SlideShare a Scribd company logo

AUTH - SEAF

Caroline Milne
Caroline Milne

AUTH role in SEAF project.

Presentations & Public Speaking
1 of 17
Download to read offline
The  So'ware  Development   Process Prof.  Andreas  L.  Symeonidis   Aristotle  University  of  Thessaloniki   asymeon@eng.auth.gr,  seaf-­‐int@olympus.ee.auth.gr  
SEAF  Webinar  -­‐  SoC  Dev  Process   SEAF  Architecture &  Technologies   26  Apr  2016   2  
SEAF  Webinar  -­‐  SoC  Dev  Process   Architectural  diagram UI  (Browser)   Contractor   UI   Investor   UI   Admin   UI   Back-­‐end   API   DB   File   Storage   SEA  EvaluaQon   SEA   StandardizaQon   SEA  Risk   Assessment   Accounts   Projects  NoQficaQons   Monitoring   Logging   26  Apr  2016   3  
SEAF  Webinar  -­‐  SoC  Dev  Process   Contractor  User  Interface •  User  interface  to  visualize  and  interact  with  contractor  services  as   discussed  earlier   •  Macroscopic  (dashboard  like)  and  Microscopic  views  (per  project)   will  be  offered   Project  inputs   Personal  profile  informaQon   Recent  acQvity  on  the  plaZorm   NoQficaQons   Pipeline  quick  view   PorZolio  performance  metrics   Project  form   Project  pipeline  overview   Contractor  Views 26  Apr  2016   4  
SEAF  Webinar  -­‐  SoC  Dev  Process   Investor  User  Interface •  User  interface  to  visualize  and  interact  with  investor  services   •  Macroscopic  (dashboard  like)  and  Microscopic  views  (per  project)   will  be  offered   Investor  views Personal  profile  informaQon   Recent  acQvity  on  the  plaZorm   NoQficaQons   Pipeline  quick  view   PorZolio  performance  metrics   Project  form   Project  pipeline  overview   26  Apr  2016   5  
SEAF  Webinar  -­‐  SoC  Dev  Process   Administrator  User  Interface 26  Apr  2016   6   •  User  interface  to  handle  users/user  categories  and  project  logisQcs   Administrator  views User  request  informaQon   Recent  acQvity  on  the  plaZorm   NoQficaQons   Pipeline  creaQon   New  metrics   New  input  data   New  processes  
SEAF  Webinar  -­‐  SoC  Dev  Process   Technologies •  MEAN  stack   •  MongoDB   •  ExpressJS   •  AngularJS   •  Node.js   •  Built  for  the  web   •  Enormous  community   •  RESTful  API   •  Devops   •  Integrate  operaQons  into  code   •  ConQnuous  delivery   •  AutomaQc  deployment   •  Logging   •  AnalyQcs   •  Monitoring   •  Quality   •  SonarQube   •  Jenkins  CI   •  LinQng   26  Apr  2016   7  
SEAF  Webinar  -­‐  SoC  Dev  Process   Agile/Scrum Development  Methodology   26  Apr  2016   8  
SEAF  Webinar  -­‐  SoC  Dev  Process   Agile/Scrum •  We  expect  con;nuous  changes  in  the  requirements,  so  we  want  to  be  as  agile  as   possible   •  We  need  to  deliver  soCware  from  day  1   •  “A  prototype  is  worth  a  1000  meeQngs/10K  slides”   •  ConQnuous  value  delivery   •  1  main  developer  partner  è  Team  colocaQon  è  Beger  face-­‐2-­‐face   communicaQon  è  Agile/Scrum  beger  fit   •  The  2  releases  (early/final)  will  be  snapshots  of  the  Scrum  process.   26  Apr  2016   9  
SEAF  Webinar  -­‐  SoC  Dev  Process   Why  Agile/Scrum? •  ConQnuously  aligns  the  delivered  soCware  with  business  needs  easily   adapQng  to  changing  requirements  throughout  the  process.   •  Accelerates  the  delivery  of  business  value   •  Minimizes  the  overall  project  risks   26  Apr  2016   10   30 days 30 days 30 days 30 days Backlog:   25  features   Backlog:   19  features   Backlog:   17  features   Backlog:   12  features   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   1   2   3   4  
