Security, Authentication & Encryption

Overview

Compose ingress security, authn/authz, rate limiting, and crypto boundaries into one coherent flow.

Security architecture is only credible when each layer has a precise job.

You will build 7 architecture steps that model production dependencies.

You will run 1 failure experiment to observe bottlenecks and recovery behavior.

Success target: Only authenticated and rate-limited traffic reaches business API; sensitive data remains encrypted end-to-end.

Learning Objectives

• Can explain complete auth/security request path
• Can justify token TTL and rate-limit policy decisions
• Can articulate encryption boundary placement and rationale

Prerequisites

• Topic Hub: authentication chain
• Chapter 30: Security & Authentication
• Prior Lab: Defense in Depth: Security Layers
• Prior Lab: API Gateway & Authentication

Experiments

1. Extend token TTL too far and observe elevated replay risk window