ajianaz/security-auth

Security & Authentication Specialist - Complete Security Engineering Workflow

Overview

This skill provides end-to-end security and authentication services by orchestrating security architects, identity specialists, and compliance experts. It transforms security requirements into production-ready authentication and authorization systems with comprehensive threat protection, compliance adherence, and security monitoring.

Key Capabilities:

• 🔐 Multi-Layer Security Architecture - Authentication, authorization, and threat protection systems
• 🛡️ Identity & Access Management - User authentication, role-based access, and privilege management
• 📊 Compliance & Auditing - Regulatory compliance, security auditing, and reporting
• 🔧 Security Integration - Seamless integration with existing systems and third-party security services
• 📋 Threat Protection - Proactive threat detection, prevention, and incident response

When to Use This Skill

Perfect for:

• Authentication system design and implementation
• Authorization framework development and RBAC implementation
• Security compliance and auditing requirements
• Threat protection and security monitoring setup
• Identity management system integration
• Security assessment and vulnerability management

Triggers:

• "Implement authentication and authorization for [application]"
• "Design security architecture for [system]"
• "Set up identity and access management"
• "Implement compliance and security auditing"
• "Create threat protection and monitoring system"

Security Expert Panel

Security Architect (System Security Design)

• Focus: Security architecture, threat modeling, security patterns
• Techniques: Zero-trust architecture, defense-in-depth, security frameworks
• Considerations: Security by design, attack surface reduction, security controls

Identity Specialist (Authentication & Authorization)

• Focus: Authentication systems, identity management, access control
• Techniques: OAuth 2.0, OpenID Connect, JWT, SAML, RBAC/ABAC
• Considerations: User experience, security requirements, scalability

Compliance Expert (Regulatory & Auditing)

• Focus: Regulatory compliance, security auditing, risk assessment
• Techniques: SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS compliance
• Considerations: Legal requirements, audit trails, documentation

Threat Analyst (Security Monitoring & Response)

• Focus: Threat detection, incident response, security monitoring
• Techniques: SIEM systems, threat intelligence, security analytics
• Considerations: Real-time detection, response procedures, forensic analysis

Cryptographic Specialist (Encryption & Data Protection)

• Focus: Encryption implementation, key management, data protection
• Techniques: AES, RSA, TLS/SSL, hash functions, digital signatures
• Considerations: Key lifecycle management, performance impact, compliance

Security Implementation Workflow

Phase 1: Security Requirements Analysis & Threat Modeling

Use when: Starting security implementation or security assessment

Tools Used:

/sc:analyze security-requirements
Security Architect: threat modeling and risk assessment
Compliance Expert: regulatory requirement analysis
Threat Analyst: attack surface analysis

Activities:

• Analyze security requirements and threat landscape
• Identify compliance requirements and regulatory constraints
• Perform threat modeling and attack surface analysis
• Define security policies and procedures
• Plan security architecture and control implementation

Phase 2: Authentication System Design & Implementation

Use when: Designing and implementing authentication systems

Tools Used:

/sc:design --type authentication auth-system
Identity Specialist: authentication framework design
Cryptographic Specialist: secure credential management
Security Architect: authentication security controls

Activities:

• Design authentication architecture and user identity flows
• Implement secure credential storage and management
• Create multi-factor authentication (MFA) systems
• Design session management and token-based authentication
• Implement password policies and secure recovery mechanisms

Phase 3: Authorization Framework & Access Control

Use when: Implementing authorization and access control systems

Tools Used:

/sc:design --type authorization rbac-system
Identity Specialist: role-based access control implementation
Security Architect: privilege management design
Compliance Expert: access control auditing

Activities:

• Design role-based access control (RBAC) or attribute-based access control (ABAC)
• Implement fine-grained permissions and privilege management
• Create access control policies and enforcement mechanisms
• Design admin interfaces for user and permission management
• Implement access request and approval workflows

Phase 4: Security Integration & API Protection

Use when: Integrating security controls and protecting APIs

Tools Used:

/sc:implement security-integration
Security Architect: API security and integration
Cryptographic Specialist: encryption and data protection
Threat Analyst: input validation and sanitization

Activities:

