Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
金融機関の(システムの)作り方
Search
free_world21
December 13, 2019
Technology
0
1.4k
金融機関の(システムの)作り方
https://ginza-rails.connpass.com/event/155467/
銀座Rails#16 @リンクアンドモチベーション
で発表したスライドです。
free_world21
December 13, 2019
Tweet
Share
More Decks by free_world21
See All by free_world21
『Railsオワコン』と言われる時代に、なぜブルーモ証券はRailsを選ぶのか
free_world21
2
480
東証障害報告書を読み解く
free_world21
0
61
Ruby/Railsの勉強会のおかげでブルーモ証券起業した
free_world21
2
260
エンジニアとしての属性軸(自己分析軸?)を考えてみた
free_world21
0
46
(元)FinTechエンジニアが読み解く東証障害報告書
free_world21
0
630
railsでつくるなんちゃってserverless CMS〜コーポレートサイト編〜
free_world21
1
1.2k
railsとserverless技術で鉄道アプリを作った話〜なぜ僕はrubyでバイナリをパースしたのか〜
free_world21
1
700
セキュアなRAILSアプリを目指す Part2: 暗号化編(鍵の管理)
free_world21
1
600
Other Decks in Technology
See All in Technology
Databricksの生成AI戦略
taka_aki
1
370
kcp: Kubernetes APIs Are All You Need #techfeed_live / TechFeed Experts Night 28th
ytaka23
1
190
SLOいつ決めましょう?
abnoumaru
3
300
LINEヤフーのウェブアクセシビリティ
lycorptech_jp
PRO
2
170
汎用ポリシー言語Rego + OPAと認可・検証事例の紹介 / Introduction Rego & OPA for authorization and validation
mizutani
1
150
個人的、Kubernetes の最新注目機能! (2024年5月版) / TechFeed Experts Night#28 〜 コンテナ技術最前線
pfn
PRO
3
210
TDD - Test Driven Drupal
opdavies
0
3k
サービス開発におけるVue3とTypeScriptの親和性について
tsukuha
10
1.8k
シンプルなHITL機械学習と様々なタスクにおけるHITL機械学習
naohachi89
0
320
Google Cloud Next '24 Recap in ZOZO AIにより変わる開発 運用/Development and operation changed by AI
gachimuchiengineer
0
190
開発スピードの維持向上を支える、テスト設計の 漸進的進化への取り組み / Continuous Test Design Development for Speed of Product Development
ropqa
0
180
AI JIMY - 登壇(インストール編)
hanacchi
0
150
Featured
See All Featured
Visualization
eitanlees
137
14k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
34
6.1k
The Invisible Customer
myddelton
114
12k
Atom: Resistance is Futile
akmur
260
25k
The MySQL Ecosystem @ GitHub 2015
samlambert
244
12k
A Modern Web Designer's Workflow
chriscoyier
689
190k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
352
28k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
660
120k
How STYLIGHT went responsive
nonsquared
92
4.8k
The Invisible Side of Design
smashingmag
294
49k
Gamification - CAS2011
davidbonilla
77
4.6k
10 Git Anti Patterns You Should be Aware of
lemiorhan
649
58k
Transcript
׺¡3 TV]n3 ìA 2019.12.13 ÁőRails#16 @free_world21
▪ ±ľ cLv 35 ▪ : ƇĪ ½2lIz_ĿŇàÐ ▪ Œ:
