Building Resilient Web Applications on AWS: A Comprehensive Approach to Security
I have been asked by friends and customers what is the best way to implement a web based application with minimum costs and good security. Of course, the best way is to define exactly what you want to achieve and let professionals do it, while keeping an eye on the Secure Software Development Lifecycle.
But, this article is not about SSDLC, it is about how to start web application development having also security as a top priority. Securing a classical web application involves a multi-layered approach, addressing the presentation, business logic, and database layers.
Most important thing to keep in mind when engaging into such an enterprise is: don’t try to do everything by yourself – use existing tools and services, which come with a more than decent security built-in.
This article explores how to architect a secure web application on AWS, but it can be applied very well to other cloud based services provider, and conduct a thorough risk assessment at each level.
A good security approach is to practice defense in depth, meaning that you should check and validate the security of the components used as well. This means that we need to perform at least a high-level risk assessment of these components as well.
Securing the Presentation Layer
At the forefront of user interaction, the presentation layer demands robust security measures. Amazon CloudFront serves as a reliable content delivery network, ensuring low latency and protection against DDoS attacks.
AWS Identity and Access Management (IAM) steps in to control access to resources at this layer, while AWS Web Application Firewall (WAF) safeguards against common web exploits and secures APIs.
The Presentation layer hosts the UI of the application, typically a website written in HTML5 or a combination of HTML, php, JS, or some high level programming languages that can produce HTML as output.
Such web UIs must be uploaded on a AWS S3 bucket read accessible to everyone and then configure the CloudFront to distribute it.
Risk Assessment at the Presentation Layer
- Regularly review and adjust IAM policies to mitigate the risk of unauthorized access.
- Conduct penetration testing on the web application to identify and address vulnerabilities.
- Monitor CloudFront logs for unusual patterns indicative of a security threat.
- Make sure nobody has unrestricted access to your S3 bucket hosting the web content
Security practices
- If you collect data, make sure it is encrypted using AWS Secrets Manager;
- Do not encrypt using your own keys, hardcoded in your application.
- Do not invent yourself some “encryption” mechanism, which in the end is just an obfuscation.
Securing the Business Logic Layer
The business logic layer is the heart of a web application, where critical processes take place. Containerizing application logic using AWS Elastic Container Service (ECS) or AWS Fargate ensures enhanced isolation.
AWS Lambda, offering serverless computing, executes sensitive business logic securely. AWS Secrets Manager manages and rotates sensitive API keys and tokens.
Risk Assessment at the Business Logic Layer
– Regularly audit and review AWS Lambda functions to maintain the security of business logic.
– Conduct static and dynamic code analysis to identify vulnerabilities in the application logic.
– Implement AWS CloudWatch for real-time monitoring and alerting on anomalous Lambda function behavior.
Securing the Database Level
The database, housing crucial data, requires robust security measures. Amazon RDS provides secure and scalable relational databases with automatic backups and encryption.
Fine-grained access control through IAM roles and policies is essential for secure database access. AWS Key Management Service (KMS) handles encryption of data at rest within the database.
Risk Assessment at the Database Level
– Regularly audit and review database access controls and IAM roles to prevent unauthorized access.
– Implement automated vulnerability scanning tools for the database to identify potential weaknesses.
– Set up AWS CloudTrail to log and monitor all database-related API activity.
Continuous Monitoring and Response
Ensuring the ongoing security of a web application involves continuous monitoring and a robust incident response plan. AWS Security Hub acts as a centralized monitoring tool, while AWS Config rules automate the assessment and remediation of non-compliance.
An incident response plan with specific procedures for each layer of the web application architecture ensures a swift and effective response to security incidents.
In the next post: risk assessment for the Amazon services used in this article:
- AWS IAM
- AWS Elastic Container Service (ECS)
- AWS Fargate
- AWS Key Management Service (KMS)
- AWS Lambda
- AWS CloudTrail
- AWS Secrets Manager
- AWS CloudFront
- AWS S3
Conclusion
By adopting a comprehensive security strategy across the presentation layer, business logic, and database levels, small organizations can build resilient and cost aware web applications on the AWS platform.
This approach, coupled with regular risk assessments, establishes a solid foundation for web application security, safeguarding against common cybersecurity threats.
The post Building Resilient Web Applications on AWS: A Comprehensive Approach to Security first appeared on Sorin Mustaca on Cybersecurity.