ASP. NET Core 6 - Architectural doubt, how to protect data access layer
Hi, I'm planning to use the architecture in the attached picture for an application that will run at the customer factory.
Basically I have the core application split into multiple projects because each one represents a feature the customer may or may not buy, and thus I'll include and dinamically load such project only if the customer buys the associated feature.
Then I'd like to protect the Data Access Layer by making its classes internal, and by letting other systems access it only by means of REST API.
However I've the following doubts with this approach:
- If I do not include e.g. feature 2, the Data Access Layer logic for accessing feature 2 data is still there.
- A customer could make a REST request directly to the Data Access Layer. Should I require an entity willing to dialogue with the Data Access Layer to have a specific role? a role that only the Server layer has.
- Even if I'm to make DbContext internal, Microsoft.AspNetCore.Identity.EntityFrameworkCore.IdentityDbContext is still public, as public are all the models in ServerShared project. However this should not be a problem since the base assumption is a potential attacker (even at the customer factory) does not have database credentials.
I'd like to know what's in your opinion the best approach to use in this scenario. Thanks!
Basically I have the core application split into multiple projects because each one represents a feature the customer may or may not buy, and thus I'll include and dinamically load such project only if the customer buys the associated feature.
Then I'd like to protect the Data Access Layer by making its classes internal, and by letting other systems access it only by means of REST API.
However I've the following doubts with this approach:
- If I do not include e.g. feature 2, the Data Access Layer logic for accessing feature 2 data is still there.
- A customer could make a REST request directly to the Data Access Layer. Should I require an entity willing to dialogue with the Data Access Layer to have a specific role? a role that only the Server layer has.
- Even if I'm to make DbContext internal, Microsoft.AspNetCore.Identity.EntityFrameworkCore.IdentityDbContext is still public, as public are all the models in ServerShared project. However this should not be a problem since the base assumption is a potential attacker (even at the customer factory) does not have database credentials.
I'd like to know what's in your opinion the best approach to use in this scenario. Thanks!
