Taq - Software Developer (Co-op)

Sep 2023 - Apr 2024

Markham, ON

image
  • Transformed a monolithic .NET application to a microservices architecture to improve maintainability and reduce costs, creating new SQL stored procedures for efficient data retrieval
  • Rewrote and migrated critical validation endpoints from C# to JavaScript, resulting in improved performance and maintainability; validated through Jest unit testing
  • Diagnosed and resolved critical bugs, including various timeout errors, increasing system efficiency by 15%
  • Migrated applications to AWS with Kubernetes and Docker, effectively using OpenLens for debugging
  • Improved efficiency of internal Python scripts by 60% though implementation of multi-threading
  • Perfromed Apache JMeter load testing to ensure application integrity and performance under stress
  • Created a SQL script to mask all PII data, ensuring compliance with SOC 2 standards
  • Developed a comprehensive plan for a file conversion and compression microservce to make files compatible with other microservices and reduce file sizes by 25%
  • Built a new React component to display information, enhancing user understanding


Co-op Assignment 2


Creating an SQL Masking Script for SOC Compliance

adhering to security standards like SOC is crucial for protecting sensitive information. One effective approach is implementing masking to obfuscate or anonymize data, reducing exposure risks. Here's a guide on creating an SQL masking script to make sure fields in a database are obfuscated:

Steps to Create an SQL Masking Script

  1. Identify Sensitive Data: Determine which columns in your database contain sensitive information such as credit card numbers, social security numbers, or personal identifiable information.

  2. Choose Masking Techniques: Select appropriate masking techniques based on the sensitivity of the data. Common methods include:

    • Partial Masking: Show only a portion of sensitive data (e.g., last four digits of a social insurance number). number).
    • Randomization: Replace original values with randomized data.
    • Substitution: Replace sensitive values with predefined values (e.g., replace names with generic labels like "Customer 1", "Customer 2", etc.).

  3. Create The Script: Implement the chosen masking techniques using SQL commands. Below is an example script using PostgreSQL syntax:

    -- Example: Masking Social Insurance Numbers
UPDATE customer_data
SET sin = CONCAT('XXX-XXX-', RIGHT(sin, 3)); -- Partial Masking

-- Example: Masking Credit Card Numbers
UPDATE payment_data
SET credit_card_number = 'XXXX-XXXX-XXXX-XXXX'

in the 2 examples above:

  1. the sin number is partially masked, with the last 4 digits being replace with an "x"
  2. the credit card number is fully masked, with all the digits being replaced with an "x"

Creating these scripts helps protect sensitive customer data and creates an extra line of defense in case of a data breach.



Co-op Assignment 1


Splitting monolithic applications into microservices

microservices have many benefits over monolithic applications such as:

  1. Improved scalability
  2. Easier Maintenance
  3. Easier to develop

This is due to the fact that each service is seperate from the rest making it easier to developers to increase the number of instances, fix bugs in each service, and not have to worry about too many dependencies when developing new features

Let's look at the following example:

# Monolithic Python Flask Application

from flask import Flask, render_template

app = Flask(__name__)

# Routes for different functionalities
@app.route('/')
def home():
    return render_template('home.html')

@app.route('/products')
def products():
    return render_template('products.html')

@app.route('/orders')
def orders():
    return render_template('orders.html')

if __name__ == '__main__':
    app.run(debug=True)

Now let's break this "monolith" (this is a very small example) into 2 different microservices:

catalog microservice

# Catalog Microservice

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/products')
def products():
    # Product-related logic
    return render_template('products.html')

if __name__ == '__main__':
    app.run(debug=True, port=5001)

order microservice

# Order Microservice

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/orders')
def orders():
    # Order-related logic
    return render_template('orders.html')

if __name__ == '__main__':
    app.run(debug=True, port=5002)

By splitting up this into 2 seperate microservices, you can decouple the logic, gaining all the benefits of using microservices