ARCP Security Overview¶
This document provides a detailed overview of the security architecture, features, and best practices implemented in ARCP to protect against modern threats and ensure secure operations.
🛡️ Security Architecture Overview¶
ARCP implements a multi-layered security architecture designed to protect against various threat vectors while maintaining operational efficiency. The security framework is built around the principle of Defense in Depth with multiple independent layers of protection.
Core Security Principles¶
- Zero Trust Architecture: Never trust, always verify - enforced through TPR and cryptographic bindings
- Principle of Least Privilege: Minimal access rights by default
- Defense in Depth: Multiple security layers including DPoP, mTLS, and attestation
- Secure by Default: Security-first configuration with mandatory compliance validation
- Comprehensive Monitoring: Full audit trail with security event logging and real-time threat detection
- Cryptographic Verification: Proof-of-possession and certificate-based authentication
- Supply Chain Security: SBOM verification and container scanning for vulnerability detection
🔐 Authentication & Authorization System¶
Multi-Tier Authentication Model¶
ARCP implements a hierarchical authentication system with four distinct privilege levels:
| Level | Access | Description |
|---|---|---|
PUBLIC | Read-only system info | No authentication required |
AGENT | Agent operations | Token-based authentication with optional DPoP/mTLS binding |
ADMIN | Administrative functions | JWT + session binding |
ADMIN_PIN | Critical operations | Admin + PIN verification |
Three-Phase Registration (TPR)¶
ARCP 2.1.0 introduces Three-Phase Registration for secure agent onboarding with comprehensive validation:
Phase 1: Temporary Token - Initial authentication using agent registration key - 15-minute temporary token (configurable) - Rate-limited to prevent abuse - Audience claim: arcp:validate
Phase 2: Compliance Validation - Asynchronous security verification - SBOM vulnerability scanning via OSV database - Container image security scanning (Trivy/Grype) - Software attestation (challenge-response) - Endpoint contract validation - Background processing with status polling
Phase 3: Production Token - Final token issuance with security bindings - Long-lived production token - Optional DPoP (proof-of-possession) binding - Optional mTLS (client certificate) binding - Full agent capabilities enabled
DPoP (Demonstrating Proof-of-Possession)¶
RFC 9449 Compliant: Cryptographic binding of tokens to client keys prevents token theft and replay attacks.
Key Features: - JWT-based proof generation signed with agent's private key - JWK thumbprint binding in token cnf claim - Unique jti (JWT ID) for replay prevention - HTTP method and URI binding (htm, htu claims) - Automatic validation on every request
Security Benefits: - Tokens cannot be used by attackers who steal them - Protection against man-in-the-middle attacks - Cryptographic proof of key possession
mTLS (Mutual TLS Client Authentication)¶
Certificate-Based Security: X.509 client certificates for strong agent authentication.
Architecture: - NGINX handles TLS termination and certificate validation - Client certificate forwarded to ARCP via X-Client-Cert header - SPKI (Subject Public Key Info) hash computed for token binding - Token cnf.x5t#S256 claim binds token to certificate
Features: - OCSP/CRL revocation checking - Certificate chain validation - Automatic certificate rotation support - SPKI hash binding prevents certificate substitution
JWT Token Security¶
Implementation Features: - Algorithm: Symmetric (HS256/HS384/HS512) or Asymmetric (RS256/ES256) with algorithm confusion protection - Expiration: Configurable token lifetime (default: 1 hour) - Validation: Comprehensive token validation with tamper detection - Rotation: Automatic token refresh capabilities - Bindings: Optional DPoP (cnf.jkt) and mTLS (cnf.x5t#S256) bindings
Security Measures:
# Token validation includes:
- Signature verification (symmetric or asymmetric)
- Expiration checking
- Algorithm validation (prevents algorithm confusion attacks)
- Payload integrity verification
- DPoP proof validation (if bound)
- mTLS certificate validation (if bound)
- Blacklist checking for revoked tokens
JWKS (JSON Web Key Set)¶
Asymmetric Token Signing: Public key distribution for decentralized token verification.
