{"id":2671,"date":"2015-10-23T13:25:36","date_gmt":"2015-10-23T13:25:36","guid":{"rendered":"https:\/\/mediastoresupport.live-website.com\/?p=2671"},"modified":"2017-05-19T10:24:11","modified_gmt":"2017-05-19T10:24:11","slug":"key-security-features","status":"publish","type":"post","link":"https:\/\/mediastore.support\/?p=2671","title":{"rendered":"Key security features"},"content":{"rendered":"<h3>Application<\/h3>\n<ul>\n<li><strong>Hosted in the cloud<\/strong>: MediaStore uses Amazon Web Services (AWS), ensuring optimal access from all territories<\/li>\n<li><strong>Secure infrastructure<\/strong>:\n<ul>\n<li>All communication is encrypted end-to-end using https<\/li>\n<li>A VPN-based infrastructure permits access only to predefined URLs and ports<\/li>\n<\/ul>\n<\/li>\n<li><strong>Minimum downtime<\/strong>:\n<ul>\n<li>Through redundant database storage in different AWS service regions, downtime in case of exceptional data center outages is minimized<\/li>\n<li>In case of an infrastructural issue, the system is self-healing and auto-scaling<\/li>\n<\/ul>\n<\/li>\n<li><strong>Separation of frontend (website) and backend (application, storage)<\/strong>: to permit maximum flexibility in the \u201clook and feel\u201d of website, the frontend is fully flexible and communicates with the backend via secure APIs<\/li>\n<\/ul>\n<h3>Development and updates<\/h3>\n<ul>\n<li><strong>Best programming practices<\/strong>: adherence to proven security standards (OWASP), manual code reviews and multiple layers of testing ensure that no malicious code can be injected<\/li>\n<li><strong>Continuous updates<\/strong>: rolling deployments of features, tweaks and fixes with zero downtime<\/li>\n<li><strong>Examples of security measures<\/strong>:\n<ul>\n<li>Countermeasures against cross site scripting (XSS): database output is escaped per default<\/li>\n<li>Countermeasures against SQL injection (SQL): escaping of user entries<\/li>\n<li>Access control on content and asset objects: role and action based ACLs defined per model<\/li>\n<li>Digest of all user passwords: no plain text user passwords in database<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Storage<\/h3>\n<ul>\n<li><strong>Secure storage<\/strong>:\n<ul>\n<li>All assets are held in AWS S3 cloud storage in private storage<\/li>\n<li>Redundancy is achieved by storing 3 copies of each asset<\/li>\n<\/ul>\n<\/li>\n<li><strong>Restricted downloads<\/strong>:\n<ul>\n<li>Download of assets (e.g. via download link) requires a temporary access token which is validated before download access is granted<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Video &amp; streaming<\/h3>\n<ul>\n<li><strong>Secure storage<\/strong>: both main asset and lower-bandwidth derivates are protected<\/li>\n<li><strong>State-of-the-art encrypted streaming<\/strong>: Using HTML5, MediaStore\u2019s HLS streaming technology uses AES encryption<\/li>\n<li><strong>Access control<\/strong>: in order for a user to view a video, a valid temporary token issued by the backend is required and will be validated anew before each video view<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Application Hosted in the cloud: MediaStore uses Amazon Web Services  [&#8230;]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[412,12,6],"tags":[407,39,178,405,406,72,33,404,92],"class_list":["post-2671","post","type-post","status-publish","format-standard","hentry","category-v2-getting-started","category-getting-started","category-user-guide","tag-aes","tag-assets","tag-download","tag-encryption","tag-hls","tag-password","tag-security","tag-storage","tag-streaming"],"_links":{"self":[{"href":"https:\/\/mediastore.support\/index.php?rest_route=\/wp\/v2\/posts\/2671","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mediastore.support\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mediastore.support\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mediastore.support\/index.php?rest_route=\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/mediastore.support\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2671"}],"version-history":[{"count":2,"href":"https:\/\/mediastore.support\/index.php?rest_route=\/wp\/v2\/posts\/2671\/revisions"}],"predecessor-version":[{"id":2673,"href":"https:\/\/mediastore.support\/index.php?rest_route=\/wp\/v2\/posts\/2671\/revisions\/2673"}],"wp:attachment":[{"href":"https:\/\/mediastore.support\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mediastore.support\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mediastore.support\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}