How to use Scenarios
Die SlideShare-Präsentation wird heruntergeladen.
×
![Data Isolation
Customer A Customer B
App
data = global.cache[issueKey];
data.status = foo;
data = global.cache[issueKey];
...](https://image.slidesharecdn.com/1420-1500forgekalmanowicz-morrow-191030004449/75/trusted-by-default-the-forge-security-privacy-model-69-2048.jpg?cb=1666245045)
![Data Isolation
Customer A Customer B
App
Snapshot
App
data = global.cache[issueKey];
data.status = foo;
data = global.cach...](https://image.slidesharecdn.com/1420-1500forgekalmanowicz-morrow-191030004449/75/trusted-by-default-the-forge-security-privacy-model-74-2048.jpg?cb=1666245045)
Hier ansehen
Weitere Verwandte Inhalte
Diashows für Sie (20)
Ähnlich wie Trusted by Default: The Forge Security & Privacy Model (20)
Weitere von Atlassian (20)
Aktuellste (20)
Trusted by Default: The Forge Security & Privacy Model
- 1. Trusted by Default The Forge Security & Privacy Model JOËL KALMANOWICZ | PRINCIPAL PRODUCT MANAGER DUGALD MORROW | SENIOR ENGINEERING TEAM LEAD
- 2. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 3. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 4. Matters Trust
- 5. It would be amazing if Atlassian provided a platform for deploying your apps, so that us developers could worry less about security and customers could have more trust in apps’ performance, security, and handling their data. VITALII ZURIAN | CO-FOUNDER | LIZARD BRAIN
- 6. Certifications PlatformDevelopers Sources of Trust
- 7. Certifications PlatformDevelopers The people writing code, hosting, and running it Sources of Trust
- 8. Certifications PlatformDevelopers Third-party review: SOC2, ISO, etc. People writing code, hosting, and running it Sources of Trust
- 9. hosting, and running it People writing code, Certifications PlatformDevelopers Third-party review: SOC2, ISO, etc. Distributing code, Sources of Trust
- 10. hosting, and running it Certifications PlatformDevelopers Third-party review: SOC2, ISO, etc. People writing code, Distributing code, Sources of Trust
- 11. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 12. Challenges in Building Trust Simple, secure auth Performance & reliability Control & transparency Data management
- 13. Challenges in Building Trust Simple, secure auth
- 14. Challenges in Building Trust Secure storage Simple, secure auth
- 15. Challenges in Building Trust Secure storage JWT Simple, secure auth
- 16. Challenges in Building Trust Secure storage JWT Token exchanges Simple, secure auth
- 17. Challenges in Building Trust Performance & reliability Secure storage JWT Token exchanges Simple, secure auth
- 18. Challenges in Building Trust Performance & reliability Varies Simple, secure auth
- 19. Challenges in Building Trust Simple, secure auth Performance & reliability Varies Customer trust
- 20. Challenges in Building Trust Simple, secure auth Performance & reliability Data management Varies Customer trust
- 21. Challenges in Building Trust Simple, secure auth Performance & reliability Data isolation Data management
- 22. Challenges in Building Trust Simple, secure auth Performance & reliability Data storage Data isolation Data management
- 23. Challenges in Building Trust Simple, secure auth Performance & reliability Data storage Data isolation Data egress Data management
- 24. Challenges in Building Trust Simple, secure auth Performance & reliability Control & transparency Data management Data storage Data isolation Data egress
- 25. Challenges in Building Trust Simple, secure auth Performance & reliability Control & transparency API restrictions Data management
- 26. Challenges in Building Trust Simple, secure auth Performance & reliability Control & transparency API restrictions User consent Data management
- 27. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 28. Forge Security Model
- 29. Forge Security Model Hosted Apps
- 30. Forge Security Model PermissionsHosted Apps
- 31. Forge Security Model Managed auth PermissionsHosted Apps
- 32. Forge Security Model EnvironmentsManaged auth PermissionsHosted Apps
- 33. Forge Security Model Permits EnvironmentsManaged auth PermissionsHosted Apps
- 34. Hosted Apps Forge Security Model Secure & trusted Environments Permissions Managed auth Permits
- 35. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 36. Node Runtime App IsolateLifecycle Service Invocation ServiceTrigger Service Permissions GraphQL Gateway API Gateway App Bundle Product Server (e.g. Jira) Product Session (Browser) Micros AWS Account Forge AWS Account n VPC CLI (developer’s machine) Forge Architecture
