diff --git a/resources/noat.cards/Application layer.md b/resources/noat.cards/Application layer.md index ae867b58..2c370154 100644 --- a/resources/noat.cards/Application layer.md +++ b/resources/noat.cards/Application layer.md @@ -23,16 +23,16 @@ Related to this discussion are [microservices](https://en.wikipedia.org/wiki/Mic Pinterest, for example, could have the following microservices: user profile, follower, feed, search, photo upload, etc. -### Service Discovery +## Service Discovery Systems such as [Zookeeper](http://www.slideshare.net/sauravhaloi/introduction-to-apache-zookeeper) can help services find each other by keeping track of registered names, addresses, ports, etc. -### Disadvantage(s) : application layer +## Disadvantage(s) : application layer - Adding an application layer with loosely coupled services requires a different approach from an architectural, operations, and process viewpoint (vs a monolithic system) . - Microservices can add complexity in terms of deployments and operations. -### Source(s) and further reading +## Source(s) and further reading - [Intro to architecting systems for scale](http://lethain.com/introduction-to-architecting-systems-for-scale) - [Crack the system design interview](http://www.puncsky.com/blog/2016/02/14/crack-the-system-design-interview/) diff --git a/resources/noat.cards/Availability patterns.md b/resources/noat.cards/Availability patterns.md index 09f0d3ba..1ba96e8b 100644 --- a/resources/noat.cards/Availability patterns.md +++ b/resources/noat.cards/Availability patterns.md @@ -15,7 +15,7 @@ The length of downtime is determined by whether the passive server is already ru Active-passive failover can also be referred to as master-slave failover. -### Active-active (Fail-Over) +## Active-active (Fail-Over) In active-active, both servers are managing traffic, spreading the load between them. @@ -23,39 +23,40 @@ If the servers are public-facing, the DNS would need to know about the public IP Active-active failover can also be referred to as master-master failover. -### Disadvantage(s) : failover +## Disadvantage(s) : failover - Fail-over adds more hardware and additional complexity. - There is a potential for loss of data if the active system fails before any newly written data can be replicated to the passive. -### Master-slave replication +## Master-slave replication The master serves reads and writes, replicating writes to one or more slaves, which serve only reads. Slaves can also replicate to additional slaves in a tree-like fashion. If the master goes offline, the system can continue to operate in read-only mode until a slave is promoted to a master or a new master is provisioned. -[![](https://camo.githubusercontent.com/6a097809b9690236258747d969b1d3e0d93bb8ca/687474703a2f2f692e696d6775722e636f6d2f4339696f47746e2e706e67) ](https://camo.githubusercontent.com/6a097809b9690236258747d969b1d3e0d93bb8ca/687474703a2f2f692e696d6775722e636f6d2f4339696f47746e2e706e67) +![](https://camo.githubusercontent.com/6a097809b9690236258747d969b1d3e0d93bb8ca/687474703a2f2f692e696d6775722e636f6d2f4339696f47746e2e706e67) + _[Source: Scalability, availability, stability, patterns](http://www.slideshare.net/jboner/scalability-availability-stability-patterns/) _ -### Disadvantage(s) : master-slave replication +## Disadvantage(s) : master-slave replication - Additional logic is needed to promote a slave to a master. - See [Disadvantage(s) : replication](https://github.com/donnemartin/system-design-primer#disadvantages-replication) for points related to both master-slave and master-master. -### Master-master replication +## Master-master replication Both masters serve reads and writes and coordinate with each other on writes. If either master goes down, the system can continue to operate with both reads and writes. -[![](https://camo.githubusercontent.com/5862604b102ee97d85f86f89edda44bde85a5b7f/687474703a2f2f692e696d6775722e636f6d2f6b7241484c47672e706e67) ](https://camo.githubusercontent.com/5862604b102ee97d85f86f89edda44bde85a5b7f/687474703a2f2f692e696d6775722e636f6d2f6b7241484c47672e706e67) +![](https://camo.githubusercontent.com/5862604b102ee97d85f86f89edda44bde85a5b7f/687474703a2f2f692e696d6775722e636f6d2f6b7241484c47672e706e67) _[Source: Scalability, availability, stability, patterns](http://www.slideshare.net/jboner/scalability-availability-stability-patterns/) _ -### Disadvantage(s) : master-master replication +## Disadvantage(s) : master-master