Manu Expedia Internship
Manu Expedia Internship
Manu Expedia Internship
(10/12/2018 - 25/1/2018)
Submitted by:-
Manupriyam Jindal
290/CO/15
Final Year Undergraduate Student
The satiation and euphoria that accompany the successful completion of the
project would be incomplete without the mention of the people who made it
possible.
I would like to take the opportunity to thank and express my deep sense of
gratitude to my corporate mentor Mr. Chirag Malik and my faculty mentor Mr.
Yasar Siddiqui. I am greatly indebted to both of them for providing their valuable
guidance at all stages of the study, their advice, constructive suggestions,
positive and supportive attitude and continuous encouragement, without which
it would have not been possible to complete the project.
I would also like to thank Mr. Saurabh Vajpayee (Project Manager) who in spite
of busy schedule has co-operated with me continuously and indeed, his
valuable contribution and guidance have been certainly indispensable for my
project work.
I am thankful to Mr. Rachit Jain for giving me the opportunity to work with
Expedia Group India Ltd. and learn.
I hope that I can build upon the experience and knowledge that I have gained
and make a valuable contribution towards this company in coming future.
Manupriyam Jindal
Employee ID -
87022
Introduction
About Expedia Group
Expedia Group is a United States based multinational travelling company
headquartered in Bellevue, United States. It comprises of numerous affiliated
businesses, most of them united under the Expedia brand, and is the world’s
2nd largest travelling company.
The travel industry is in a good place these days, with lower fuel prices(a major
cost item for airlines) and a still-buoyant domestic economy contributing to
robust overall growth. With its big, constantly growing portfolio of travel assets,
Expedia has benefited from its trend. For the most part, though, Expedia has
been a profitable company and has the resources to keep expanding its
portfolio.
Expedia pledges to bring the world within reach. Expedia targets on customer
centricity, local relevance on global basis. Expedia aims on attracting and
engaging the world of Travel Suppliers.
So the question is what is so good about Expedia that makes it one of the tech
crunch company in the world? With such a vast coverage of Expedia Group
from Australia to Europe to Asia to America, the company owns a very large
amount of data. And it is
very difficult for a normal person to manage all this data. So, here software
developers comes into play. They manage these data in such a way that it is
safe with Expedia. And also this data helps in betterment of the user
friendliness of Expedia software as well. Also since Expedia is a web and
mobile device based company. It is also important to maintain these websites
and mobile softwares. And also since Expedia Group owns total of 20
companies in itself. It requires a lot of empolyees to manage all of this as well.
One of the biggest reasons why Expedia beats the other established companies
in India is that it lets Expedians to work on the actual projects and not on any
side projects. It focuses not only on their customers but also on their employees.
Life at Expedia
Life at Expedia is pretty amazing. While they focus on customer, they focus
more on keeping their employees happy. Expedia provides all they benefits
one can ask for. From cab facility to delicious food for three course meal to
work from home benefits to flexible work hours. Expedia is a company which
gives the best work life balance one needed. With also always the prime
benefit of working with various technologies. One can grow with the company
and employees do feel like home in the company. Also company provides with
various fun activities to keep boosting the morale of the employees. Regular
outings to different places and added medical and travelling benefits are some
of the few luxuries that company offers.
During my internship I never felt like an intern it was like I was an integral part
of the company which also motivated me to perform efficiently with the project.
With constant guidance and support by my teammates. The transition from
college to company although only for two months did not felt like a scary thing.
It was smooth and good transition.
Expedia Philosophy
Expedia philosophy is “We will devote our human resources and technology to
create superior products and services, thereby contributing to a better global
society.
Expedia values their people with a strong belief in “A company is its people”
philosophy and providing opportunities to perform at their full potential”.
Expedia values excellence. The company gives its best efforts with endless
passion and a challenge spirit to become world best in every way.
Expedia values change. Expedia rapidly take initiative in executing change and
innovation with a risk awareness. They believe, that they cannot survive if they
do not constantly strive to innovate.
Expedia values integrity. At Expedia, everyone acts in a right and ethical way in
all manners, ensuring fairness with honor and grace.
The objective of the project was “to create and additional layer of security on the
existing security data pipeline ingestion framework and control the framework
using the same layer by creation of an Admin UI – the Boomerang Control
Centre”, for that we have to understand the Amazon Web Service’s various
products like AWS Lambda, AWS ApiGateway, AWS S3 Bucket, AWS
Cloudfront, AWS Cognito, AWS WAF and Shield, ADFS and also various
frameworks of java language like Spring Boot. The objective of the study was to
make us familiar with these products so that we could be able to integrate it within
our existing software.