- 37. Forge Architecture Runtime <<Node>> Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Events (via Forge Services) UI responses Node Runtime App IsolateLifecycle Service Invocation ServiceTrigger Service Permissions GraphQL Gateway API Gateway App Bundle Product Server (e.g. Jira) Product Session (Browser) Micros AWS Account Forge AWS Account n VPC CLI (developer’s machine)
- 38. Forge Architecture Forge Services Atlassian Products and Services
- 39. Forge Architecture Forge Services Atlassian Products and Services App Developer CLI
- 40. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations
- 41. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations Hosted
- 42. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations Hosted Reliable
- 43. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations Hosted Managed APIs Reliable
- 44. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations UI responses
- 45. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls UI responses
- 46. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls UI responses
- 47. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Events (via Forge Services) UI responses
- 48. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Webhooks (via Forge Services) UI responses
- 49. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Webhooks (via Forge Services) UI responses
- 50. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Webhooks (via Forge Services) UI responses
- 51. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Webhooks (via Forge Services) UI responses
- 52. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Webhooks (via Forge Services) UI responses
- 53. Forge AWS Account App Sandbox Node Runtime App Isolate App Bundle Runtime <<Node>>
- 54. Node Runtime App Isolate App Bundle App Sandbox Forge AWS Account
- 55. Node Runtime App Isolate App Bundle App Sandbox Forge AWS Account
- 56. Node Runtime App Isolate App Bundle App Sandbox Forge AWS Account
- 57. Node Runtime App Isolate App Bundle App Sandbox Forge AWS Account
- 58. Node Runtime App Isolate App Bundle Snapshot App Sandbox Forge AWS Account
- 59. Snapshot Creation Polyfills Webpack App code + Forge API + Snapshot
- 60. Snapshot Creation Polyfills Webpack Snapshot App code + Forge API +
- 61. Snapshot Creation Polyfills Webpack Snapshot App code + Forge API + .asRequestUser()
- 62. Snapshot Creation Polyfills Webpack Snapshot App code + Forge API + console.log()
- 63. Isolate Polyfills App code Polyfill API
- 64. Isolate Runtime Polyfills App code Polyfill API Implementation
- 65. Isolate Runtime Polyfills App code Atlassian Logging Service console.log Polyfill API Implementation
- 66. Isolate Runtime Polyfills App code hasDataEgressPermit(url) fetch(url) Polyfill API Implementation
- 67. Data Isolation
- 68. Data Isolation Customer A Customer B App
- 69. Data Isolation Customer A Customer B App data = global.cache[issueKey]; data.status = foo; data = global.cache[issueKey]; data.status = bar;
- 70. Invocation Service Node Runtime App Bundle App Isolate CALL WITH CONTEXT1 CREATE FROM SNAPSHOT2 INVOKE FUNCTION3 Data Isolation
- 71. Invocation Service Node Runtime App Bundle App Isolate CALL WITH CONTEXT1 CREATE FROM SNAPSHOT2 INVOKE FUNCTION3 Data Isolation 1 2 3
- 72. Data Isolation Invocation Service Node Runtime App Bundle App Isolate CALL WITH CONTEXT INVOKE FUNCTION 1 3 CREATE FROM SNAPSHOT2 CREATE FROM SNAPSHOT2 1 2 3
- 73. Data Isolation Customer A Customer B App Snapshot App
- 74. Data Isolation Customer A Customer B App Snapshot App data = global.cache[issueKey]; data.status = foo; data = global.cache[issueKey]; data.status = bar;
- 75. Managed Requests Isolate Runtime App code Forge API
- 76. Managed Requests Isolate Runtime App code Forge API Implementation
- 77. Managed Requests
- 78. Managed Requests Secure Simple
- 79. Managed Requests Secure SimpleTrust
- 80. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests
- 81. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests
- 82. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests
- 83. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests
- 84. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests .withJiraPermit()
- 85. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests
- 86. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests
- 87. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests .request(‘/rest/api/3/issue/FOO-123'); .withJiraPermit()
- 88. api .asRequestUser() .withJiraPermit() .request(‘/rest/api/3/issue/FOO-123'); Managed Requests .request(‘/rest/api/3/issue/FOO-123');
- 89. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 90. Runtime <<Node>> Trusted User Interface Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Events (via Forge Services) UI responses
- 91. Forge Services Atlassian Products and Services Events Invocations UI responses <json> <user> Trusted User Interface Runtime <<Node>>
- 92. App <in runtime> User eventsUI responses <json> Trusted User Interface App UI <Forge UI>
- 93. App <in runtime> Sandboxed Trusted User Interface App UI <Forge UI> User eventsUI responses <json>
- 94. Declarative UI Sandboxed Trusted User Interface App <in runtime> App UI <Forge UI> User eventsUI responses <json>
- 95. No iframes Declarative UI Sandboxed Trusted User Interface App <in runtime> App UI <Forge UI> User eventsUI responses <json>
- 96. No iframes Trusted Declarative UI Sandboxed Trusted User Interface App <in runtime> App UI <Forge UI> User eventsUI responses <json>
- 97. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 98. Permits transparency of risk
- 99. Permits transparency of risk
- 100. Permits “democratized app installations”
- 101. Permits Permissions for apps
- 102. Permits Require consent Permissions for apps
- 103. Permits Scopes++ Permissions for apps Require consent
- 104. Permits Scopes++ Permissions for apps Require consent “consent to risk”
- 105. App Permit 0..* “consent to risk” PermitsModel
- 106. App Permit 0..* Options 0..* Permits Model
- 107. Data egressAPI enrollment Permit Categories
- 108. Permits: API Enrollments Product APIs Jira, Confluence, etc
- 109. Permits: API Enrollments Product APIs Jira, Confluence, etc OAuth scopes app & user
- 110. Permits: API Enrollments
- 111. Permits: API Enrollments Permit Jira Confluence
- 112. Permits: API Enrollments Scopes app app Permit Jira Confluence
- 113. Permits: API Enrollments Permit Scopes Jira Confluence app user app user
- 114. Permits: API Enrollments GrantedPermit Scopes Jira Confluence app user app user
- 115. Permits: API Enrollments GrantedPermit Scopes Jira Confluence app app user user
- 116. Permits: API Enrollments Granted Installation in Jira Installation in Confluence Permit Scopes Jira Confluence app user app user
- 117. Permits: API Enrollments GrantedPermit Scopes Jira Confluence Installation in Jiraapp First user request to Jirauser Installation in Confluenceapp user First user request to Confluence
- 118. Permits: Data Egress
- 119. Permits: Data Egress
- 120. Permits: Data Egress Network Egress Web Trigger Response User Agent Egress Entity Egress
- 121. Permits: Data Egress Network Egress Web Trigger Response User Agent Egress Entity Egress
- 122. Permits: Data Egress Network Egress Origin(s)
- 123. Permits: Data Egress Network Egress Web Trigger Response
- 124. Permits: Data Egress Network Egress Web Trigger Response Context selection
- 125. Permits: Data Egress Network Egress Web Trigger Response Context selection API enrollment
- 126. Permits: Data Egress Network Egress Web Trigger Response Origin(s) Context selection API enrollment
- 127. Permits: Data Egress Network Egress Web Trigger Response User Agent Egress
- 128. Permits: Data Egress Network Egress Web Trigger Response User Agent Egress Origin(s)
- 129. Permits: Data Egress Network Egress Web Trigger Response User Agent Egress Entity Egress
- 130. Permits: Data Egress Network Egress Web Trigger Response Entity EgressUser Agent Egress Issues Spaces Boards etc
- 131. Permits: Data Egress Network Egress Web Trigger Response Entity EgressUser Agent Egress PRIV-123 PUB-456
- 132. Permits: Data Egress Network Egress Web Trigger Response Entity EgressUser Agent Egress Entitity type(s)
- 133. Permits: Declaration App manifest
- 134. Permits: Declaration permits: - jira-api: app-scopes: - read write confluence-api: user-scopes: - write network-egress: origins: - https://api.nasa.gov/ App manifest
- 135. permits: - jira-api: app-scopes: - read write confluence-api: user-scopes: - write network-egress: origins: - https://api.nasa.gov/ Permits: Declaration 4 permits
- 136. Permits: Declaration permits: - jira-api: app-scopes: - read write confluence-api: user-scopes: - write network-egress: origins: - https://api.nasa.gov/ Read & write as app user
- 137. Permits: Declaration permits: - jira-api: app-scopes: - read write confluence-api: user-scopes: - write network-egress: origins: - https://api.nasa.gov/ Write to Confluence with impersonation
- 138. Permits: Declaration permits: - jira-api: app-scopes: - read write confluence-api: user-scopes: - write network-egress: origins: - https://api.nasa.gov/ NASA integration
- 139. Permit Examples
- 140. App Permit 0..* Options 0..* Permit Examples
- 141. Permits Example: Update issue app App Permit 0..* Options 0..* Update issue app
- 142. Permits Example: Update issue app App Permit 0..* Options 0..* Update issue app jira-api
- 143. Permits Example: Update issue app App Permit 0..* Options 0..* Update issue app Scopes: read, writejira-api