SEAF  Webinar  -­‐  SoC  Dev  Process   Extract  requirements   from  pilot  case  users  and   the  DoW   Transform  requirements  to  user  stories   based  on  behavior-­‐driven  development   and  prioriQze   Generate  funcQonality  based   on  test-­‐driven  development   Run  regression,  integraQon  &   acceptance  tests  and  deploy   Retrospect  the  cycle  and  demo  the   release  to  the  stakeholders   The  Sprint  process
SEAF  Webinar  -­‐  SoC  Dev  Process   QRS Quality  –  Reliability  –  Security     26  Apr  2016   12  
SEAF  Webinar  -­‐  SoC  Dev  Process   Quality •  TesQng   •  Our  tesQng  process  covers:   •  Unit  tests   •  API  acceptance  tests   •  User  acceptance  tests   •  Regression  tests   •  Goal:  >  70%  test  coverage   •  Readability  &  Best  Coding   PracQces   •  AirBnb’s  linQng  rules   •  Technical  debt     •  SonarQube   •  Goal:  <  1  week   26  Apr  2016   13  
SEAF  Webinar  -­‐  SoC  Dev  Process   Reliability •  Aim  for  building  reliability  into  code   •  Infrastructure:   •  Dedicated  server  hosQng  just  SEAF   •  Server  runs  in  the  university  network  backed  by  an  onsite  administrator  and   an  expert  backbone  group  (hgp://it.auth.gr/en)   26  Apr  2016   14  
SEAF  Webinar  -­‐  SoC  Dev  Process   Security  Plan Go  for  a  pracQcal  (and  pragma;c)  approach  towards  security:     1.  Learning  from  other  people’s  mistakes   2.  Develop/deploy  tools  to  detect  and  correct  problems   3.  Planning  to  have  everything  compromised   Our  security  plan  will  be  documented  in  a  deliverable,  available  upon   request.   26  Apr  2016   15  
SEAF  Webinar  -­‐  SoC  Dev  Process   Learning  from  other  people’s  mistakes CSA’s  Top  8  cloud  threats  for  SaaS   1.  Data  Breaches   2.  Data  Loss   3.  Account  or  Service  High-­‐jacking   4.  Insecure  Interfaces  and  APIs   5.  DoS   6.  Malicious  Insiders   7.  Insufficient  Due  Diligence   8.  Shared  Technology   VulnerabiliQes   OWASP’s  Top  10  security  threats   1.  InjecQon   2.  Broken  AuthenQcaQon  and  Session   Management   3.  Cross-­‐Site  ScripQng  (XSS)   4.  Insecure  Direct  Object  References   5.  Security  MisconfiguraQon   6.  SensiQve  Data  Exposure   7.  Missing  FuncQon  Level  Access  Control   8.  Cross-­‐Site  Request  Forgery  (CSRF)   9.  Using  Components  with  Known   VulnerabiliQes   10.  Unvalidated  Redirects  and  Forwards   26  Apr  2016   16  
SEAF  Webinar  -­‐  SoC  Dev  Process   Our  plan •  Our  security  plan  will  aim  at  counteracQng  against  major  threats   which  are  pregy  broad  and  cover  a  lot  of  ground.     •  We  plan  to  have  everything  automated  by  developing  &  deploying   tools  to  detect  and  correct  problems   •  In  case  of  a  compromise  we  aim  for  the  data  and  criQcal  informaQon   to  be  safe:   •  Secured  credenQals,  even  if  compromised   •  Data  Integrity  –  Frequent  backups  offsite   •  Cryptographic  anonymizaQon  of  criQcal  informaQon     •  Upon  comple;on  we  aim  for  SEAF  to  be  in  the  top  ;er  of  secure   web  apps.   26  Apr  2016   17  

