Threat model using fabric and router agent

[xvnpw]

Architecture

This document outlines the architecture of the AI Nutrition-Pro application.

Containers Context diagram

C4Container
    title Container diagram for AI Nutrition-Pro

    Container_Boundary(c0, "AI Nutrition-Pro") {
        Container(api_gateway, "API Gateway", "Kong", "Authentication of clients, filtering of input, rate limiting")
        Container(app_control_plane, "Web Control Plane", "Golang, AWS Elastic Container Service", "Provides control plane to onboard and manage clients, configuration and check billing data")
        ContainerDb(control_plan_db, "Control Plane Database", "Amazon RDS", "Stores all data related to control plan, tenants, billing")
        Container(backend_api, "API Application", "Golang, AWS Elastic Container Service", "Provides AI Nutrition-Pro functionality via API")
        ContainerDb(api_db, "API database", "Amazon RDS", "Stores dietitian' content samples, request and responses to LLM.")
        Person(admin, "Administrator", "Administrator of AI Nutrition-Pro application")
    }

    System_Ext(mealApp, "Meal Planner", "Application to create diets by dietitians")

    System_Ext(chatgpt, "ChatGPT-3.5", "LLM")

    Rel(mealApp, api_gateway, "Uses for AI content generation", "HTTPS/REST")
    Rel(api_gateway, backend_api, "Uses for AI content generation", "HTTPS/REST")
    Rel(admin, app_control_plane, "Configure system properties")
    Rel(backend_api, chatgpt, "Utilizes ChatGPT for LLM-featured content creation", "HTTPS/REST")

    Rel(app_control_plane, control_plan_db, "read/write data", "TLS")
    Rel(backend_api, api_db, "read/write data", "TLS")

External systems and persons

Name	Type	Description	Responsibilities
Meal Planner application	External system, web application	One of many Meal Planner applications that can be integrated with AI Nutrition-Pro. It connects to AI Nutrition-Pro using REST and HTTPS.	- uploads samples of dietitians' content to AI Nutrition-Pro - fetches AI generated results, e.g. diet introduction, from AI Nutrition-Pro
ChatGPT-3.5	External system, API	It's OpenAI product, an LLM solution	It will be used to generate content based on provided samples.

AI Nutrition-Pro container context systems and persons

Name	Type	Description	Responsibilities
Web Control Plane	Internal system, Web application	It's written using Golang and deployed as Docker container into AWS Elastic Container Service. It uses Control Plane Database to store data. It's used in 3 roles: Administrator, App Onboarding Manager, and Meal Planner application manager.	Provide control plane to onboard and manage clients, configuration and check billing data
Control Plane Database	Internal database, Amazon RDS instance	Database	storing data for Web Control Plane
API Gateway	Internal system, API Gateway	Kong API Gateway	- authentication - rate limiting - filtering of input
API Application	Internal system, API application	It's written using Golang and deployed as Docker container into AWS Elastic Container Service	Provides AI Nutrition-Pro functionality via API.
API database	Internal database, Amazon RDS instance	Stored data: samples of dietitians' content, requests, and responses to LLM.	Storing data for API Application
Administrator	Internal Person	Administrator of AI Nutrition-Pro application.	- manage server configuration - resolve problems

Security

1. Authentication with Meal Planner applications - each has individual API key.
2. Authorization of Meal Planner applications - API Gateway has ACL rules that allow or deny certain actions.
3. Encrypted network traffic - network traffic between Meal Planner applications and API Gateway is encrypted using TLS.

[xvnpw]

/fabric create stride that model:

[github-actions[bot]]

(🤖 AI Generated)

ASSETS

The assets that need protection in the AI Nutrition-Pro system include:

1. API Gateway (Kong)
   • The front-facing component that handles authentication, rate limiting, and input filtering.
2. Web Control Plane
   • Manages onboarding and configurations, handles sensitive client data.
3. Control Plane Database (Amazon RDS)
   • Stores control plane data, tenants, and billing information.
4. API Application
   • Provides core AI Nutrition-Pro functionality via APIs.
5. API Database (Amazon RDS)
   • Stores dietitian content samples, requests, and responses to LLM.
6. Administrator Credentials and Access
   • Access to configure and manage the AI Nutrition-Pro application.
7. API Keys for Meal Planner Applications
   • Authentication credentials for external Meal Planner applications.
8. Dietitian Content Samples
   • Sensitive user-generated content uploaded by Meal Planner applications.
9. LLM Requests and Responses
   • Data exchanged with ChatGPT-3.5, potentially containing sensitive information.
10. Network Communications
    • Secure communication channels between all system components and external services.
11. Billing Data
    • Financial information related to clients and billing transactions.

TRUST BOUNDARIES

• Between Meal Planner Applications and API Gateway
  • External clients accessing the system; needs authentication and input validation.
• Between API Gateway and Backend API (API Application)
  • Ensures internal requests are properly authenticated and authorized.
• Between AI Nutrition-Pro and ChatGPT-3.5
  • Communication with an external LLM service; data leaves the control of AI Nutrition-Pro.
• Between Administrator and Web Control Plane
  • Administrator access requires secure authentication and authorization mechanisms.
• Between System Components and Databases
  • Access to databases must be controlled to prevent unauthorized access or tampering.
• Between Internal Components Across Networks
  • Secure communication required even within internal networks to prevent interception or tampering.

