Skip to content

[codex] Security mechanism interview notes #87

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
loulanyue wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

[codex] Security mechanism interview notes #87

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions 05-system-design/security/安全机制.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,30 @@ Java Spring Boot 2.0 安全机制

8.(如LDAP,JDBC,Kerberors,ActiveDirectory)

## 面试补充:认证、授权与审计

安全机制面试题建议按“身份认证、权限控制、请求防护、审计追踪”来回答。

### 认证与授权

认证解决“你是谁”,授权解决“你能做什么”。常见认证方式包括 Session、JWT、OAuth2、API Key;授权模型常见 RBAC、ABAC 和资源级 ACL。设计时要把身份校验和权限判定分开,避免只登录不鉴权。

### JWT 与 Session

Session 由服务端保存登录态,易于主动失效,但需要共享会话或集中存储。JWT 自包含用户声明,适合无状态网关和多服务场景,但失效、续签和密钥轮换要设计清楚。敏感系统通常会配合短有效期、刷新令牌和黑名单机制。

### CSRF 与重放防护

CSRF 防护重点是避免浏览器自动携带凭证触发非预期操作,可使用 CSRF Token、SameSite Cookie 和关键操作二次确认。接口签名常用时间戳、nonce 和 HMAC,服务端校验时间窗口和 nonce 去重,防止请求被截获后重复提交。

### 高风险动作审批

删除、批量导出、生产变更、资金操作等不可逆动作应加入人工确认、二次验证或审批流。系统要记录操作者、请求参数、审批结果、执行结果和 TraceId,保证可追责、可回放。

### 审计与告警

安全日志不要只记录失败,也要记录敏感成功操作。关键字段包括用户、租户、IP、设备、资源、动作、结果和耗时。异常登录、权限提升、频繁失败、越权访问和批量导出都应触发告警。

---

<!-- note-nav:start -->
Expand Down