jxOtm – RVGMLP?8P>E3 – ÎVQYi ▪ 2008: hu tzVLzUaG/"-į¢ – flash/C#/rails/iOS/Android ▪ 2009: |¸ëŅŧ çÔ²é¸ŅĈ ▪ 2009: IPAŐœ2ōŬ!CB ▪ 2016: LotZòă~2Čÿ ▪ 2018: űĔ© ▪ 2019: hu tzV~©/"-÷¹ @free_world21
LotZòă~ ▪ 2016}Ũ ▪ ×.3Ĺ3ńİD"1Ĺ4Ń – 2017: EMERADA EQUITY ▪
ÑĹĊûàŪć»Ů ×ēþ»Ë – 2018: EMERADA BANK ▪ ş – 2019: EMERADA MARKETPLACE ▪ à£ÚŖ· 2Ŕ
None
None
Ő3VY _G[j3ò òÝ¶È DNtJ`hFz^HzOD¤#- ĭÏ$BR gVDğŤ 2017}11R gVuu V 2019}10ŭķðĘDŃ
×4čÀ ▪ ūŕÀ – hÙÒ - ,z0Æ%w¦¬!W] , – }WV}Wh
– o©Vo©Vh ▪ ńİÀ – hÙÒ - ,z0Æ**W]!ÇÁ0¤ ! – ³VX®£vh – ×XV×XVh – dfÒtWV}Wh – à¾gËÈVmXfh
r S3 a W @3 ¿Ķ
r S3 a W @3 ¿Ķ
ðĘDĬ2Ĥ¦"8$ ▪ ×ēþ»Ë§ ▪ ×ēþ»Ë§üť ▪ ×ēþ»Ë§üčŘ ▪ ▪
Ø~čŘ ĥ ý Ō « https://www.fsa.go.jp/common/law/guide/kinyushoh in/index.html
;3$ ů28/:8$ ▪ ºó¿æ1Ð – §a Þ'0[-,S0ç+#( µ¸q – §z'ÞÀ¹S
ëè0,` ▪ ĵijŢè3?1jxXVDğŤ"8"> ▪ '3ƀš;*<E/ę"8"> – z!æÑn00ì ¸q0ßÖ#( ▪ çÔ/#Ä2*<ž¬ – ÝÅ zÞ0,`!ID/Pass %#( OTP ▪ Ŋºó¿æ1Ð – U`G25N ´Ä0ßÖ#( – Ï.O:0 #( – ^ ceT _ Õ²Ðá0#( – OS'IDN673 ïÛº~#( – u 39@? ã^Ì$#( – Í°â « ) #( ▪ '3Ŏ – j\B?Cr¥0 +Ók|0Yc&1·Ø#( – ½ # ¶*éÃÝÅ'x±pÜ#( – j\eÊ!¢eÊ),Zybª0#( – ;PB4P>7P=HLP0aåÓ0#(
None
řĬ
Izht
Izht ¨1ŏŲ1ʼnļ3ƄĒ DOSʼnļ XXIzUKNTsz wordpress3ƊũÃD,(ʼnļ v v4ſ 2¨¯!&-í
Izht assetsłhFIv3Mp[Tq¯2?BĕųņÞ ĎŀIJ¨Î2?Br Sgu]H3Î LBÍ¥.ÌÍ3500Ĩï"(@ CF@Lt k UDġÉ
Izht ċAZ63x `etzTzO SSLāţĐ²
Izht Autoscale2?BĞ2XïÍ ĕų24Yï8.VP v IzVYzVŚ1A2 1+(/;¹īŋ EC2IzVYzV.4 docker container/"-rails(puma) ¹
Izht Aurora2?BƆ ğÅ ã4master63Ŧ9ô. masterėŚ4slave¹ŗø
Izht G[jx `!C(hFIvDĀ Û¿1;34ŸŔ¯"-
Izht ŸŔƃ4KMS.äģ²
4,3RailsjxUKN_ userrails adminrails DB common_models common_models useröcontrollers admin_models useröviews adminöcontrollers
adminöviews rails Žł_models Žłcontrollers ŽłDB ▪ user³railsGju ▪ admin³railsGju ▪ common engine ▪ ŽłrailsGju database - common_comments - common_posts - common_users - ads - admin_users - payments
ŸŔ¯2,- AWS KMS ▪ Customer Master KeyCMKDÜ"-data key "ŸŔƃ D¿ê$
B – A ▪ Í¥3;3KMS@Ģ+-B – A: ¡ æÑì – B: A æÑn-% ▪ A.ŸŔ¯"-'C4ĚĺBDDB102°Ľ"- ▪ BDKMS2Ó,B/īŔ¯"-Ģ"-CB ADå@CB 3.^ Y «DA.īŔ¯$B CMK has_many :data_keys
Űą2Ů( ▪ attr_encrypted /gemŠÒ)+( ▪ ċmodel3attributeDŰą2ŮB personal_info.first_name = ”cLv” personal_info.last_name
= “±ľ” personal_info.save! personal_info = PersonalInfo.find(1) puts personal_info.first_name # => “cLv” puts personal_info.last_name # => “±ľ”
áŶ³d[Tq ▪ ŸŔ¯"( && áŶ;"( => áŶ³2Hash¯"(ıDý] iv.°Ľ ▪ ŸŔ¸Hash¡Ì4/A%BCrypt,+/.