The project was started on 4th of June after knowing all the relevant information
regarding the project, under the guidance of Mr. Yasar Siddiqui(Senior Software
Developer Engineer). The first part of my internship involves the study of the
architecture of Expedia software backend. Understand the OOPs concept used
by Expedians. This helps fellow employee to understand my code and suggest
changes to it. For this I used world wide web as a primary source of information
for study, also attended a week with Mr. Chirag Malik to understand the
architecture of the existing security data pipeline ingestion framework.
Since the next part of my project was to get my hands-on on code. Hence, the
detailed study provided me a rough idea in writing code and my corporate mentor
guided me in debugging the code.
Project Development
Objective
To create and additional layer of security on the existing security data pipeline
ingestion framework and control the framework using the same layer by creation of
an Admin UI – the Boomerang Control Centre
Overview
The application will allow control of security data pipeline ingestion.
Using the tool, the users can:
✓ View, activate/deactivate and update all Splunk agents and CloudWatch
partners.
✓ View, Create and Edit existing partner accounts.
✓ View all log ingestion queries, schedule new log ingestion queries, and edit
existing ones.
✓ Request replays to fill data holes and view replays and it’s tasks for a
particular agent.
The application will be authenticated via ADFS and will authorize users by allowing
access to only those in appropriate security groups.
Setup of Continuous Integration Continuous Development (CICD) for further
development and improvements in the application (Jenkins Pipeline)
Authorization and Authentication
➢ Features
• Users Register and get mail verified
➢ Strategy used
• Locally saving users and then authentication
Architecture:
Shortcomings:
• New registering user require approval from admin of the user pool account
• The users have to remember the passwords for this particular app, making this
highly inconvenient to use.
• Users have to enter personal data on their own, making the process
cumbersome.
Reason:
1. Single Sign on supported by ADFS.
2. LDAP involves creating a client side login page.
3. LDAP service user credentials needs to be stored and managed at service
end, making the service insecure.
Strategy 1
Directly returning SAML from ADFS and then using it to authenticate and authorize
on client side.
Shortcomings:
• If the callback URL changes, then service now ticket should be raised to change
relying party which takes time.
• Highly insecure as the authentication and the authorization is done at client side.
• S3 can only receive GET requests, making the SAML response to be sent back
as query string, making a bound on the SAML length due to URL length
limitations.
Strategy 2 – Using AWS Cognito
Using AWS Cognito to create temporary access and identity token authenticated and
authorized by mapping of SAML Response returned from the ADFS server. The
validity of these tokens is an hour and it these are JWTs, which are secured by a
passkey, making decoding of these tokens and manipulating them to infiltrate the
application impossible.
Application Firewall
To secure the access of the application only from Expedia trusted IPs and VPNs,
AWS WAF and Shield is used.
Java
Angular 4
JSON
These are universal data structres. Virtually all modern programming languages
support them in one form or another. It makes sense that a data format that is
interchangable with the programming languages also be based on these
structures.
GIT
Git is a version control system for tracking changes in computer files and
coordinating work on those files among multiple people. It is primarily used for
source code management in software development, but it can be used to keep
track of changes in any set of files. As a distributed revision control system, it is
aimed at speed, data integrity, and support for distributed, non-linear workflows.
AWS Lambda
AWS Lambda is a serverless compute service that runs your code in response
to events and automatically manages the underlying compute resources for
user. User can use AWS Lambda to extend other AWS services with custom
logic, or create your own back-end services that operate at AWS scale,
performance, and security. AWS Lambda can automatically run code in
response to multiple events, such as HTTP requests via Amazon API Gateway,
modifications to objects in Amazon S3 buckets, table updates in Amazon
DynamoDB, and state transitions in AWS Step Functions.
AWS WAF is a web application firewall that lets you monitor the HTTP and
HTTPS requests that are forwarded to an Amazon API Gateway API, Amazon
CloudFront or an Application Load Balancer. AWS WAF also lets you control
access to your content. Based on conditions that you specify, such as the IP
addresses that requests originate from or the values of query strings, API
Gateway, CloudFront or an Application Load Balancer responds to requests
either with the requested content or with an HTTP 403 status code (Forbidden).
Amazon Cloudfront
Amazon Cognito
Amazon Cognito lets you add user sign-up, sign-in, and access control to your
web and mobile apps quickly and easily. Amazon Cognito scales to millions of
users and supports sign-in with social identity providers, such as Facebook,
Google, and Amazon, and enterprise identity providers via SAML 2.0.
Sign up now
References
https://www.expediagroup.com/
https://www.expediagroup.com/about/
https://www.expediagroup.com/expedia-brands/
https://www.draw.io/
https://aws.amazon.com/lambda/
https://aws.amazon.com/apigateway/
https://aws.amazon.com/s3bucket/
https://aws.amazon.com/waf/
https://aws.amazon.com/cloudfront/
https://aws.amazon.com/cognito/
https://angular.io/
https://www.oracle.com/java/
.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: