BSEP

Overview

I developed a full-featured information system for a marketing agency, with a strong focus on security from the very beginning. The platform supports multiple user roles (admins, employees, clients) through a well-defined RBAC system, ensuring clear permission boundaries.

User Management

The system supports multiple user roles, including:

• Admins
• Employees
• Clients

A clear Role-Based Access Control (RBAC) system enforces permission boundaries and access levels for each role.

Authentication & Security Features

Security features were a top priority from the start and include:

• Passwordless login
• Two-factor authentication (2FA)
• OAuth integration (e.g., Google, GitHub)
• Secure password reset flows, protected by CAPTCHA
• End-to-end encryption for all sensitive data (in transit and at rest)

Abuse Prevention & Monitoring

To ensure reliability and prevent misuse, the system includes:

• A built-in rate limiter, particularly effective for controlling ad view spam
• Security event logging for audit trails and incident response
• Real-time alerts and monitoring to catch suspicious activity early

Summary

This project was developed as part of a CyberSecurity course, with the main goal of building a secure and reliable system by following best practices from the start. Security wasn’t added later — it was a core part of the design from day one.

Throughout the project, I focused on key areas like authentication, access control, encryption, and safe data handling. Every feature was built with security in mind, from preventing abuse with rate limiting to logging sensitive actions for audit purposes.

Working on this gave me hands-on experience with essential security concepts and showed how important it is to think about security early in the development process.