Features: - Algorithms: RS256 (RSA), ES256 (ECDSA) - Automatic Rotation: Keys rotated every 30 days (configurable) - Multi-Key Support: Multiple active keys during rotation overlap (7 days) - Public Endpoint: /.well-known/jwks.json for key distribution - Key ID (kid): Unique identifier in JWT header for key selection
Key Lifecycle: 1. New key generated automatically before expiration 2. Both old and new keys valid during overlap period 3. Old key retired after overlap period 4. Zero-downtime key rotation
Session Management¶
Admin Session Security: - Client Fingerprinting: Unique browser/client identification - Session Binding: Tokens bound to specific client sessions - PIN Protection: Additional PIN layer for critical operations - Session Timeout: Configurable session expiration - Concurrent Session Limits: Maximum active sessions per user
Session Validation:
// Client-side session validation
- Token validity checking every 5 minutes
- Automatic logout on token expiration
- Session fingerprint verification
- Real-time session status monitoring
🚨 Rate Limiting & Brute Force Protection¶
Advanced Rate Limiting System¶
ARCP implements a sophisticated rate limiting system with multiple protection mechanisms:
Rate Limiting Tiers: - Login Endpoints: 5 attempts per 15 minutes - PIN Operations: 3 attempts per 10 minutes
- General API: 100 requests per minute (configurable)
Protection Features: - Progressive Delays: Exponential backoff for failed attempts - Temporary Lockouts: Automatic account lockouts after repeated failures - Anti-Bypass Protection: IP header spoofing detection - Distributed Storage: Redis-backed attempt tracking
Lockout Algorithm:
# Progressive lockout duration calculation
base_duration = 5 minutes
lockout_duration = base_duration * (2 ^ (lockout_count - 1))
max_lockout = 1 hour
Client-Side Rate Limiting¶
JavaScript Security Manager: - Real-time attempt tracking - Progressive delay enforcement - Local storage persistence - User experience optimization
🔍 Input Validation & Sanitization¶
Comprehensive Input Security¶
Validation Layers: 1. Pydantic Models: Type and format validation 2. Custom Validators: Business logic validation
3. Security Sanitizers: XSS and injection prevention 4. Length Limits: Buffer overflow protection
Security Sanitization:
# Dangerous pattern detection and filtering
DANGEROUS_PATTERNS = [
r"<[^>]*>", # HTML tags
r"javascript:", # JavaScript URLs
r"on\w+\s*=", # Event handlers
r"expression\s*\(", # CSS expressions
r"\.\./", # Path traversal
# ... and more
]
Input Validation Examples: - Agent IDs: Alphanumeric, underscore, hyphen only - Usernames: 3-50 characters, specific character set - Passwords: 1-200 characters, full Unicode support - PINs: 4-32 characters, numeric or alphanumeric
🔍 Supply Chain Security¶
SBOM (Software Bill of Materials) Verification¶
Vulnerability Detection: Real-time scanning of agent dependencies against OSV (Open Source Vulnerabilities) database.
Supported Formats: - SPDX 2.3+ (JSON/XML) - CycloneDX 1.4+ (JSON/XML)
Features: - Automatic SBOM parsing and validation - Real-time vulnerability lookup via OSV.dev API - Severity-based filtering (CRITICAL, HIGH, MEDIUM, LOW) - CVE/GHSA identifier resolution - Compliance reporting
Validation Process: 1. Agent submits SBOM during TPR Phase 2 2. ARCP parses SBOM and extracts dependencies 3. Each dependency checked against OSV database 4. Vulnerabilities categorized by severity 5. Registration blocked if critical vulnerabilities found 6. Detailed report provided for remediation
Container Security Scanning¶
Image Vulnerability Detection: Integration with industry-standard container scanners.
Supported Scanners: - Trivy: Comprehensive vulnerability detection - Grype: Fast and accurate scanning
Scan Coverage: - Operating system packages (apt, yum, apk, etc.) - Application dependencies (npm, pip, maven, etc.) - Embedded secrets and credentials - License compliance checking - Configuration issues
Integration: - Scanner executed locally or via API - Results parsed and categorized - Critical findings block registration - Scan reports stored for audit trail
📚 Complete Container Scanning Guide →
Software Attestation¶
Runtime Integrity Verification: Challenge-response mechanism to prove agent authenticity and integrity.
Attestation Types: - TPM Attestation: Hardware-backed measurements (TPM 2.0) - Software Attestation: Code and configuration measurements
Challenge-Response Flow: 1. ARCP generates random challenge (nonce) 2. Agent computes measurements: - Code hashes (source files, binaries) - Configuration hashes - Executable hash - Environment information 3. Agent signs measurements with private key 4. ARCP verifies signature and validates measurements 5. Periodic re-attestation (configurable interval)
Security Properties: - Tamper detection for code modifications - Configuration drift detection - Runtime integrity verification - Cryptographic proof of identity
📚 Complete Attestation Guide →
🌐 Network Security¶
HTTP Security Headers¶
ARCP implements comprehensive security headers following OWASP recommendations:
# Security Headers Applied
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'...
