The Gatekeeper pattern
The Gatekeeper pattern is a design pattern that describes a way of brokering access to your storage. This is a typical security best practice and serves to minimize the attack surface of your roles. This is done by communicating over internal channels and only to other roles that are part of the pattern.
The Gatekeeper pattern takes two roles that play the gatekeeping game. There is one internet-facing web role that handles requests from users—in our scenario, requests to create a geotopic. The Gatekeeper is suspicious and does not trust any requests it receives. The Gatekeeper validates the input and runs in partial trust. When some hacker manages to successfully attack the web role, there is no sensitive data there. The keys to access confidential data in Windows Azure storage are kept somewhere else.
This is done by the KeyMaster, a worker role that only communicates with the Gatekeeper web role and declines all other incoming requests. The communication between...
