Re: Question on - How secure is Mifos?
Hi Sangamesh -
As a financial system of record Mifos was designed from the beginning to be
secure on the basis of best practices in software architecture and the use
of existing code libraries for security implementation. Design-wise, this
would include having proper separation of roles, appropriate granularity of
permissions, work flow (maker checker authorization) support, encrypted
channels, runtime process isolation, audit logs, and secured databases.
I'd like to raise some points related to your question:
1) Any security framework is only as strong as the weakest link. A
database may be fully encrypted and secure but if the private encryption
keys are broadcast in the clear (a very bad idea) then you've undermined
the model. This has happened in closed-source mobile money applications
run by reputable companies.
2) Open source provides a way to inspect and determine if best practices
are being followed. One of the key issues with older security frameworks
is that too many of them rely on "security through obscurity". Mifos and
others invite inspection and bug reports. I believe several efforts have
looked at this, but security is an ongoing effort/philosophy, not a one
time thing. Still, I wonder if we can get a white hat security team to
review a deployment of Mifos apps + fineract. As fineract grows in
popularity (we hope and expect) this becomes more important.
3) While the code may be written in the right way, operational deployment
practices are often the primary way to ensure that disparate applications
are able to be securely implemented. With the blending of dev-ops into
coding, this can be more controlled in the code, but at the end of the day
so much of security comes down to thing like "has the recent server
security patch been applied?" "has the VPN been implemented properly?",
"was the root user hard coded into the internal data calls?", "have the
passwords and keys been changed and kept secure?".
4) We are not adequately tracking security issues in deployments. There are
reasons why companies may not want to share this information, but, I
believe we will need to establish a security reporting process where known
Mifos or Fineract solution providers can report what they've learned and
what actions they've had to take to fend off an attack.
5) I believe that what is needed is a Guide for Securing Mifos applications
running in production. This could be a Guide that would walk through how to
deploy and secure both the Apache fineract code and the Mifos Apps that are
released in production. The Security-Overview wiki is mostly aimed at that
So, I think the answers to the questions may involve looking at what you
are trying to convey in those wiki pages. On the wiki page, can you point
out where the questions exist more specifically?
Second, if there are any security framework experts on this list, an audit
of the fineract and mifos apps, using automated security probing tools
(info sec tools like droidsqli on the android apps) would be a useful
contribution, but perhaps we should have a secured test- instance for that
first. It would tell us where we are at. Yes?
On Tue, Sep 18, 2018 at 3:47 AM sangamesh n <sangameshcfsl@xxxxxxxxx> wrote:
> Hello Dev,
> Below is a question which has been asked at
> *How secure is Mifos? i mean no one can attack me when i decided to use
> Mifos as it is an OpenSource*
> has been asked by isabane on MifosConnect
> Here are the links, which are having details with few missing answers on
> important questions. Can we have updates on missing answers soon?, wherein
> it explains how good is the security architecture of mifos/fineract
> - *