GLOBALEAKS
main
Getting Started
Setup
Security
Threat Model
Application Security
Encryption Protocol
Penetration Tests
User Documentation
Developer Documentation
GLOBALEAKS
Docs
»
Security
Edit on GitHub
Security
¶
Threat Model
Actors Matrix
Anonymity Matrix
Communication Security Matrix
Identity Disclosure Matrix
Usage Scenarios Matrix
GlobaLeaks Security Matrix
Data Security Matrix
Threats to Confidentiality and Anonymity
Browser History and Cache
Metadata
Malware and Trojans
Data Stored Outside the Platform
Environmental Factors
Incorrect Data Retention Policies
Human Negligence
Advanced Traffic Analysis
Application Security
Architecture
Authentication
Password
Receipt
Password Security
Password Storage
Password Complexity
Two Factor Authentication (2FA)
Password Change on First Login
Periodic Password Change
Proof of Work on Login and Submissions
Slowdown on Failed Login Attempts
Password Recovery
Web Application Security
Session management
Cookies and XSRF Prevention
HTTP Headers
Strict-Transport-Security
Content-Security-Policy
Permissions-Policy
X-Frame-Options
Referrer-Policy
X-Content-Type-Options
X-XSS-Protection
Cache-Control
Crawlers Policy
Anchor Tags and External URLs
Input Validation (Server)
Input Validation (Client)
Form Autocomplete OFF
Network Security
Connection Encryption
Network Sandboxing
Data Encryption
Application Sandboxing
DoS Resiliency
Other Measures
Encryption of Temporary Files
Secure File Delete
Secure Deletion of Database Entries
Exception Logging and Redaction
Entropy Sources
UUIDv4 Randomness
TLS for SMTP Notification
Encryption Protocol
Encryption’s Workflow
Encryption’s Details
Algorithms
Users’ Credentials
Users’ Keys
Data Encryption’s Keys
Key Recovery
Key Escrow
Penetration Tests
Read the Docs
v: main
Versions
latest
main
devel
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by
Read the Docs
.