• Implement API authentication and authorization middleware
• Create input validation and output encoding mechanisms
• Implement rate limiting and DDoS protection
• Set up CORS policies and secure headers
• Integrate with third-party security services and tools

Phase 5: Compliance & Auditing Implementation

Use when: Ensuring regulatory compliance and security auditing

Tools Used:

/sc:implement compliance-auditing
Compliance Expert: compliance framework implementation
Security Architect: security monitoring and logging
Threat Analyst: audit trail and forensics

Activities:

• Implement comprehensive audit logging and monitoring
• Create compliance reporting and documentation
• Set up security incident tracking and reporting
• Implement data retention and deletion policies
• Create security dashboards and compliance metrics

Phase 6: Threat Protection & Security Monitoring

Use when: Setting up proactive threat detection and response

Tools Used:

/sc:implement threat-protection
Threat Analyst: security monitoring and detection
Security Architect: incident response procedures
Compliance Expert: security metrics and reporting

Activities:

• Implement security information and event management (SIEM)
• Set up real-time threat detection and alerting
• Create incident response procedures and playbooks
• Implement security analytics and anomaly detection
• Design security metrics and KPI tracking

Integration Patterns

SuperClaude Command Integration

| Command | Use Case | Output | |---------|---------|--------| | /sc:design --type authentication | Authentication system | Complete auth architecture | | /sc:design --type authorization | Authorization framework | RBAC/ABAC implementation | | /sc:implement security | Security controls | Production-ready security | | /sc:analyze threats | Threat analysis | Threat model and mitigation | | /sc:implement compliance | Compliance | Regulatory compliance system |

Security Framework Integration

| Framework | Role | Capabilities | |-----------|------|------------| | OWASP Top 10 | Security standards | Comprehensive vulnerability protection | | NIST Cybersecurity | Security framework | Complete security program implementation | | ISO 27001 | Compliance management | Information security management system | | Zero Trust | Security model | Zero-trust architecture implementation |

MCP Server Integration

| Server | Expertise | Use Case | |--------|----------|---------| | Sequential | Security reasoning | Complex security analysis and design | | Better Auth | Authentication | Modern authentication implementation | | Web Search | Threat intelligence | Latest security threats and vulnerabilities |

Usage Examples

Example 1: Complete Authentication System

User: "Implement a secure authentication system for our SaaS application with MFA and SSO support"

Workflow:
1. Phase 1: Analyze security requirements and compliance needs
2. Phase 2: Design OAuth 2.0/OpenID Connect authentication system
3. Phase 3: Implement RBAC with fine-grained permissions
4. Phase 4: Integrate with SSO providers and MFA services
5. Phase 5: Set up audit logging and compliance reporting
6. Phase 6: Implement threat detection and security monitoring

Output: Production-ready authentication system with enterprise-grade security

Example 2: Security Compliance Implementation

User: "Implement SOC 2 compliance for our financial services platform"

Workflow:
1. Phase 1: Analyze SOC 2 requirements and current security posture
2. Phase 2: Design security controls to meet SOC 2 criteria
3. Phase 3: Implement access controls and audit trails
4. Phase 4: Set up security monitoring and incident response
5. Phase 5: Create compliance documentation and reporting
6. Phase 6: Implement continuous compliance monitoring

Output: SOC 2 compliant security framework with comprehensive audit capabilities

Example 3: API Security Implementation

User: "Secure our REST API with proper authentication, authorization, and threat protection"

Workflow:
1. Phase 1: Analyze API security requirements and threat model
2. Phase 2: Design JWT-based authentication and authorization
3. Phase 3: Implement API gateway with security controls
4. Phase 4: Add rate limiting, input validation, and encryption
5. Phase 5: Set up API security monitoring and logging
6. Phase 6: Implement API security testing and validation

Output: Secure API with comprehensive protection against common attacks

Quality Assurance Mechanisms

Multi-Layer Security Validation

• Security Architecture Review: Comprehensive security design validation
• Penetration Testing: Automated and manual security testing
• Compliance Validation: Regulatory compliance verification
• Threat Assessment: Ongoing threat analysis and mitigation

Automated Security Checks

• Vulnerability Scanning: Automated security vulnerability detection
• Compliance Monitoring: Continuous compliance checking and reporting
• Security Testing: Automated security test execution and validation
• Access Control Validation: Permission and access right verification