replication - You'll need a load balancer or you'll need to make changes to your application logic to determine where to write. - Most master-master systems are either loosely consistent (violating ACID) or have increased write latency due to synchronization. - Conflict resolution comes more into play as more write nodes are added and as latency increases. - See [Disadvantage(s) : replication](https://github.com/donnemartin/system-design-primer#disadvantages-replication) for points related to both master-slave and master-master. -### Disadvantage(s) : replication +## Disadvantage(s) : replication - There is a potential for loss of data if the master fails before any newly written data can be replicated to other nodes. - Writes are replayed to the read replicas. If there are a lot of writes, the read replicas can get bogged down with replaying writes and can't do as many reads. @@ -63,7 +64,7 @@ _[Source: Scalability, availability, stability, patterns](http://www.slideshare. - On some systems, writing to the master can spawn multiple threads to write in parallel, whereas read replicas only support writing sequentially with a single thread. - Replication adds more hardware and additional complexity. -### Source(s) and further reading: replication +## Source(s) and further reading: replication - [Scalability, availability, stability, patterns](http://www.slideshare.net/jboner/scalability-availability-stability-patterns/) - [Multi-master replication](https://en.wikipedia.org/wiki/Multi-master_replication) \ No newline at end of file diff --git a/resources/noat.cards/Availability vs consistency.md b/resources/noat.cards/Availability vs consistency.md index 2da924ff..abbe8651 100644 --- a/resources/noat.cards/Availability vs consistency.md +++ b/resources/noat.cards/Availability vs consistency.md @@ -5,10 +5,11 @@ isdraft = False # Availability vs consistency -### CAP theorem +## CAP theorem -[![](https://camo.githubusercontent.com/13719354da7dcd34cd79ff5f8b6306a67bc18261/687474703a2f2f692e696d6775722e636f6d2f62674c4d4932752e706e67) ](https://camo.githubusercontent.com/13719354da7dcd34cd79ff5f8b6306a67bc18261/687474703a2f2f692e696d6775722e636f6d2f62674c4d4932752e706e67) -_[Source: CAP theorem revisited](http://robertgreiner.com/2014/08/cap-theorem-revisited) _ +![](https://camo.githubusercontent.com/13719354da7dcd34cd79ff5f8b6306a67bc18261/687474703a2f2f692e696d6775722e636f6d2f62674c4d4932752e706e67) + +[Source: CAP theorem revisited](http://robertgreiner.com/2014/08/cap-theorem-revisited) In a distributed computer system, you can only support two of the following guarantees: @@ -28,7 +29,7 @@ Responses return the most recent version of the data, which might not be the lat AP is a good choice if the business needs allow for [eventual consistency](https://github.com/donnemartin/system-design-primer#eventual-consistency) or when the system needs to continue working despite external errors. -### Source(s) and further reading +## Source(s) and further reading - [CAP theorem revisited](http://robertgreiner.com/2014/08/cap-theorem-revisited/) - [A plain english introduction to CAP theorem](http://ksat.me/a-plain-english-introduction-to-cap-theorem/) diff --git a/resources/noat.cards/Cache locations.md b/resources/noat.cards/Cache locations.md index 7f225332..7227f3c0 100644 --- a/resources/noat.cards/Cache locations.md +++ b/resources/noat.cards/Cache locations.md @@ -6,23 +6,23 @@ isdraft = False # Cache locations -### Client caching +## Client caching Caches can be located on the client side (OS or browser) , [server side](https://github.com/donnemartin/system-design-primer#reverse-proxy) , or in a distinct cache layer. -### CDN caching +## CDN caching [CDNs](https://github.com/donnemartin/system-design-primer#content-delivery-network) are considered a type of cache. -### Web server caching +## Web server caching [Reverse proxies](https://github.com/donnemartin/system-design-primer#reverse-proxy-web-server) and caches such as [Varnish](https://www.varnish-cache.org/) can serve static and dynamic content directly. Web servers can also cache requests, returning responses without having to contact application servers. -### Database caching +## Database caching Your database usually includes some level of caching in a default configuration, optimized for a generic use case. Tweaking these settings for specific usage patterns can further boost performance. -### Application caching +## Application