Security Technology Summary

/ Naixian Zhang

In today’s digital world, security is no longer optional—it’s essential. Whether you’re building apps, managing infrastructure, or just trying to protect sensitive data, there are several foundational security measures and protocols you should know about.

In this blog, we’ll explore some of the most widely used and important security technologies, including LIMA, OAuth, RSA, and more. Each plays a unique role in keeping systems and users safe.

1. LIMA (Least-Privilege Identity Management Architecture) LIMA is a security framework focused on enforcing least privilege across all identities—users, apps, and services.

2. OAuth (Open Authorization) You’ve probably seen OAuth in action when you click “Sign in with Google” or “Connect with Facebook.” It’s the standard protocol that allows third-party apps to access user data without exposing passwords. and usually it’s used together with JWT (Java Web Token).

3. RSA (Rivest–Shamir–Adleman)

RSA is a powerful public-key encryption algorithm used to protect sensitive information, especially during data transmission. Encrypt with public key, decrypt with private key. It’s used in HTTPS (SSL/TLS), Secure emails, and Verifying digital identity.

4. MFA (Multi-Factor Authentication)

One of the simplest yet strongest ways to secure user accounts is by enabling Multi-Factor Authentication (MFA).

TLS/SSL (Transport Layer Security / Secure Sockets Layer)

This is the technology that puts the “S” in HTTPS. TLS (and its predecessor SSL) encrypts data sent over the internet, protecting it from eavesdroppers.

Here are the code samples

import zipfile
from pathlib import Path

repo_structure = {
    "security_demos": {
        "rsa_demo.py": """
from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import serialization, hashes

private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
public_key = private_key.public_key()

message = b"Top Secret Data"
ciphertext = public_key.encrypt(
    message,
    padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)
)

plaintext = private_key.decrypt(
    ciphertext,
    padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)
)

print("Decrypted message:", plaintext.decode())
""",
        "mfa_demo.py": """
import pyotp

secret = pyotp.random_base32()
print("Secret:", secret)

totp = pyotp.TOTP(secret)
print("Current OTP:", totp.now())

user_otp = input("Enter OTP: ")
if totp.verify(user_otp):
    print("✅ Authentication successful")
else:
    print("❌ Authentication failed")
""",
        "lima_demo.py": """
roles = {
    "viewer": ["read"],
    "editor": ["read", "write"],
    "admin": ["read", "write", "delete"]
}

def can_access(role, action):
    return action in roles.get(role, [])

user_role = "viewer"
action = "delete"

if can_access(user_role, action):
    print(f"Access granted to {action}")
else:
    print(f"Access denied to {action}")
""",
        "oauth_demo.py": """
from requests_oauthlib import OAuth2Session

client_id = 'your-client-id'
client_secret = 'your-client-secret'
authorization_base_url = 'https://provider.com/oauth/authorize'
token_url = 'https://provider.com/oauth/token'
redirect_uri = 'https://yourapp.com/callback'

oauth = OAuth2Session(client_id, redirect_uri=redirect_uri)
authorization_url, state = oauth.authorization_url(authorization_base_url)
print("Go to the following URL:", authorization_url)

redirect_response = input("Paste the full redirect URL here: ")

token = oauth.fetch_token(token_url, client_secret=client_secret, authorization_response=redirect_response)
print("Access token:", token)
""",
        "tls_demo.py": """
import ssl
import socket

hostname = 'www.google.com'
context = ssl.create_default_context()

with socket.create_connection((hostname, 443)) as sock:
    with context.wrap_socket(sock, server_hostname=hostname) as ssock:
        print("SSL established. Peer:", ssock.getpeercert())
        ssock.send(b'GET / HTTP/1.1\\r\\nHost: www.google.com\\r\\n\\r\\n')
        print("Response:", ssock.recv(1024))
""",
        "requirements.txt": """
cryptography
pyotp
requests-oauthlib
"""
    }
}

# Create zip file
zip_path = Path("security_demos_bundle.zip")
with zipfile.ZipFile(zip_path, "w") as zf:
    for folder, files in repo_structure.items():
        for filename, content in files.items():
            file_path = Path(folder) / filename
            zf.writestr(str(file_path), content.strip())

print(f"Zip bundle created: {zip_path}")

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.