Continuous Security Improvement

• Security Metrics: Ongoing security performance tracking
• Threat Intelligence: Continuous threat monitoring and adaptation
• Security Training: Security awareness and best practices
• Incident Learning: Post-incident analysis and improvement

Output Deliverables

Primary Deliverable: Complete Security System

security-system/
├── authentication/
│   ├── providers/               # Authentication provider implementations
│   ├── middleware/              # Auth middleware and guards
│   ├── tokens/                  # Token generation and validation
│   └── sessions/                # Session management
├── authorization/
│   ├── rbac/                    # Role-based access control
│   ├── permissions/             # Permission definitions
│   ├── policies/                # Access control policies
│   └── admin/                   # Admin interfaces
├── security/
│   ├── encryption/              # Encryption utilities
│   ├── validation/              # Input validation and sanitization
│   ├── headers/                 # Security headers and CORS
│   └── rate-limiting/           # Rate limiting and DDoS protection
├── compliance/
│   ├── audit-logs/              # Audit logging and tracking
│   ├── reports/                 # Compliance reports
│   ├── policies/                # Security policies and procedures
│   └── documentation/           # Compliance documentation
├── monitoring/
│   ├── siem/                    # Security information and event management
│   ├── alerts/                  # Security alerts and notifications
│   ├── dashboards/              # Security monitoring dashboards
│   └── incident-response/       # Incident response procedures
└── config/
    ├── development/             # Development security config
    ├── staging/                 # Staging security config
    └── production/              # Production security config

Supporting Artifacts

• Security Architecture Documentation: Detailed security design and implementation
• Compliance Reports: Regulatory compliance status and documentation
• Security Policies: Comprehensive security policies and procedures
• Threat Models: Detailed threat analysis and mitigation strategies
• Incident Response Plans: Security incident handling procedures

Advanced Features

Intelligent Threat Detection

• AI-powered threat detection and analysis
• Behavioral anomaly detection and user behavior analytics
• Real-time threat intelligence integration
• Automated incident response and containment

Zero Trust Implementation

• Comprehensive zero-trust security architecture
• Continuous authentication and authorization
• Micro-segmentation and least privilege access
• Device and location-based access controls

Compliance Automation

• Automated compliance checking and reporting
• Continuous compliance monitoring and alerts
• Automated evidence collection for audits
• Regulatory requirement tracking and management

Security Analytics

• Advanced security analytics and reporting
• Security metrics and KPI tracking
• Risk assessment and scoring
• Security posture analysis and improvement

Troubleshooting

Common Security Implementation Challenges

• Authentication Issues: Use proper token validation and secure session management
• Authorization Problems: Implement clear permission models and regular access reviews
• Compliance Gaps: Conduct regular compliance assessments and documentation updates
• Security Vulnerabilities: Implement continuous security testing and vulnerability management

Integration and Operational Issues

• Third-party Integration: Use standard protocols and proper error handling
• Performance Impact: Optimize security controls and implement caching where appropriate
• User Experience: Balance security requirements with user-friendly interfaces
• Security Monitoring: Implement comprehensive logging and alerting systems

Best Practices

For Authentication Design

• Use industry-standard protocols (OAuth 2.0, OpenID Connect, SAML)
• Implement multi-factor authentication for sensitive operations
• Use secure token storage and proper session management
• Implement proper password policies and secure recovery mechanisms

For Authorization Implementation

• Follow principle of least privilege
• Implement role-based or attribute-based access control
• Regularly review and update access permissions
• Implement proper audit trails for access control changes

For Security Compliance

• Stay updated with regulatory requirements and industry standards
• Implement comprehensive audit logging and documentation
• Conduct regular security assessments and penetration testing
• Maintain up-to-date security policies and procedures

For Threat Protection

• Implement defense-in-depth security architecture
• Use automated security monitoring and threat detection
• Maintain incident response procedures and conduct regular drills
• Stay informed about latest security threats and vulnerabilities

---

This security and authentication skill transforms the complex process of security system implementation into a guided, expert-supported workflow that ensures comprehensive protection, regulatory compliance, and operational excellence.