From 2f349a1e3c94961f939d42ca29930aebe59d6b75 Mon Sep 17 00:00:00 2001
From: leo <wanderer@dotya.ml>
Date: Thu, 25 May 2023 05:01:22 +0200
Subject: [PATCH] tex: add more stuff on hibp

---
 tex/text.tex | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/tex/text.tex b/tex/text.tex
index 9c012df..0665059 100644
--- a/tex/text.tex
+++ b/tex/text.tex
@@ -1228,7 +1228,23 @@ for instance using \texttt{LiME}~\cite{lime}, or perhaps directly the
 \n{2}{Compromise Monitoring}
 
 \n{3}{Have I Been Pwned? Integration}
-TODO
+
+Troy Hunt's Have I Been Pwned? online service
+(\url{https://haveibeenpwned.com/}) has been chosen as the online source of
+compromised data. The service offers private APIs that are protected by API
+keys. The application's \texttt{hibp} module and database representation models
+the values returned by this API, which allows searching in large breaches using
+email addresses.\\
+The architecture there is relatively simple: the application administrator
+configures an API key for HIBP, the user enters the query parameters, the
+application constructs a query and calls the API and waits for a response. As
+the API is rate-limited based on the key supplied, this can pose an issue and
+it has not been fully resolved in the UI. The application then parses the
+returned data and binds it to the local model for validation. If that goes
+well, the data is saved into the database as a cache and the search query is
+performed on the saved data. If it returns anything, it is displayed to the
+user for browsing.
+
 
 \n{3}{Local Dataset Plugin} Breach data from locally available datasets can be
 imported into the application by first making sure it adheres to the specified