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=(), microphone=(), camera=()...
Content Security Policy (CSP)¶
Configurable CSP Settings: - Development: Permissive for local development - Production: Strict policy with minimal trusted sources - WebSocket Support: Secure WebSocket connections - External Resources: Controlled CDN access for dependencies
IP Filtering & Access Control¶
IP-Based Security: - Allowlist Mode: Only specified IP ranges allowed - Blocklist Mode: Specific IPs denied access - CIDR Support: Network range specifications - Header Validation: X-Forwarded-For protection
🔒 WebSocket Security¶
Multi-Tier WebSocket Authentication¶
ARCP provides three types of WebSocket connections with different security levels:
| Type | Endpoint | Authentication | Use Case |
|---|---|---|---|
| Public | /public/ws | None | System status monitoring |
| Agent | /agents/ws | Agent Token | Agent communications |
| Dashboard | /dashboard/ws | Admin JWT + Fingerprint | Real-time dashboard |
WebSocket Security Features¶
Authentication Flow:
// Dashboard WebSocket authentication
ws.onopen = function() {
ws.send(JSON.stringify({
type: 'auth',
token: jwt_token,
fingerprint: client_fingerprint
}));
};
Security Measures: - Token Validation: JWT verification for each connection - Ping/Pong Monitoring: Connection health verification - Rate Limiting: Message frequency limits - Connection Limits: Maximum concurrent connections - Automatic Reconnection: Secure reconnection handling
🛡️ Content Filtering & XSS Protection¶
Response Sanitization¶
Security Sanitizer Features: - HTML Entity Encoding: Prevents script injection - Dangerous String Filtering: Removes malicious patterns - Length Limits: Prevents buffer overflow - Error Message Sanitization: Prevents information disclosure
Content Risk Detection:
# JSON response content scanning
ContentRiskDetector.scan_json_for_risk(payload)
# Flags potentially dangerous content without modifying response
Error Handling Security¶
RFC 9457 Problem Details: - Standardized error responses - Information leakage prevention - Sanitized error messages - Structured error format
📊 Security Monitoring & Logging¶
Comprehensive Audit Trail¶
Security Event Types: - Authentication attempts (success/failure) - Authorization failures - Rate limit violations - Suspicious activity detection - Session management events - Token validation failures
Logging Levels: - INFO: Successful operations - WARNING: Suspicious activities - ERROR: Security violations - CRITICAL: System compromises
Real-Time Security Monitoring¶
Dashboard Security Features: - Live security event monitoring - Failed authentication tracking - Rate limit status display - Session health monitoring - Alert generation and notification
Client-Side Security Manager:
// Security event tracking and logging
SecurityManager.logSecurityEvent('failed_login', 'Invalid credentials', {
username: sanitized_username,
ip_address: client_ip,
timestamp: new Date().toISOString()
});
🔧 Security Configuration¶
Environment-Based Security¶
Development vs Production:
# Development (Permissive)
ENVIRONMENT=development
CSP_ALLOW_CONNECT_HTTP=true
RATE_LIMIT_RPM=100
LOG_LEVEL=DEBUG
# Production (Strict)
ENVIRONMENT=production
CSP_ALLOW_CONNECT_HTTP=false
RATE_LIMIT_RPM=60
SECURITY_LOGGING=true
IP_DEFAULT_DENY=true
Security Configuration Options¶
Authentication Settings:
# JWT Configuration
JWT_SECRET=your-256-bit-secret-key-here
JWT_ALGORITHM=HS256
JWT_EXPIRE_MINUTES=60
# Admin Credentials
ADMIN_USERNAME=secure_admin_user
ADMIN_PASSWORD=complex_password_here
# Agent Registration Keys
AGENT_KEYS=key1,key2,key3
Rate Limiting:
# Rate Limit Configuration
RATE_LIMIT_RPM=100 # Requests per minute
RATE_LIMIT_BURST=20 # Burst allowance
SESSION_TIMEOUT=30 # Minutes
MAX_SESSIONS=5 # Concurrent sessions
Network Security:
# CORS and Origins
ALLOWED_ORIGINS=https://dashboard.example.com,https://monitor.example.com
TRUSTED_HOSTS=dashboard.example.com,api.example.com
# IP Filtering
IP_DEFAULT_DENY=false
BLOCKED_IPS=192.168.1.10,10.0.0.5
ALLOWED_IP_RANGES=10.0.0.0/8,192.168.0.0/16
🔍 Security Testing & Validation¶
Penetration Testing Suite¶
ARCP includes a comprehensive security testing framework:
Automated Security Tests: - Authentication bypass attempts - JWT token manipulation attacks
- Rate limiting bypass techniques - Input validation and injection testing - Session fixation and hijacking tests - XSS and CSRF protection validation
Security Test Categories:
# Included security tests
1. Authentication Bypass Tests
2. JWT Token Manipulation
3. Rate Limiting Bypass
4. Session Hijacking Attempts
5. Input Validation & Injection
6. Authorization Boundary Tests
7. WebSocket Security Tests
8. Advanced Attack Vectors
Security Validation Tools¶
Built-in Security Scanner:
# Run comprehensive security tests
python tests/security/security_pentest.py --target http://localhost:8001 --verbose
# Save results to a report file
python tests/security/security_pentest.py --target http://localhost:8001 --output security_report.txt
Metrics Security Best Practices¶
To enhance security, ensure that metrics scraping is done via a secure token and restrict access to the /metrics endpoint to admin users only.