caching In-memory caches such as Memcached and Redis are key-value stores between your application and your data storage. Since the data is held in RAM, it is much faster than typical databases where data is stored on disk. RAM is more limited than disk, so [cache invalidation](https://en.wikipedia.org/wiki/Cache_algorithms) algorithms such as [least recently used (LRU) ](https://en.wikipedia.org/wiki/Cache_algorithms#Least_Recently_Used) can help invalidate 'cold' entries and keep 'hot' data in RAM. diff --git a/resources/noat.cards/Cache-aside.md b/resources/noat.cards/Cache-aside.md index 240e747c..a0da8157 100644 --- a/resources/noat.cards/Cache-aside.md +++ b/resources/noat.cards/Cache-aside.md @@ -7,7 +7,8 @@ isdraft = False ## Introduction -[![](https://camo.githubusercontent.com/7f5934e49a678b67f65e5ed53134bc258b007ebb/687474703a2f2f692e696d6775722e636f6d2f4f4e6a4f52716b2e706e67) ](https://camo.githubusercontent.com/7f5934e49a678b67f65e5ed53134bc258b007ebb/687474703a2f2f692e696d6775722e636f6d2f4f4e6a4f52716b2e706e67) +![](https://camo.githubusercontent.com/7f5934e49a678b67f65e5ed53134bc258b007ebb/687474703a2f2f692e696d6775722e636f6d2f4f4e6a4f52716b2e706e67) + _[Source: From cache to in-memory data grid](http://www.slideshare.net/tmatyashovsky/from-cache-to-in-memory-data-grid-introduction-to-hazelcast) _ The application is responsible for reading and writing from storage. The cache does not interact with storage directly. The application does the following: diff --git a/resources/noat.cards/Cache.md b/resources/noat.cards/Cache.md index ae34a915..903f1bb1 100644 --- a/resources/noat.cards/Cache.md +++ b/resources/noat.cards/Cache.md @@ -6,21 +6,22 @@ isdraft = False # Cache -### Cache - Introduction -[![](https://camo.githubusercontent.com/7acedde6aa7853baf2eb4a53f88e2595ebe43756/687474703a2f2f692e696d6775722e636f6d2f51367a32344c612e706e67) ](https://camo.githubusercontent.com/7acedde6aa7853baf2eb4a53f88e2595ebe43756/687474703a2f2f692e696d6775722e636f6d2f51367a32344c612e706e67) +## Cache - Introduction +![](https://camo.githubusercontent.com/7acedde6aa7853baf2eb4a53f88e2595ebe43756/687474703a2f2f692e696d6775722e636f6d2f51367a32344c612e706e67) + _[Source: Scalable system design patterns](http://horicky.blogspot.com/2010/10/scalable-system-design-patterns.html) _ Caching improves page load times and can reduce the load on your servers and databases. In this model, the dispatcher will first lookup if the request has been made before and try to find the previous result to return, in order to save the actual execution. Databases often benefit from a uniform distribution of reads and writes across its partitions. Popular items can skew the distribution, causing bottlenecks. Putting a cache in front of a database can help absorb uneven loads and spikes in traffic. -### Disadvantage(s) : cache +## Disadvantage(s) : cache - Need to maintain consistency between caches and the source of truth such as the database through [cache invalidation](https://en.wikipedia.org/wiki/Cache_algorithms) . - Need to make application changes such as adding Redis or memcached. - Cache invalidation is a difficult problem, there is additional complexity associated with when to update the cache. -### Source(s) and further reading +## Source(s) and further reading - [From cache to in-memory data grid](http://www.slideshare.net/tmatyashovsky/from-cache-to-in-memory-data-grid-introduction-to-hazelcast) - [Scalable system design patterns](http://horicky.blogspot.com/2010/10/scalable-system-design-patterns.html) diff --git a/resources/noat.cards/Communication.md b/resources/noat.cards/Communication.md index cf3bc5b3..17c02490 100644 --- a/resources/noat.cards/Communication.md +++ b/resources/noat.cards/Communication.md @@ -1,5 +1,5 @@ -Communication +# Communication ------------- --- -[![](https://camo.githubusercontent.com/1d761d5688d28ce1fb12a0f1c8191bca96eece4c/687474703a2f2f692e696d6775722e636f6d2f354b656f6351732e6a7067) ](https://camo.githubusercontent.com/1d761d5688d28ce1fb12a0f1c8191bca96eece4c/687474703a2f2f692e696d6775722e636f6d2f354b656f6351732e6a7067) +![](https://camo.githubusercontent.com/1d761d5688d28ce1fb12a0f1c8191bca96eece4c/687474703a2f2f692e696d6775722e636f6d2f354b656f6351732e6a7067) _[Source: OSI 7 layer model](http://www.escotal.com/osilayer.html) _ \ No newline at end of file diff --git a/resources/noat.cards/Consistency patterns.md b/resources/noat.cards/Consistency patterns.md index 