▪ after_save /.PersonalInfo3wQ `/Ŵ2ìB3ě/ñ Class PersonalInfo has_many :personal_info_hashes after_save :save_hashes def save_hashes save_name_hash save_tel_hash save_address_hash …… end def save_name_hash raw_value = last_name + first_name pi_hash = personal_info_hashes.find_or_initialize_by(field_name: 'last_name_and_first_name') pi_hash.hash_value = BCrypt::Engine.hash_secret(raw_value, ENV['HASH_SALT']) pi_hash.save! end
Ş 3 ŀ ▪ ºó¿æ1Ð – §a Þ'0[-,S0ç+#( µ¸q –
§z'ÞÀ¹S ëè0,` ▪ ĵijŢè3?1jxXVDğŤ"8"> ▪ '3ƀš;*<E/ę"8"> – z!æÑn00ì ¸q0ßÖ#( ▪ çÔ/#Ä2*<ž¬ – ÝÅ zÞ0,`!ID/Pass %#( OTP ▪ Ŋºó¿æ1Ð – U`G25N ´Ä0ßÖ#( – Ï.O:0 #( – ^ ceT _ Õ²Ðá0#( – OS'IDN673 ïÛº~#( – u 39@? ã^Ì$#( – Í°â « ) #( ▪ '3Ŏ – j\B?Cr¥0 +Ók|0Yc&1·Ø#( – ½ # ¶*éÃÝÅ'x±pÜ#( – j\eÊ!¢eÊ),Zybª0#( – ;PB4P>7P=HLP0aåÓ0#( ▪ ºó¿æ1Ð – Rails.roleºóDř – ĵijèðºóDř ▪ ĵij/Ţè.B34ý3role ▪ Ɓ,0²ĉ.Ţèŕđ"(;°Ľ – AWS KMS/attr_encrypted gem.ŸŔ¯"-DB2°Ľ – =Ó®3»ËfVy `ºóDř ▪ Ŋºó¿æ1Ð – tmpfsDõ+-carrierwave gem2hFIvDĀÄ4tmpfs/$B – AWS3ċQzl bz_3xOD°Ľ – WAF=security groupcontainer¯DB3CB] ivDŹB – ¼2IzVYzV /Ł$ ('-')╮ =͟͟͞͞!⸉ – WAF.ňÇ2E5A8$" – Autoscaling ▪ '3Ŏ – ċĹª\ vDżħ+-õ – Lt k UDCDN.ġÉ"-ĩ;C1/Ĝ4 Ŝ – """ – Terraform2?BIzht3Q `¯ŷś4"""
ƅÐĠ2)"-ƈ9(ùŵ ▪ B{ďĻĂ ÷¾´Ė 3â3¥Í¥3?1ƂùôċÖÙÕÊď Ɖ 2ĝ@CB ▪ 3. ĸĦ3ßĒãĄ –
1¼Ú îÒ – 5äíÒ https://www.npa.go.jp/laws/notification/seian/ hoan/hoan20180921-1.pdf
8/:Ćý1/4ĩ;"-1 ▪ čÀÂ¥2BR gV3ú: ▪ §¿æ3µ7Ŧ9 ▪ 'C2$B ŀĬ3 źĮ
– §¢!,¨z!/+UÔb011 – sÉê¿Â600l5J> ▪ î – rspecDBOA90B?C, – RubybinaryF?, – Railsserverless¯»100{K<0" ŻĴ~.4Æŝ2Ġ-)!# https://github.com/f-world21/encryption_sample