DATA FLOWS

1. Meal Planner Application → API Gateway (Crosses trust boundary)
   • Data: API requests, content samples.
   • Protocol: HTTPS/REST.
2. API Gateway → Backend API (API Application)
   • Data: Authenticated and filtered API requests.
   • Protocol: HTTPS/REST.
3. Backend API → ChatGPT-3.5 (Crosses trust boundary)
   • Data: Requests containing dietitian content samples.
   • Protocol: HTTPS/REST.
4. Backend API ↔ API Database
   • Data: Reads/writes content samples, LLM requests/responses.
   • Protocol: TLS.
5. Web Control Plane ↔ Control Plane Database
   • Data: Reads/writes control plane data, tenants, billing info.
   • Protocol: TLS.
6. Administrator → Web Control Plane
   • Data: Configuration commands, management tasks.
   • Protocol: HTTPS.
7. API Gateway ↔ Meal Planner Application (Responses)
   • Data: API responses with AI-generated content.
   • Protocol: HTTPS/REST.

THREAT MODEL

THREAT ID	COMPONENT NAME	THREAT NAME	STRIDE CATEGORY	WHY APPLICABLE	HOW MITIGATED	MITIGATION	LIKELIHOOD EXPLANATION	IMPACT EXPLANATION	RISK SEVERITY
0001	API Gateway	An attacker could impersonate a Meal Planner application by using stolen API keys to gain unauthorized access to the system.	Spoofing	API keys could be compromised or stolen, allowing unauthorized access.	Authentication is currently based on API keys per client.	Implement stronger authentication methods like rotating API keys, client certificates, or OAuth. Monitor for suspicious activity.	Moderate likelihood due to potential exposure of API keys by clients.	High impact as unauthorized access could lead to data breaches or misuse of AI functionalities.	High
0002	API Gateway	An attacker could perform injection attacks through input fields to manipulate backend systems.	Tampering	API Gateway accepts inputs from external clients, which may include malicious payloads.	Input filtering is in place, specifics not detailed.	Implement robust input validation, use prepared statements, employ WAF to block injection attempts.	High likelihood as injection attacks are common.	High impact due to potential system compromise or data manipulation.	High
0003	Backend API	An attacker intercepts and modifies communication between Backend API and ChatGPT-3.5 to alter requests/responses.	Tampering	Data in transit to an external API could be intercepted if not properly secured.	Communication over HTTPS/REST.	Ensure proper TLS configuration, use certificate validation, possibly implement certificate pinning.	Low likelihood with proper HTTPS, but possible misconfigurations.	Medium impact affecting AI outputs and content integrity.	Medium
0004	API Database	Unauthorized access to stored dietitian content samples and LLM interactions, leading to data leakage.	Information Disclosure	Database stores sensitive user content and AI interactions.	Not specified.	Implement encryption at rest, enforce strict access controls, regularly audit access logs.	Moderate likelihood as databases are frequent targets.	High impact due to confidentiality and compliance concerns.	High
0005	Web Control Plane	An attacker gains administrator access by exploiting vulnerabilities, leading to full system control.	Elevation of Privilege	Vulnerabilities in web applications can allow privilege escalation.	Not specified.	Implement strong authentication (e.g., MFA), perform regular security testing, keep software updated.	Low to moderate likelihood depending on security practices.	Critical impact as admin compromise can lead to total system control.	Critical
0006	API Gateway	DDoS attack overwhelms API Gateway, rendering the service unavailable.	Denial of Service	Exposed to internet; potential target for DDoS attacks.	Rate limiting is in place.	Use anti-DDoS services, scalable infrastructure, configure rate limiting effectively.	Moderate likelihood as DDoS attacks are common.	High impact due to service unavailability for all clients.	High
0007	Communications between Meal Planner Apps and API Gateway	Eavesdropping on communications leads to interception of API keys and sensitive data.	Information Disclosure	Data over networks could be intercepted if not properly secured.	Encrypted network traffic using TLS.	Ensure proper TLS configuration, enforce HSTS, prevent downgrade attacks.	Low likelihood with correct TLS, but misconfigurations are possible.	High impact if API keys or sensitive data are compromised.	Medium

QUESTIONS & ASSUMPTIONS

• Assumptions:
  • TLS is properly implemented and configured across all communications.
  • Infrastructure employs standard AWS security practices for services like RDS.
  • Meal Planner applications securely store and handle API keys.
• Questions:
  1. Are multi-factor authentication mechanisms in place for administrator access?
  2. What logging and monitoring solutions are implemented to detect security incidents?
  3. How frequently are API keys rotated, and can they be revoked?
  4. Are there data handling agreements with ChatGPT-3.5 regarding confidentiality?
  5. What measures secure the Control Plane and API Databases beyond TLS (e.g., encryption at rest)?
  6. Are regular security assessments or penetration tests conducted on system components?

[xvnpw]

/fabric create summary

[github-actions[bot]]

(🤖 AI Generated)

ONE SENTENCE SUMMARY:

AI Nutrition-Pro integrates Meal Planner apps with ChatGPT via secure APIs for AI-generated nutrition content delivery.

MAIN POINTS:

1. AI Nutrition-Pro provides AI-powered nutrition content via API to Meal Planner applications.
2. Meal Planners connect to AI Nutrition-Pro using REST and HTTPS protocols.
3. API Gateway handles authentication, rate limiting, and input filtering.
4. Backend API application is built with Golang on AWS Elastic Container Service.
5. ChatGPT-3.5 generates content based on dietitians' samples.
6. Web Control Plane manages clients, configurations, and billing data.
7. Control Plane Database stores data for the Web Control Plane.
8. API Database stores dietitians' samples and LLM requests and responses.
9. Security includes API key authentication and TLS-encrypted communication.
10. Administrator manages server configurations and resolves application issues.

TAKEAWAYS:

1. Seamless integration with ChatGPT enhances AI-generated nutrition content.
2. Secure APIs enable safe interaction between Meal Planners and AI Nutrition-Pro.
3. AWS infrastructure ensures scalability and reliability of the application.
4. Robust security measures protect data and communications.
5. Effective management of clients and configurations is achieved via the Web Control Plane.