5d0aa77c..6a4bd22f 100644 --- a/resources/noat.cards/Consistency patterns.md +++ b/resources/noat.cards/Consistency patterns.md @@ -9,24 +9,24 @@ isdraft = False With multiple copies of the same data, we are faced with options on how to synchronize them so clients have a consistent view of the data. Recall the definition of consistency from the [CAP theorem](https://github.com/donnemartin/system-design-primer#cap-theorem) - Every read receives the most recent write or an error. -### Weak consistency +## Weak consistency After a write, reads may or may not see it. A best effort approach is taken. This approach is seen in systems such as memcached. Weak consistency works well in real time use cases such as VoIP, video chat, and realtime multiplayer games. For example, if you are on a phone call and lose reception for a few seconds, when you regain connection you do not hear what was spoken during connection loss. -### Eventual consistency +## Eventual consistency After a write, reads will eventually see it (typically within milliseconds) . Data is replicated asynchronously. This approach is seen in systems such as DNS and email. Eventual consistency works well in highly available systems. -### Strong consistency +## Strong consistency After a write, reads will see it. Data is replicated synchronously. This approach is seen in file systems and RDBMSes. Strong consistency works well in systems that need transactions. -### Source(s) and further reading +## Source(s) and further reading - [Transactions across data centers](http://snarfed.org/transactions_across_datacenters_io.html) \ No newline at end of file diff --git a/resources/noat.cards/Content delivery network.md b/resources/noat.cards/Content delivery network.md index 8dc05c6b..36e4c196 100644 --- a/resources/noat.cards/Content delivery network.md +++ b/resources/noat.cards/Content delivery network.md @@ -7,7 +7,8 @@ isdraft = False # Content delivery network -[![](https://camo.githubusercontent.com/853a8603651149c686bf3c504769fc594ff08849/687474703a2f2f692e696d6775722e636f6d2f683954417547492e6a7067) ](https://camo.githubusercontent.com/853a8603651149c686bf3c504769fc594ff08849/687474703a2f2f692e696d6775722e636f6d2f683954417547492e6a7067) +![](https://camo.githubusercontent.com/853a8603651149c686bf3c504769fc594ff08849/687474703a2f2f692e696d6775722e636f6d2f683954417547492e6a7067) + _[Source: Why use a CDN](https://www.creative-artworks.eu/why-use-a-content-delivery-network-cdn/) _ A content delivery network (CDN) is a globally distributed network of proxy servers, serving content from locations closer to the user. Generally, static files such as HTML/CSS/JSS, photos, and videos are served from CDN, although some CDNs such as Amazon's CloudFront support dynamic content. The site's DNS resolution will tell clients which server to contact. @@ -17,13 +18,13 @@ Serving content from CDNs can significantly improve performance in two ways: - Users receive content at data centers close to them - Your servers do not have to serve requests that the CDN fulfills -### Push CDNs +## Push CDNs Push CDNs receive new content whenever changes occur on your server. You take full responsibility for providing content, uploading directly to the CDN and rewriting URLs to point to the CDN. You can configure when content expires and when it is updated. Content is uploaded only when it is new or changed, minimizing traffic, but maximizing storage. Sites with a small amount of traffic or sites with content that isn't often updated work well with push CDNs. Content is placed on the CDNs once, instead of being re-pulled at regular intervals. -### Pull CDNs +## Pull CDNs Pull CDNs grab new content from your server when the first user requests the content. You leave the content on your server and rewrite URLs to point to the CDN. This results in a slower request until the content is cached on the server. @@ -31,13 +32,13 @@ Pull CDNs grab new content from your server when the first user requests the con Sites with heavy traffic work well with pull CDNs, as traffic is spread out more evenly with only recently-requested content remaining on the CDN. -### Disadvantage(s) : CDN +## Disadvantage(s) : CDN - CDN costs could be significant depending on traffic, although this should be weighed with additional costs you would incur not using a CDN. - Content might be stale if it is updated before the TTL expires it. - CDNs require changing URLs for static content to point to the