The document outlines various microservices related to user authentication, user profile management, user permissions, session management, and API key management across different cloud providers: AWS, GCP, and Azure. It details functionalities such as multi-factor authentication, role-based access control, session tracking, and compliance with regulations like GDPR and AML. Additionally, it describes services for order matching, market data, trade execution, and security measures like DDoS protection and backup recovery.
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
0 ratings0% found this document useful (0 votes)
10 views5 pages
Microservices Cloud Distribution
The document outlines various microservices related to user authentication, user profile management, user permissions, session management, and API key management across different cloud providers: AWS, GCP, and Azure. It details functionalities such as multi-factor authentication, role-based access control, session tracking, and compliance with regulations like GDPR and AML. Additionally, it describes services for order matching, market data, trade execution, and security measures like DDoS protection and backup recovery.
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 5
Microservice Cloud Provider
User Authentication AWS
User Registration AWS Multi-Factor Authentication (MFA) AWS OAuth 2.0 & OpenID Connect (OIDC) AWS Role-Based Access Control (RBAC) AWS Session Management AWS Single Sign-On (SSO) AWS Password Management AWS API Key Management AWS Biometric Authentication AWS Device Fingerprinting AWS Brute Force Protection AWS Identity Federation AWS Token Refresh & Expiry AWS Audit Logging & Monitoring AWS User Profile GCP User Data Management GCP KYC (Know Your Customer) Verification GCP User Preferences GCP Security Settings GCP Linked Accounts GCP API Key & Device Management GCP Privacy & GDPR Compliance GCP Session & Activity Logs GCP User Permissions & Roles Azure Role-Based Access Control (RBAC) Azure Permission Management Azure Custom Role Creation Azure API Authorization Azure Hierarchical Role Inheritance Azure Privileged Access Management (PAM) Azure Audit Logging & Compliance Azure Session & API Key Restrictions Azure Just-In-Time (JIT) Access Azure Multi-Tenancy Support Azure Session Management AWS Session Creation & Storage AWS JWT & OAuth Token Handling AWS Multi-Device Session Tracking AWS Idle Timeout & Session Expiry AWS Session Revocation & Logout AWS IP & Device Fingerprinting AWS GeoIP & Location-Based Security AWS Session Persistence & Replication AWS Rate Limiting & Brute Force Protection AWS Single Sign-On (SSO) Integration AWS Session Auditing & Logging AWS API Key Management Azure API Key Issuance Azure Key Storage & Encryption Azure Access Control & Role-Based API Keys Azure HMAC-Signed Requests Azure Rate Limiting & Throttling Azure Key Expiry & Rotation Azure Revocation & Blacklisting Azure Logging & Monitoring Azure IP Whitelisting & Geo-Restrictions Azure Multi-Tenant API Key Management Azure Two-Way API Key Verification Azure Order Matching Engine AWS Order Book Management AWS Matching Algorithm AWS Order Queueing AWS Trade Execution AWS Risk Checks & Compliance AWS Latency Optimization AWS Audit Logging & Replay AWS Market Data Service GCP Order Execution Service AWS Trade Settlement GCP Market Maker Service AWS High-Frequency Trading Gateway AWS Hot Wallet Service Azure Cold Wallet Service Azure Deposit Handling AWS Withdrawal Processing Azure Blockchain Node Service GCP AML (Anti-Money Laundering) Engine GCP Trade Surveillance GCP Zero Trust Access Service Azure DDoS & Intrusion Detection AWS Backup & Recovery Service Azure Description Manages user authentication, MFA, OAuth Handles new user sign-ups, email/phone verification, and profile creation. Enhances security with OTPs via SMS, Email, or Authenticator Apps. Supports authentication via Google, Facebook, Apple, Binance API. Assigns user roles (Trader, Admin, API User) and permissions. Tracks active user sessions, prevents token reuse. Enables users to log in once and access multiple services. Secure password storage, reset flows, and policy enforcement. Issues and manages API keys for programmatic access. Supports fingerprint, Face ID, and voice recognition login. Detects suspicious logins from unknown devices. Blocks multiple failed login attempts (Rate Limiting). Allows enterprises to use their own identity providers (IDPs). Ensures access tokens expire after a time limit and refresh securely. Tracks all login attempts, failures, and suspicious behavior. Stores user details, preferences, and KYC data Stores user information such as name, email, phone, and profile picture. Handles identity verification and document storage for compliance. Manages settings like language, currency, notifications, and theme. Stores MFA settings, password reset preferences, and account recovery options. Tracks linked bank accounts, crypto wallets, and third-party services. Logs authorized devices and manages API keys for integrations. Allows users to download or delete their data per regulations. Stores login attempts, transactions, and recent activities. Optimized for institutional and algorithmic traders Defines roles (Trader, Admin, API User) and their permissions. Grants or revokes granular access to different services. Allows admins to create new roles with specific permissions. Controls API access based on OAuth tokens and API keys. Supports role hierarchies (e.g., Super Admin > Admin > Trader). Restricts high-risk actions (e.g., fund transfers, admin changes). Logs role changes, permission escalations, and failed access attempts. Limits API access by IP, device, or time window. Provides temporary elevated access for admins. Allows managing permissions for different user groups in SaaS environments.
Generates secure session tokens upon user login.
Issues and verifies JWT/OAuth access & refresh tokens. Manages sessions across multiple devices (Web, Mobile, API). Configures session timeouts to reduce risk of session hijacking. Allows users to log out and revoke active sessions. Detects and prevents session theft via new devices. Prevents logins from unauthorized regions. Ensures session consistency across distributed systems. Prevents multiple login attempts from the same IP. Enables users to access multiple services with one login. Tracks active sessions for security and compliance.
Generates unique, cryptographically secure API keys for authenticated users.
Stores API keys securely in an encrypted database. Assigns permissions to API keys based on user roles (Read, Write, Admin, etc.). Uses HMAC (Hash-based Message Authentication Code) for tamper-proof API requests. Prevents API abuse by limiting requests per second/minute/hour. Implements auto-expiring API keys and scheduled key rotation. Allows users to disable or revoke API keys instantly in case of compromise. Tracks all API key usage, failed access attempts, and anomalies. Limits API key access to specific IPs, regions, or devices. Supports different customers/tenants with segmented API keys. Ensures API key authenticity via public-private key cryptography.
Stores buy/sell orders in memory for real-time matching
Executes price-time priority, FIFO, or Pro-Rata order matching Handles incoming orders and places them in the correct execution order Confirms matched trades and sends execution reports Pre-trade risk assessment to prevent market manipulation Ensures low-latency execution for high-frequency traders Stores all executed trades for compliance and dispute resolution Manages RBAC, role-based access control policies Handles user session tracking and security Manages API key issuance, validation, and security Processes buy/sell orders with low latency Streams real-time order book and trade data Handles trade execution and transaction updates Manages post-trade clearing and settlement processes Provides liquidity and spread optimization
Manages real-time crypto transactions
Secures high-value crypto assets in offline storage Processes crypto deposits and monitors blockchain transactions Manages withdrawal approvals and compliance checks Maintains blockchain node connectivity Monitors suspicious transactions and flags risks Detects market manipulation and insider trading activities Implements least-privilege security model Monitors and prevents DDoS and cyber-attacks Ensures disaster recovery and data redundancy