Recommended

An explanation on how the CDE competition works.
An explanation on how the CDE competition works.An explanation on how the CDE competition works.
An explanation on how the CDE competition works.Defence and Security Accelerator
 
Executive brief 1 april 2020
Executive brief 1 april 2020Executive brief 1 april 2020
Executive brief 1 april 2020swx-webadmin
 
Executive brief 4 march 2020
Executive brief 4 march 2020Executive brief 4 march 2020
Executive brief 4 march 2020swx-webadmin
 
Valuta Introduction - Independent Project Review
Valuta Introduction - Independent Project ReviewValuta Introduction - Independent Project Review
Valuta Introduction - Independent Project Reviewguestf4780fa
 
Benefits in Certification
Benefits in CertificationBenefits in Certification
Benefits in CertificationMike W
 
Creative Ring Challenge in Helsinki 2016
Creative Ring Challenge in Helsinki 2016Creative Ring Challenge in Helsinki 2016
Creative Ring Challenge in Helsinki 2016Kaisa Sibelius
 
A4I Round 5 Overview
A4I Round 5 OverviewA4I Round 5 Overview
A4I Round 5 OverviewThe Knowledge Transfer Network
 
USC Stevens Overview
USC Stevens OverviewUSC Stevens Overview
USC Stevens OverviewCharles L. Pruitt, Esq.
 

Recommended

An explanation on how the CDE competition works.
An explanation on how the CDE competition works.An explanation on how the CDE competition works.
An explanation on how the CDE competition works.Defence and Security Accelerator
 
Executive brief 1 april 2020
Executive brief 1 april 2020Executive brief 1 april 2020
Executive brief 1 april 2020swx-webadmin
 
Executive brief 4 march 2020
Executive brief 4 march 2020Executive brief 4 march 2020
Executive brief 4 march 2020swx-webadmin
 
Valuta Introduction - Independent Project Review
Valuta Introduction - Independent Project ReviewValuta Introduction - Independent Project Review
Valuta Introduction - Independent Project Reviewguestf4780fa
 
Benefits in Certification
Benefits in CertificationBenefits in Certification
Benefits in CertificationMike W
 
Creative Ring Challenge in Helsinki 2016
Creative Ring Challenge in Helsinki 2016Creative Ring Challenge in Helsinki 2016
Creative Ring Challenge in Helsinki 2016Kaisa Sibelius
 
A4I Round 5 Overview
A4I Round 5 OverviewA4I Round 5 Overview
A4I Round 5 OverviewThe Knowledge Transfer Network
 
USC Stevens Overview
USC Stevens OverviewUSC Stevens Overview
USC Stevens OverviewCharles L. Pruitt, Esq.
 
2920 - Signalling Installation and Testing Improvement Implementation
2920 - Signalling Installation and Testing Improvement Implementation2920 - Signalling Installation and Testing Improvement Implementation
2920 - Signalling Installation and Testing Improvement ImplementationAndy Keasley
 
Executive brief 2 Dec 2019
Executive brief 2 Dec 2019Executive brief 2 Dec 2019
Executive brief 2 Dec 2019swx-webadmin
 
Executive brief 4 february 2020
Executive brief 4 february 2020Executive brief 4 february 2020
Executive brief 4 february 2020swx-webadmin
 
Executive brief 8 January 2020
Executive brief 8 January 2020Executive brief 8 January 2020
Executive brief 8 January 2020swx-webadmin
 
The Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationThe Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationWalton Institute
 
GrowSmarter Webinar : Recycling made easy by Envac
GrowSmarter Webinar : Recycling made easy by EnvacGrowSmarter Webinar : Recycling made easy by Envac
GrowSmarter Webinar : Recycling made easy by EnvacGrowSmarter
 
Executive brief 5 june
Executive brief 5 juneExecutive brief 5 june
Executive brief 5 juneswx-webadmin
 
Driving Business Innovation - Call for Proposals for Round 2
Driving Business Innovation - Call for Proposals for Round 2Driving Business Innovation - Call for Proposals for Round 2
Driving Business Innovation - Call for Proposals for Round 2BusinessVictoria
 
Executive brief 1 july 2019
Executive brief 1 july 2019Executive brief 1 july 2019
Executive brief 1 july 2019swx-webadmin
 
Executive brief 01 august 2021
Executive brief 01 august 2021 Executive brief 01 august 2021
Executive brief 01 august 2021 swx-webadmin
 