CDN. -### Source(s) and further reading +## Source(s) and further reading - [Globally distributed content delivery](http://repository.cmu.edu/cgi/viewcontent.cgi?article=2112&context=compsci) - [The differences between push and pull CDNs](http://www.travelblogadvice.com/technical/the-differences-between-push-and-pull-cdns/) diff --git a/resources/noat.cards/Database caching, what to cache.md b/resources/noat.cards/Database caching, what to cache.md index 429e5617..ef618c49 100644 --- a/resources/noat.cards/Database caching, what to cache.md +++ b/resources/noat.cards/Database caching, what to cache.md @@ -5,7 +5,7 @@ isdraft = False # Database caching, what to cache -### Introduction +## Introduction There are multiple levels you can cache that fall into two general categories: database queries and objects: @@ -16,14 +16,14 @@ There are multiple levels you can cache that fall into two general categories: d Generaly, you should try to avoid file-based caching, as it makes cloning and auto-scaling more difficult. -### Caching at the database query level +## Caching at the database query level Whenever you query the database, hash the query as a key and store the result to the cache. This approach suffers from expiration issues: - Hard to delete a cached result with complex queries - If one piece of data changes such as a table cell, you need to delete all cached queries that might include the changed cell -### Caching at the object level +## Caching at the object level See your data as an object, similar to what you do with your application code. Have your application assemble the dataset from the database into a class instance or a data structure(s) : diff --git a/resources/noat.cards/Database.md b/resources/noat.cards/Database.md index ccc5a3bb..a1f74dd1 100644 --- a/resources/noat.cards/Database.md +++ b/resources/noat.cards/Database.md @@ -6,10 +6,13 @@ isdraft = False # Database -[![](https://camo.githubusercontent.com/15a7553727e6da98d0de5e9ca3792f6d2b5e92d4/687474703a2f2f692e696d6775722e636f6d2f586b6d3543587a2e706e67) ](https://camo.githubusercontent.com/15a7553727e6da98d0de5e9ca3792f6d2b5e92d4/687474703a2f2f692e696d6775722e636f6d2f586b6d3543587a2e706e67) + +## Relational database management system (RDBMS) + +![](https://camo.githubusercontent.com/15a7553727e6da98d0de5e9ca3792f6d2b5e92d4/687474703a2f2f692e696d6775722e636f6d2f586b6d3543587a2e706e67) + _[Source: Scaling up to your first 10 million users](https://www.youtube.com/watch?v=vg5onp8TU6Q) _ -### Relational database management system (RDBMS) A relational database like SQL is a collection of data items organized in tables. diff --git a/resources/noat.cards/Domain name system.md b/resources/noat.cards/Domain name system.md index f7e9ff6a..387a32ae 100644 --- a/resources/noat.cards/Domain name system.md +++ b/resources/noat.cards/Domain name system.md @@ -28,13 +28,13 @@ Services such as [CloudFlare](https://www.cloudflare.com/dns/) and [Route 53](h - Latency-based - Geolocation-based -### Disadvantage(s) : DNS +## Disadvantage(s) : DNS - Accessing a DNS server introduces a slight delay, although mitigated by caching described above. - DNS server management could be complex, although they are generally managed by [governments, ISPs, and large companies](http://superuser.com/questions/472695/who-controls-the-dns-servers/472729) . - DNS services have recently come under DDoS attack, preventing users from accessing websites such as Twitter without knowing Twitter's IP address(es) . -### Source(s) and further reading +## Source(s) and further reading - [DNS architecture](https://technet.microsoft.com/en-us/library/dd197427(v=ws.10) .aspx) - [Wikipedia](https://en.wikipedia.org/wiki/Domain_Name_System) diff --git a/resources/noat.cards/Hypertext transfer protocol (HTTP).md b/resources/noat.cards/Hypertext transfer protocol (HTTP).md index cb81c052..114a7fa0 100644 --- a/resources/noat.cards/Hypertext transfer protocol (HTTP).md +++ b/resources/noat.cards/Hypertext transfer protocol (HTTP).md @@ -14,7 +14,7 @@ perform load balancing, caching, encryption, and compression. A basic HTTP request consists of a verb (method) and a resource (endpoint) . Below are common HTTP verbs: -| Verb | Description | Idempotent* | Safe | Cacheable | +| Verb | Description | Idempotent\* | Safe | Cacheable | |---|---|---|---|---| | GET | Reads a resource | Yes | Yes | Yes | | POST | Creates a resource or trigger a process that handles data | No | No | Yes