> SECURITY BEST PRACTICES [PRODUCTION READY]

▶ ENTERPRISE SECURITY ARCHITECTURE

OAUTH2 · VALIDATION · AUDIT · SANDBOX

OAuth2 authentication, input validation, audit logs, and sandboxed execution

┌──────────────────────────────────────────────────────────────────┐ │ SECURITY ARCHITECTURE │ ├──────────────────────────────────────────────────────────────────┤ │ │ │ ┌─────────────┐ OAuth2/JWT ┌─────────────┐ │ │ │ CLIENT │◄────────────────►│ AUTH SERVER │ │ │ │ (Claude) │ │ │ │ │ └─────────────┘ └─────────────┘ │ │ │ │ │ │ ▼ Validated Token ▼ │ │ ┌─────────────┐ ┌─────────────┐ │ │ │ MCP SERVER │◄─────────────────┤ VALIDATION │ │ │ │ │ │ MIDDLEWARE │ │ │ └─────────────┘ └─────────────┘ │ │ │ │ │ ▼ │ │ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │ │ │INPUT VALID │────►│SANDBOX EXEC │────►│AUDIT LOGGER │ │ │ │ + SCHEMA │ │ + LIMITS │ │ + MONITOR │ │ │ └─────────────┘ └─────────────┘ └─────────────┘ │ │ │ │ Multi-layered security with defense in depth principles │ └──────────────────────────────────────────────────────────────────┘

▶ CRITICAL SECURITY PATTERNS

🔐 AUTHENTICATION

OAuth2 for HTTP servers, token validation

✅ INPUT VALIDATION

Schema enforcement, type checking, bounds validation

🏰 SANDBOXING

Restricted file access, process isolation, resource limits

▶ ROOTS-BASED ACCESS CONTROL

{
  "server_config": {
    "name": "secure-filesystem",
    "roots": [
      {
        "uri": "file:///workspace/project1",
        "name": "Project 1 Files",
        "description": "Read/write access to project files only"
      },
      {
        "uri": "file:///shared/docs",
        "name": "Shared Documentation",
        "description": "Read-only access to documentation"
      }
    ]
  }
}

Access Control Benefits:

Scope Limitation: Servers can only access defined roots
Path Traversal Prevention: Cannot access parent directories
Audit Trail: All file operations logged with root context
Principle of Least Privilege: Minimal necessary permissions

🎮 LIVE DEMO: SECURITY CONSIDERATIONS

DEMONSTRATION: printEnv tool - safe for local debug, dangerous remotely

$ mcp-inspector
> Examine printEnv tool security implications

[LOCAL DEVELOPMENT]
Call: printEnv()
Result: {
  "NODE_ENV": "development",
  "PATH": "/usr/local/bin:/usr/bin",
  "HOME": "/Users/developer",
  "DEMO_MODE": "true"
}
Status: ✅ Safe - controlled environment

[PRODUCTION DEPLOYMENT]
Call: printEnv()
Security Risk: ❌ HIGH RISK
Reason: Could expose:
  - Database credentials
  - API keys and secrets
  - Internal service URLs
  - System configuration details

[MITIGATION]
- Environment filtering
- Production mode restrictions
- Audit logging for sensitive operations
- Role-based access controls

Security Assessment Framework:

Risk Classification: Low/Medium/High/Critical
Environment Context: Development vs Production
Data Sensitivity: Public vs Internal vs Secret
Access Controls: Who can execute what tools

▶ INPUT VALIDATION & SCHEMA ENFORCEMENT

from pydantic import BaseModel, validator
from typing import Literal

class SecureToolInput(BaseModel):
    file_path: str
    operation: Literal["read", "write", "delete"]
    max_size_bytes: int = 1024 * 1024  # 1MB default

    @validator('file_path')
    def validate_file_path(cls, v):
        # Prevent path traversal
        if '..' in v or v.startswith('/'):
            raise ValueError("Invalid file path")
        return v

    @validator('max_size_bytes')
    def validate_size(cls, v):
        if v > 10 * 1024 * 1024:  # 10MB max
            raise ValueError("File size exceeds limit")
        return v

▶ AUDIT & MONITORING

📊 COMPREHENSIVE LOGGING

All tool executions, parameter values, results

🚨 ANOMALY DETECTION

Unusual patterns, failed authentications, suspicious activity

📈 PERFORMANCE MONITORING

Resource usage, response times, error rates

🔍 FORENSIC CAPABILITIES

Full request/response chains for security analysis

✅ PRODUCTION SECURITY CHECKLIST

├── Authentication       │ OAuth2/JWT token validation
├── Authorization        │ Role-based access controls (RBAC)
├── Input Validation     │ Schema enforcement, bounds checking
├── Output Sanitization  │ Prevent data leakage, XSS protection
├── Audit Logging        │ Comprehensive request/response logging
├── Rate Limiting        │ Prevent abuse and DoS attacks
├── Encryption           │ TLS in transit, encryption at rest
├── Sandbox Execution    │ Process isolation, resource limits
├── Dependency Security  │ Regular security updates, CVE monitoring
└── Incident Response    │ Alerting, containment, recovery procedures