# 6-6. Security measures for SINRA systems

Within the SINRA system, assets like valuable information and private keys used for generating blockchain transactions are meticulously managed. To ensure their secure storage, multiple layers of security measures are in place. Below are some of the foundational precautions we take.

・User-Focused Marketplace:

　　Safe communication between the client (such as web browsers) and servers (like web servers) using the Secure Sockets Layer (SSL).

　　Except when necessary for specific processes (like inquiries or various applications), personal information (such as user ID) is not required when purchasing NFTs on the marketplace. Transactions are feasible with just wallet connections.

・Admin Dashboard:

　　Secure Sockets Layer (SSL): As mentioned above.

　　When accessing the admin dashboard, you can select from multiple restrictions and 　　　authentication methods, including:

　　Two-Factor Authentication (2FA)

　　Source IP Address Restriction

Wallet connection authentication during access or editing of specific data.

・Backend API:

　　Secure Sockets Layer (SSL): As previously mentioned.

　　Requirement for access via a bastion server in a secure zone (network).

　　Public key (Secure Shell: SSH) authentication and encryption.

　　Source IP Address Restriction.

　　JWT (JSON Web Token) authentication.

・Database:

　　Data encryption to prevent data exfiltration and tampering.

　　Data protection between the application and database using SSL/TLS.

　　Source IP Address Restriction.

　　Data protection through regular backups.

・Private Key:

　　Management of the private key, used to sign blockchain transactions, with Key Management Service (KMS).

　　Only multiple administrators authenticated via wallet connection can access the KMS.

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://paramita-inc.gitbook.io/sinra/6.-architecture/6-6.-security-measures-for-sinra-systems.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.