if response contains freshness info | diff --git a/resources/noat.cards/Latency numbers every programmer should know.md b/resources/noat.cards/Latency numbers every programmer should know.md index 6d95ce6e..437a779c 100644 --- a/resources/noat.cards/Latency numbers every programmer should know.md +++ b/resources/noat.cards/Latency numbers every programmer should know.md @@ -1,4 +1,4 @@ -### Latency numbers every programmer should know +## Latency numbers every programmer should know --- Latency Comparison Numbers -------------------------- diff --git a/resources/noat.cards/Load balancer.md b/resources/noat.cards/Load balancer.md index b736ea74..e1123039 100644 --- a/resources/noat.cards/Load balancer.md +++ b/resources/noat.cards/Load balancer.md @@ -57,8 +57,8 @@ Load balancers can also help with horizontal scaling, improving performance and ## Disadvantage(s) : horizontal scaling - Scaling horizontally introduces complexity and involves cloning servers - * Servers should be stateless: they should not contain any user-related data like sessions or profile pictures - * Sessions can be stored in a centralized data store such as a [database](https://github.com/donnemartin/system-design-primer#database) (SQL, NoSQL) or a persistent [cache](https://github.com/donnemartin/system-design-primer#cache) (Redis, Memcached) + - Servers should be stateless: they should not contain any user-related data like sessions or profile pictures + - Sessions can be stored in a centralized data store such as a [database](https://github.com/donnemartin/system-design-primer#database) (SQL, NoSQL) or a persistent [cache](https://github.com/donnemartin/system-design-primer#cache) (Redis, Memcached) - Downstream servers such as caches and databases need to handle more simultaneous connections as upstream servers scale out ## Disadvantage(s) : load balancer diff --git a/resources/noat.cards/Performance vs scalability.md b/resources/noat.cards/Performance vs scalability.md index 7e9d89bf..679ce55c 100644 --- a/resources/noat.cards/Performance vs scalability.md +++ b/resources/noat.cards/Performance vs scalability.md @@ -14,7 +14,7 @@ Another way to look at performance vs scalability: - If you have a performance problem, your system is slow for a single user. - If you have a scalability problem, your system is fast for a single user but slow under heavy load. -### Source(s) and further reading +## Source(s) and further reading - [A word on scalability](http://www.allthingsdistributed.com/2006/03/a_word_on_scalability.html) - [Scalability, availability, stability, patterns](http://www.slideshare.net/jboner/scalability-availability-stability-patterns/) \ No newline at end of file diff --git a/resources/noat.cards/SQL tuning.md b/resources/noat.cards/SQL tuning.md index bcbb653b..a6e96c23 100644 --- a/resources/noat.cards/SQL tuning.md +++ b/resources/noat.cards/SQL tuning.md @@ -28,7 +28,7 @@ Benchmarking and profiling might point you to the following optimizations. - `VARCHAR(255) ` is the largest number of characters that can be counted in an 8 bit number, often maximizing the use of a byte in some RDBMS. - Set the `NOT NULL` constraint where applicable to [improve search performance](http://stackoverflow.com/questions/1017239/how-do-null-values-affect-performance-in-a-database-search) . -### Use good indices +## Use good indices - Columns that you are querying (`SELECT`, `GROUP BY`, `ORDER BY`, `JOIN`) could be faster with indices. - Indices are usually represented as self-balancing [B-tree](https://en.wikipedia.org/wiki/B-tree) that keeps data sorted and allows searches, sequential access, insertions, and deletions in logarithmic time. diff --git a/resources/noat.cards/Security.md b/resources/noat.cards/Security.md index 7af49afd..a0e0ec17 100644 --- a/resources/noat.cards/Security.md +++ b/resources/noat.cards/Security.md @@ -10,7 +10,7 @@ Security is a broad topic. Unless you have considerable experience, a security b - Use parameterized queries to prevent SQL injection. - Use the principle of [least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege) . -### [](https://github.com/donnemartin/system-design-primer#sources-and-further-reading-12) Source(s) and further reading +## Source(s) and further reading - [Security guide for developers](https://github.com/FallibleInc/security-guide-for-developers) - [OWASP top ten](https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet) \ No newline at end of file