Skip to content

Releases: kasinathca/intent-aware-security

Release v1.0.0: Initial Architecture Launch

Choose a tag to compare

@kasinathca kasinathca released this 21 Feb 07:25

Release v1.0.0: Initial Architecture Launch

This release establishes a robust middleware architecture designed to secure legacy identity verification systems (such as Aadhaar OTP infrastructure) against advanced modern threat vectors, including credential stuffing, automated scraping, and SS7/SIM-swapping.

Key Architectural Frameworks Introduced

1. Cryptographic Security Engine (ZKP Layer)

This release introduces a localized cryptographic proxy mechanism that functionally mirrors a Zero-Knowledge Proof.

  • Standards-Compliant: Implements Elliptic Curve Digital Signature Algorithm (ECDSA) relying on the NIST P-256 (SECP256R1) curve.
  • Replay Immunity: Integrates a thread-safe ChallengeStore enforcing strict 60-second time-to-live (TTL) limits and single-use operational states for pseudorandom nonces.
  • Browser Sandbox Security: Private keys are generated securely on the edge via the WebCrypto API (window.crypto.subtle) and strictly sandboxed within browser localStorage, ensuring the authentication secret is physically never transmitted over the network.

2. Behavioral Anomaly Engine (ML Layer)

To detect and halt statistically perfect protocol spoofing (Mimicry Attacks) where cryptographic keys are theoretically bypassed, this release implements a secondary defensive perimeter.

  • Unsupervised Analysis: Deploys a trained IsolationForest model to quantitatively predict threat arrays exclusively via spatial and temporal metadata (Time of Request, Global Geo-location, Network IP Rate, and Body Payload mass).
  • Deterministic Rejection: Classifies inbound API requests entirely devoid of algorithmic prejudice. Outliers generate negative structural coefficients, instigating an immediate automated HTTP 403 connection termination.

3. Middleware Integration & Telemetry

A high-throughput API gateway (FastAPI) binds the dual security layers into a low-latency environment.

  • Interactive Telemetry Dashboard: Generates continuous, live visual telemetry parameters utilizing Chart.js for Risk Scores, Traffic Volume mapping, and dynamic ZKP pie-chart analytics.
  • Testing Simulators: Includes two native simulation environments—a graphical Hacker Console and a CLI attacker.py—designed to intentionally flood the application layer via Multi-Threading to objectively validate gateway load mitigation constraints.

Documentation

Comprehensive technical documentation, including endpoint mappings and model feature sets, is actively available on the GitHub Repository Wiki:


Artifact Signatures:

  • Tested Frameworks: Python 3.10+, FastAPI, Scikit-Learn 1.3+, Cryptography 41+
  • Validation State: Standard Integration Tests (PASSED)
  • Release Branch: main

(End of Release Notes)