"Hongik Ingan: Aunt (AIR-SHIELD) guards every home in the WIA family."
Security by Default
===================
WIA-HOME includes:
[OK] TLS encryption (HTTPS)
[OK] DDoS protection
[OK] Web Application Firewall
[OK] AIR-SHIELD integration
[OK] Automatic updates
No configuration needed.
Security is automatic.
Security Architecture
=====================
Incoming Request
|
v
+-------------------+
| Rate Limiter | <- Block excessive requests
+-------------------+
|
v
+-------------------+
| WAF (Firewall) | <- Block attacks
+-------------------+
|
v
+-------------------+
| TLS-LITE | <- Encrypt connection
+-------------------+
|
v
+-------------------+
| AIR-SHIELD | <- Deep inspection
+-------------------+
|
v
Your Content
Lightweight TLS =============== Traditional TLS: - Complex handshake - CPU intensive - Resource heavy WIA-TLS-LITE: - Simplified handshake - Minimal overhead - Perfect for personal servers Features ======== [OK] Full encryption (AES-256-GCM) [OK] Certificate auto-renewal [OK] No manual configuration [OK] Works behind NAT [OK] P2P certificate verification How It Works ============ 1. Key Generation - Generate keypair on setup - Public key registered with WIA DNS 2. Connection - Client connects - Server proves identity - Encrypted channel established 3. Renewal - Automatic before expiry - No downtime - Seamless Certificate Display =================== Visitors see: Lock icon in browser "Connection is secure" yoursite.wia.home verified Same trust as traditional SSL.
Rate Limiting
=============
Automatic protection:
- Max requests per IP
- Gradual throttling
- Temporary bans
Default Limits
==============
Normal traffic:
100 requests/minute per IP
Suspicious traffic:
Throttled to 10 requests/minute
Attack detected:
Temporary IP block
P2P Distribution
================
Under attack:
1. Request distributed to peers
2. Peers absorb traffic
3. Your server protected
4. Attacker faces whole network
Custom Configuration
====================
home.security.ddos.configure({
rateLimit: 100, // requests/minute
throttleThreshold: 50, // when to slow down
blockThreshold: 200, // when to block
blockDuration: 3600 // seconds
});
Attack Logging
==============
home.on('ddos_detected', (event) => {
console.log('DDoS detected from:', event.data.sourceIP);
console.log('Requests blocked:', event.data.blockedCount);
});
Attack Prevention
=================
WAF blocks:
SQL Injection:
Input: ' OR '1'='1
Result: BLOCKED
XSS (Cross-Site Scripting):
Input:
Result: BLOCKED
CSRF (Cross-Site Request Forgery):
Invalid token request
Result: BLOCKED
Path Traversal:
Input: ../../../etc/passwd
Result: BLOCKED
WAF Configuration
=================
home.security.waf.configure({
sqlInjection: true,
xss: true,
csrf: true,
pathTraversal: true,
fileUpload: {
maxSize: 10 * 1024 * 1024, // 10MB
allowedTypes: ['image/*', 'application/pdf']
}
});
Form Protection
===============
All forms automatically:
[OK] CSRF token added
[OK] Input sanitized
[OK] Rate limited
[OK] Honeypot field
Upload Scanning
===============
File uploads:
[OK] Type verification
[OK] Size limits
[OK] Malware scan (AIR-SHIELD)
[OK] Quarantine suspicious files
Aunt Guards the Home
====================
AIR-SHIELD (Aunt) provides:
- Deep packet inspection
- Malware detection
- Behavior analysis
- Threat intelligence
Automatic Protection
====================
home.security.airShield.configure({
enabled: true,
scanUploads: true,
protectForms: true,
blockMalicious: true
});
Threat Detection
================
AIR-SHIELD detects:
[OK] Malware uploads
[OK] Bot attacks
[OK] Credential stuffing
[OK] API abuse
[OK] Data exfiltration
Alert Notifications
===================
home.on('security_alert', (event) => {
console.log('Threat detected:', event.data.type);
console.log('Action taken:', event.data.action);
console.log('Details:', event.data.details);
});
Dashboard View
==============
Security Status: PROTECTED
Threats blocked (24h):
- SQL Injection: 12
- XSS attempts: 8
- Bot requests: 156
- Malware uploads: 2
All handled automatically by Aunt.
Privacy-First Design
====================
WIA-HOME default:
[OK] No third-party tracking
[OK] No Google Analytics
[OK] No Facebook Pixel
[OK] No data selling
[OK] GDPR compliant
Data Storage
============
All data stays on your PC:
- Visitor logs
- Order data
- Customer info
- Analytics
Nothing sent externally.
Privacy Configuration
=====================
home.security.privacy.configure({
tracking: {
analytics: 'privacy-first',
cookies: 'essential',
doNotTrack: true
},
data: {
encryption: true,
localOnly: true,
autoDelete: 90 // days
},
compliance: {
gdpr: true,
ccpa: true,
pipa: true // Korea
}
});
User Rights
===========
Customers can:
[OK] Request their data
[OK] Delete their data
[OK] Export their data
[OK] Opt out of any tracking
All automated and easy.
Previous: Chapter 6 - Booking System | Next: Chapter 8 - Implementation