Skip to main content

Security Overview

Security Layers

┌─────────────────────────────────────────────────────────────┐
│ Security Architecture │
│ │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ Auth │ │ RBAC │ │ Audit │ │
│ │ (Keycloak) │ │ (PostgreSQL)│ │ (OpenSearch)│ │
│ └──────────────┘ └──────────────┘ └──────────────┘ │
│ │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ TLS │ │ Network │ │ Wazuh │ │
│ │ (HTTPS) │ │ (Docker) │ │ (SIEM) │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ │
└─────────────────────────────────────────────────────────────┘

Components

ComponentTechnologyFunction
AuthenticationKeycloakSSO, JWT tokens
AuthorizationPostgreSQL RBACPermission-based access
Audit TrailOpenSearchImmutable logging
Network SecurityDocker NetworkIsolation
TLSSelf-signed certsEncryption in transit
SIEMWazuhSecurity monitoring

Security Features

Authentication

  • JWT token-based authentication
  • Keycloak SSO integration
  • Token validation via JWKS

Authorization

  • Role-Based Access Control (RBAC)
  • Permission-based API access
  • Multi-tenant data isolation

Audit Trail

  • Immutable audit logging
  • Hash chain verification
  • 90-day retention

Network Security

  • Docker network isolation
  • TLS for OpenSearch
  • CORS configuration

Security Monitoring

  • Wazuh SIEM integration
  • Real-time alerting
  • Threat detection

Next Steps