Sofwerx Executive Brief
Sofwerx Executive BriefSofwerx Executive Brief
Sofwerx Executive Briefswx-webadmin
 
111114 wp6 evaluation-syntra_west
111114 wp6 evaluation-syntra_west111114 wp6 evaluation-syntra_west
111114 wp6 evaluation-syntra_westFrank Emil Moen
 
Webinar presentation of SEA Valuation Module
Webinar presentation of SEA Valuation ModuleWebinar presentation of SEA Valuation Module
Webinar presentation of SEA Valuation ModuleStefan Dunjic
 
SEAF Introduction
SEAF IntroductionSEAF Introduction
SEAF IntroductionCaroline Milne
 
SEA - SEAF
SEA - SEAFSEA - SEAF
SEA - SEAFCaroline Milne
 
HSB - SEAF
HSB - SEAFHSB - SEAF
HSB - SEAFCaroline Milne
 
SEAF Introductory Webinar Agenda
SEAF Introductory Webinar AgendaSEAF Introductory Webinar Agenda
SEAF Introductory Webinar AgendaCaroline Milne
 
ICP - SEAF
ICP - SEAFICP - SEAF
ICP - SEAFCaroline Milne
 
Elastic-Engineering
Elastic-EngineeringElastic-Engineering
Elastic-EngineeringAraf Karsh Hamid
 
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entity
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entitySpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entity
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entityjordigilnieto
 
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entitySpring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entityToni Jara
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and BeyondPriyanka Aash
 

More Related Content

What's hot

2920 - Signalling Installation and Testing Improvement Implementation
2920 - Signalling Installation and Testing Improvement Implementation2920 - Signalling Installation and Testing Improvement Implementation
2920 - Signalling Installation and Testing Improvement ImplementationAndy Keasley
 
Executive brief 2 Dec 2019
Executive brief 2 Dec 2019Executive brief 2 Dec 2019
Executive brief 2 Dec 2019swx-webadmin
 
Executive brief 4 february 2020
Executive brief 4 february 2020Executive brief 4 february 2020
Executive brief 4 february 2020swx-webadmin
 
Executive brief 8 January 2020
Executive brief 8 January 2020Executive brief 8 January 2020
Executive brief 8 January 2020swx-webadmin
 
The Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationThe Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationWalton Institute
 
GrowSmarter Webinar : Recycling made easy by Envac
GrowSmarter Webinar : Recycling made easy by EnvacGrowSmarter Webinar : Recycling made easy by Envac
GrowSmarter Webinar : Recycling made easy by EnvacGrowSmarter
 
Executive brief 5 june
Executive brief 5 juneExecutive brief 5 june
Executive brief 5 juneswx-webadmin
 
Driving Business Innovation - Call for Proposals for Round 2
Driving Business Innovation - Call for Proposals for Round 2Driving Business Innovation - Call for Proposals for Round 2
Driving Business Innovation - Call for Proposals for Round 2BusinessVictoria
 
Executive brief 1 july 2019
Executive brief 1 july 2019Executive brief 1 july 2019
Executive brief 1 july 2019swx-webadmin
 
Executive brief 01 august 2021
Executive brief 01 august 2021 Executive brief 01 august 2021
Executive brief 01 august 2021 swx-webadmin
 
Sofwerx Executive Brief
Sofwerx Executive BriefSofwerx Executive Brief
Sofwerx Executive Briefswx-webadmin
 
111114 wp6 evaluation-syntra_west
111114 wp6 evaluation-syntra_west111114 wp6 evaluation-syntra_west
111114 wp6 evaluation-syntra_westFrank Emil Moen
 

What's hot (12)

2920 - Signalling Installation and Testing Improvement Implementation
2920 - Signalling Installation and Testing Improvement Implementation2920 - Signalling Installation and Testing Improvement Implementation
2920 - Signalling Installation and Testing Improvement Implementation
 
Executive brief 2 Dec 2019
Executive brief 2 Dec 2019Executive brief 2 Dec 2019
Executive brief 2 Dec 2019
 