🔧 Advanced Security Configuration¶
High-Security Environment Setup¶
Maximum Security Configuration:
# Ultra-secure production setup
ENVIRONMENT=production
# Strong authentication
JWT_SECRET=<256-bit-random-key-here>
JWT_ALGORITHM=HS384
JWT_EXPIRE_MINUTES=30
# Restrictive rate limiting
RATE_LIMIT_RPM=30
RATE_LIMIT_BURST=10
MAX_SESSIONS=3
# Strict network security
IP_DEFAULT_DENY=true
ALLOWED_IP_RANGES=<your-office-network>/24
CSP_ALLOW_CONNECT_HTTP=false
CSP_ALLOW_CONNECT_HTTPS=true
# Enhanced monitoring
SECURITY_LOGGING=true
LOG_LEVEL=INFO
CONTENT_FILTERING=true
Security Headers Customization¶
Custom Security Headers:
# Additional security headers for high-security environments
CUSTOM_SECURITY_HEADERS = {
"X-Permitted-Cross-Domain-Policies": "none",
"X-Robots-Tag": "noindex, nofollow, nosnippet, noarchive",
"X-Download-Options": "noopen",
"Cross-Origin-Embedder-Policy": "require-corp",
"Cross-Origin-Opener-Policy": "same-origin",
"Cross-Origin-Resource-Policy": "same-origin"
}
Multi-Factor Authentication Integration¶
MFA Implementation Considerations: - TOTP (Time-based One-Time Password) support - Hardware token integration (YubiKey, etc.) - SMS/Email verification backup - Recovery code generation and management - MFA enforcement for admin accounts
Threat Detection & Response¶
Automated Threat Detection¶
Security Alert Triggers: - Multiple failed login attempts (>3 in 5 minutes) - JWT token manipulation attempts - Rate limiting violations - Unusual access patterns - Session hijacking indicators - Input validation failures - WebSocket connection anomalies
Real-time Security Monitoring:
// Dashboard security monitoring
- Live authentication failure tracking
- Rate limit status visualization
- Session health monitoring
- Alert generation with severity levels
- Automated response actions
Security Metrics & KPIs¶
Key Security Indicators: - Authentication success/failure rates - Average session duration - Rate limiting effectiveness - Token validation failure rates - Security event frequency by type - Response time to security incidents - Security patch deployment time
Security Notifications¶
Monitor the following for security updates: - GitHub Security Advisories - Release notes for security fixes - Dependency security updates - CVE notifications for used libraries
Security Resources¶
📚 Additional Security Documentation¶
For detailed implementation guides, see:
- Three-Phase Registration (TPR) - Secure agent onboarding process
- DPoP (Proof-of-Possession) - RFC 9449 token binding
- mTLS (Mutual TLS) - Certificate-based authentication
- SBOM Verification - Dependency vulnerability scanning
- Container Scanning - Image security analysis
- Software Attestation - Runtime integrity verification
- JWKS Management - Asymmetric key distribution
- NGINX Deployment - Reverse proxy configuration for security
This security overview provides a comprehensive understanding of ARCP's security architecture. For implementation details, refer to the individual component documentation and configuration guides.
Last Updated: February 16, 2026
Version: ARCP 2.1.0