Let’s say that – as a mental exercise – I’m building a simple CRUD system from first principles.
We’ll assume that my server process has got a way to authenticate the user associated with each request.
But then, what is to stop an authenticated user from turning adversarial and bombarding my system with requests to instantiate a new object of some type, until either the memory or the storage is exhausted?
My first thought is that each user should have some kind of object creation quota.
I’ve been looking through books on security and application design, and I can’t find any advice on implementing such quotas.
There is this bit of advice on the Common Weakness Enumeration:
But it just says that the solution is to recognize the attack and disallow further requests from the user. Then it acknowledges that this can be quite challenging.
It also touches on universal throttling, which is a possibility. But I still can’t find much advice on how to impose a logical limit on the number of requests per user per (minute? second?) that my server will handle.
Are there any published sources that describe a solution to this design issue, or any generally accepted advice?