Executive brief 4 february 2020
Executive brief 4 february 2020Executive brief 4 february 2020
Executive brief 4 february 2020
 
Executive brief 8 January 2020
Executive brief 8 January 2020Executive brief 8 January 2020
Executive brief 8 January 2020
 
The Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationThe Impact of Research & Industry Collaboration
The Impact of Research & Industry Collaboration
 
GrowSmarter Webinar : Recycling made easy by Envac
GrowSmarter Webinar : Recycling made easy by EnvacGrowSmarter Webinar : Recycling made easy by Envac
GrowSmarter Webinar : Recycling made easy by Envac
 
Executive brief 5 june
Executive brief 5 juneExecutive brief 5 june
Executive brief 5 june
 
Driving Business Innovation - Call for Proposals for Round 2
Driving Business Innovation - Call for Proposals for Round 2Driving Business Innovation - Call for Proposals for Round 2
Driving Business Innovation - Call for Proposals for Round 2
 
Executive brief 1 july 2019
Executive brief 1 july 2019Executive brief 1 july 2019
Executive brief 1 july 2019
 
Executive brief 01 august 2021
Executive brief 01 august 2021 Executive brief 01 august 2021
Executive brief 01 august 2021
 
Sofwerx Executive Brief
Sofwerx Executive BriefSofwerx Executive Brief
Sofwerx Executive Brief
 
111114 wp6 evaluation-syntra_west
111114 wp6 evaluation-syntra_west111114 wp6 evaluation-syntra_west
111114 wp6 evaluation-syntra_west
 

Viewers also liked

Webinar presentation of SEA Valuation Module
Webinar presentation of SEA Valuation ModuleWebinar presentation of SEA Valuation Module
Webinar presentation of SEA Valuation ModuleStefan Dunjic
 
SEAF Introductory Webinar Agenda
SEAF Introductory Webinar AgendaSEAF Introductory Webinar Agenda
SEAF Introductory Webinar AgendaCaroline Milne
 

Viewers also liked (6)

Webinar presentation of SEA Valuation Module
Webinar presentation of SEA Valuation ModuleWebinar presentation of SEA Valuation Module
Webinar presentation of SEA Valuation Module
 
SEAF Introduction
SEAF IntroductionSEAF Introduction
SEAF Introduction
 
SEA - SEAF
SEA - SEAFSEA - SEAF
SEA - SEAF
 
HSB - SEAF
HSB - SEAFHSB - SEAF
HSB - SEAF
 
SEAF Introductory Webinar Agenda
SEAF Introductory Webinar AgendaSEAF Introductory Webinar Agenda
SEAF Introductory Webinar Agenda
 
ICP - SEAF
ICP - SEAFICP - SEAF
ICP - SEAF
 

Similar to AUTH - SEAF

SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entity
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entitySpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entity
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entityjordigilnieto
 
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entitySpring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entityToni Jara
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and BeyondPriyanka Aash
 
DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...
DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...
DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...BAINIDA
 
The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...
The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...
The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...SmartBear
 
170215 msa intro
170215 msa intro170215 msa intro
170215 msa introSonic leigh
 
Listen to Your Machines: DevOps Analytics for Better Feedback Loops
Listen to Your Machines: DevOps Analytics for Better Feedback LoopsListen to Your Machines: DevOps Analytics for Better Feedback Loops
Listen to Your Machines: DevOps Analytics for Better Feedback LoopsSplunk
 
Simplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptxSimplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptxssuser5faa791
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSEric Smalling
 
AAIC Cloud Engineering and DevOps overview v2.3.pdf
AAIC Cloud Engineering and DevOps overview v2.3.pdfAAIC Cloud Engineering and DevOps overview v2.3.pdf
AAIC Cloud Engineering and DevOps overview v2.3.pdfAppliedAIConsulting
 
Dimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the GauntletDimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the GauntletSerena Software
 
Keeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the CloudKeeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 

Similar to AUTH - SEAF (20)

Elastic-Engineering
Elastic-EngineeringElastic-Engineering
Elastic-Engineering
 
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entity
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entitySpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entity
SpringIO 2016 - Spring Cloud MicroServices, a journey inside a financial entity
 
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entitySpring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
 
Rayudu_Grandhi
Rayudu_GrandhiRayudu_Grandhi
Rayudu_Grandhi
 
DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...
DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...
DevOps : Integrate, Deliver and Deploy continuously with Visual Studio Team S...
 