- 144. Permits Example: Update issue app App Permit 0..* Options 0..* Update issue app Scopes: read, writejira-api
- 145. Permits Example: Ping issue app App Permit 0..* Options 0..* Ping issue app
- 146. Permits Example: Ping issue app App Permit 0..* Options 0..* Scopes: readjira-api Ping issue app
- 147. Permits Example: Ping issue app App Permit 0..* Options 0..* Ping issue app URLs: slack.com Scopes: readjira-api network-egress
- 148. Permits Example: Row totals App Permit 0..* Options 0..* Row totals app
- 149. App Permit 0..* Options 0..* Scopes: readconfluence-api Permits Example: Row totals Row totals app
- 150. Permits Example: Row totals App Permit 0..* Options 0..* Scopes: readconfluence-apiRow totals app
- 151. Apps with no Permits
- 152. Apps with no Permits “consent to risk”
- 153. Apps with no Permits “consent to risk”
- 154. No API access Apps with no Permits
- 155. No API access No data egress Apps with no Permits
- 156. No API access No data egress User Interfaces Apps with no Permits
- 157. No API access No data egress User Interfaces109876543210 Apps with no Permits
- 158. Apps with no Permits
- 159. Completely trusted app capabilitiesApps with no Permits
- 160. Completely trusted app capabilities API read access No data egress User Interfaces
- 161. Completely trusted app capabilities API read access No data egress User Interfaces
- 162. Completely trusted app capabilities API read access No data egress User Interfaces
- 163. Completely trusted app capabilities API read access User InterfacesNo data egress Isolated data store
- 164. Completely trusted app capabilities API read access User Interfaces No data egress Isolated data store
- 165. Summary Hosted apps Trusted UX “trusted baseline”
- 166. Summary Hosted apps Trusted UX “trusted baseline” Data egress API access “consent to risk”
- 167. Summary “trusted baseline” Trusted UX Hosted apps Local data store Data egress API access “consent to risk” Read API access
- 168. Summary Trusted UX Hosted apps Local data store Data egress API access “consent to risk” “trusted baseline” Read API access
- 169. Data egress API access “consent to risk” Trusted UX Hosted apps Local data store “trusted baseline” Read API access Summary “democratized app installation”
- 170. Agenda Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 171. Forge and Connect Connect Forge
- 172. Connect Forge Sandboxing: Forge and Connect
- 173. Comparison with Connect iframe + app servers Connect Forge Sandboxing:
- 174. Connect Forge iframe + app servers Hosted functionsSandboxing: Comparison with Connect
- 175. Connect Forge iframe + app servers Hosted functions Opaque Sandboxing: Data egress: Comparison with Connect
- 176. Connect Forge iframe + app servers Hosted functions TransparentOpaque Sandboxing: Data egress: Comparison with Connect
- 177. iframe + app servers Hosted functions Transparent Connect Forge Opaque Sandboxing: Data egress: DiverseFlexibility:Functionality: Comparison with Connect
- 178. iframe + app servers Hosted functions Transparent Connect Forge Opaque Sandboxing: Data egress: Diverse SpecificFunctionality: Comparison with Connect
- 179. Recap Why Trust Matters Development Challenges Security Model Architecture User Interface Permits Forge and Connect
- 180. hosting, and running it Sources of Trust Certifications PlatformDevelopers Third-party review: SOC2, ISO, etc. People writing code, Distributing code,
- 181. Challenges in Building Trust Simple, secure auth Performance & reliability Control & transparency Data management
- 182. Hosted Apps Forge Security Model Secure & trusted Environments Permissions Managed auth Permits
- 183. Runtime <<Node>> Forge Architecture Forge Services Atlassian Products and Services App Developer CLI Events Invocations API Calls API Calls Webhooks (via Forge Services) UI responses
- 184. Node Runtime App Isolate App Bundle Architecture: App Sandbox Forge AWS Account
- 185. Trusted User Interface No iframes Sandboxed Trusted Declarative UI App <in runtime> User eventsUI responses <json> App UI <Forge UI>
- 186. Data egress API access “consent to risk” Permits: Summary Hosted apps Trusted UX “trusted baseline”
- 187. iframe + app servers Hosted functions Transparent Connect Forge Opaque Sandboxing: Data egress: Diverse SpecificFunctionality: Comparison with Connect
- 188. Thank you! JOËL KALMANOWICZ | PRINCIPAL PRODUCT MANAGER DUGALD MORROW | SENIOR ENGINEERING TEAM LEAD
- 189. Discussion
- 190. Snapshot Creation Polyfills Webpack App code + Forge API + Snapshot
- 191. Permits: Data Egress Network Egress Web Trigger Response Entity EgressUser Agent Egress Entitity type(s)
