligent Assistant. | | 5. Eliza is advising that people doing accounts need to find a more creative job because Eliza shall eliminate the need for people to do accounts. Account procedures are fixed and can be automated. Account reports are understood and can be automated. Account people cannot compete with Eliza working 24*7. |
| Competitors: | | 1. Competitors do not and may never be able to encrypt each and every field because they have thousands of programs that may access the same customer record. Software systems are so obsolete that field encryption would become too expensive. | | 2. Cross Site Scripting (XSS) is one of the most common vulnerabilities found is major corporation application systems. The cause is inadequate data entry validation - data is shown as it was entered can let criminals gain access to all kinds of data. XSS is a software problem caused by too many programs written by too many different people and not tested properly. XSS was eliminated decades ago by Eliza who validates each and every data entry field - nobody else is involved, nobody else to blame. | | 3. Cross Site Request Forgery (CSRF) is a common vulnerability in major corporation application systems because the URL is not properly designed managed. CSRF is caused by too many programmers writing too many programs that are not fully tested - URL testing is easy but time consuming. Eliza eliminated all URL issues many decades ago by designing and managing a comprehensive URL design that must be used without exception. Because Eliza has eliminated the need for software, CSRF has been eliminated, URL testing has been eliminated and programming costs have been eliminated. |
| Eliza Components: | | 1. Web servers receive an encrypted user computer request and Eliza sanitizes the data according to documented specifications. | | 2. Eliza checks the user role, functional access rights and data access rights to decide what to do. | | 3. Eliza sends an applicable web page request to any application server via an internal private router. | | 4. Application server gets web page request and calls upon Eliza knowledgebase to decide how to do it. | | 5. Eliza knowledgebase of business rules are processed for the applicable request. | | 6. Some business rules may be to get or put some data - Eliza will send a data request to the Database server via a second internal private router. | | 7. Database server will look up an Eliza stored procedure and pass the procedure to the database management system. | | 8. Eliza will check the data values being processed and decrypt values using its encryption tables. | | 9. Data is returned from the database server to the application server - this data is not encrypted. | | 10. Eliza works with the Application server to carry out all applicable business rules and pass the result back to the web server. | | 11. Eliza works with the Web server to write HTML as the web page containing relevant business data. | | 12. The Web server returns an encrypted web page to the original user computer browser. |
| Why: | | 1. A criminal can only attack what they can see and they can only see the web servers. | | 2. Web servers are input data sanitizers and output HTML page writers - that all. | | 3. Web servers have no access to any business data - web servers cannot even see the database server. | | 4. Web servers can only issue known remote procedure calls (RPC) to application servers. | | 5. Any RPC to an application server that is not perfectly formed is logged and ignored. | | 6. Application servers can only issue known stored procedure calls (SPC) to the database server. | | 7. Any SPC to the database server that is not perfectly formed is logged and ignored. |
| Container: | | A new kind of data center has been born - the shipping container wrapped in solar panels. The starting point is a masive battery pack that can run the servers for a day or more. The batteries are charged by solar panels, wind turbines or cheap overnight electricity. Racks are horizontal, rather than vertical with air intake filters on one side and air extractor fans on the other side. Racks hold a mother boards with memory and flash disk screwed to the rack without any metal chassis. Every motherboard has 3 Ethernet ports wired back to the firewall distribution panel - one port is dedicated to system software re-installation. | | Each 16 foot rack in a twenty-foot container has about 200 servers in a row and 20 racks can be installed. Cables are ducted to minimise fire hazard and everything runs on 48 volts to eliminate electrical risks. Fire can be snuffed out by sealing input and output air ducts and spraying fine pure water into the container. Servers continue to operate as normal while pure water is sprayed over the motherboards - pure water is an insulator to 48 volts. | | Costs are reduced from five million pounds to five-hundred-thousand pounds for an operational set of four thousand servers with a life of five years. Thermal cameras are used to monitor motherboards so a hot spot can be identified and replaced. Twenty such containers dotted across the country provide business continuity - any one can fail with negligible impact. |
|
|