The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...
The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...
The API Lifecycle Series: Exploring Design-First and Code-First Approaches to...
 
170215 msa intro
170215 msa intro170215 msa intro
170215 msa intro
 
Listen to Your Machines: DevOps Analytics for Better Feedback Loops
Listen to Your Machines: DevOps Analytics for Better Feedback LoopsListen to Your Machines: DevOps Analytics for Better Feedback Loops
Listen to Your Machines: DevOps Analytics for Better Feedback Loops
 
Simplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptxSimplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptx
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
 
Profile_Ahmad2
Profile_Ahmad2Profile_Ahmad2
Profile_Ahmad2
 
AAIC Cloud Engineering and DevOps overview v2.3.pdf
AAIC Cloud Engineering and DevOps overview v2.3.pdfAAIC Cloud Engineering and DevOps overview v2.3.pdf
AAIC Cloud Engineering and DevOps overview v2.3.pdf
 
Arun Kumar(7.8Yrs).DOC
Arun Kumar(7.8Yrs).DOCArun Kumar(7.8Yrs).DOC
Arun Kumar(7.8Yrs).DOC
 
Dimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the GauntletDimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the Gauntlet
 
CV - Abhijit
CV - AbhijitCV - Abhijit
CV - Abhijit
 
Trinada pabolu profile
Trinada pabolu profileTrinada pabolu profile
Trinada pabolu profile
 
Keeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the CloudKeeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the Cloud
 
Pradeep.CL
Pradeep.CLPradeep.CL
Pradeep.CL
 

Recently uploaded

Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Delhi Call girls
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxNikitaBankoti2
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Kayode Fayemi
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Pooja Nehwal
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfhenrik385807
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024eCommerce Institute
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyPooja Nehwal
 
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxmohammadalnahdi22
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfhenrik385807
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrsaastr
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )Pooja Nehwal
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...Sheetaleventcompany
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubssamaasim06
 
Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Chameera Dedduwage
 

Recently uploaded (20)

Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
 
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubs
 
Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)
 

AUTH - SEAF

  • 1. The  So'ware  Development   Process Prof.  Andreas  L.  Symeonidis   Aristotle  University  of  Thessaloniki   asymeon@eng.auth.gr,  seaf-­‐int@olympus.ee.auth.gr  
  • 2. SEAF  Webinar  -­‐  SoC  Dev  Process   SEAF  Architecture &  Technologies   26  Apr  2016   2  
  • 3. SEAF  Webinar  -­‐  SoC  Dev  Process   Architectural  diagram UI  (Browser)   Contractor   UI   Investor   UI   Admin   UI   Back-­‐end   API   DB   File   Storage   SEA  EvaluaQon   SEA   StandardizaQon   SEA  Risk   Assessment   Accounts   Projects  NoQficaQons   Monitoring   Logging   26  Apr  2016   3  
  • 4. SEAF  Webinar  -­‐  SoC  Dev  Process   Contractor  User  Interface •  User  interface  to  visualize  and  interact  with  contractor  services  as   discussed  earlier   •  Macroscopic  (dashboard  like)  and  Microscopic  views  (per  project)   will  be  offered   Project  inputs   Personal  profile  informaQon   Recent  acQvity  on  the  plaZorm   NoQficaQons   Pipeline  quick  view   PorZolio  performance  metrics   Project  form   Project  pipeline  overview   Contractor  Views 26  Apr  2016   4  
  • 5. SEAF  Webinar  -­‐  SoC  Dev  Process   Investor  User  Interface •  User  interface  to  visualize  and  interact  with  investor  services   •  Macroscopic  (dashboard  like)  and  Microscopic  views  (per  project)   will  be  offered   Investor  views Personal  profile  informaQon   Recent  acQvity  on  the  plaZorm   NoQficaQons   Pipeline  quick  view   PorZolio  performance  metrics   Project  form   Project  pipeline  overview   26  Apr  2016   5  
  • 6. SEAF  Webinar  -­‐  SoC  Dev  Process   Administrator  User  Interface 26  Apr  2016   6   •  User  interface  to  handle  users/user  categories  and  project  logisQcs   Administrator  views User  request  informaQon   Recent  acQvity  on  the  plaZorm   NoQficaQons   Pipeline  creaQon   New  metrics   New  input  data   New  processes  
  • 7. SEAF  Webinar  -­‐  SoC  Dev  Process   Technologies •  MEAN  stack   •  MongoDB   •  ExpressJS   •  AngularJS   •  Node.js   •  Built  for  the  web   •  Enormous  community   •  RESTful  API   •  Devops   •  Integrate  operaQons  into  code   •  ConQnuous  delivery   •  AutomaQc  deployment   •  Logging   •  AnalyQcs   •  Monitoring   •  Quality   •  SonarQube   •  Jenkins  CI   •  LinQng   26  Apr  2016   7  
  • 8. SEAF  Webinar  -­‐  SoC  Dev  Process   Agile/Scrum Development  Methodology   26  Apr  2016   8  
  • 9. SEAF  Webinar  -­‐  SoC  Dev  Process   Agile/Scrum •  We  expect  con;nuous  changes  in  the  requirements,  so  we  want  to  be  as  agile  as   possible   •  We  need  to  deliver  soCware  from  day  1   •  “A  prototype  is  worth  a  1000  meeQngs/10K  slides”   •  ConQnuous  value  delivery   •  1  main  developer  partner  è  Team  colocaQon  è  Beger  face-­‐2-­‐face   communicaQon  è  Agile/Scrum  beger  fit   •  The  2  releases  (early/final)  will  be  snapshots  of  the  Scrum  process.   26  Apr  2016   9  
  • 10. SEAF  Webinar  -­‐  SoC  Dev  Process   Why  Agile/Scrum? •  ConQnuously  aligns  the  delivered  soCware  with  business  needs  easily   adapQng  to  changing  requirements  throughout  the  process.   •  Accelerates  the  delivery  of  business  value   •  Minimizes  the  overall  project  risks   26  Apr  2016   10   30 days 30 days 30 days 30 days Backlog:   25  features   Backlog:   19  features   Backlog:   17  features   Backlog:   12  features   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   Planning   Daily Scrum Daily Scrum Daily Scrum Daily Scrum Development   Sprint  Review   Retrospec;ve   1   2   3   4  
  • 11. SEAF  Webinar  -­‐  SoC  Dev  Process   Extract  requirements   from  pilot  case  users  and   the  DoW   Transform  requirements  to  user  stories   based  on  behavior-­‐driven  development   and  prioriQze   Generate  funcQonality  based   on  test-­‐driven  development   Run  regression,  integraQon  &   acceptance  tests  and  deploy   Retrospect  the  cycle  and  demo  the   release  to  the  stakeholders   The  Sprint  process
  • 12. SEAF  Webinar  -­‐  SoC  Dev  Process   QRS Quality  –  Reliability  –  Security     26  Apr  2016   12  
  • 13. SEAF  Webinar  -­‐  SoC  Dev  Process   Quality •  TesQng   •  Our  tesQng  process  covers:   •  Unit  tests   •  API  acceptance  tests   •  User  acceptance  tests   •  Regression  tests   •  Goal:  >  70%  test  coverage   •  Readability  &  Best  Coding   PracQces   •  AirBnb’s  linQng  rules   •  Technical  debt     •  SonarQube   •  Goal:  <  1  week   26  Apr  2016   13  
  • 14. SEAF  Webinar  -­‐  SoC  Dev  Process   Reliability •  Aim  for  building  reliability  into  code   •  Infrastructure:   •  Dedicated  server  hosQng  just  SEAF   •  Server  runs  in  the  university  network  backed  by  an  onsite  administrator  and   an  expert  backbone  group  (hgp://it.auth.gr/en)   26  Apr  2016   14  
  • 15. SEAF  Webinar  -­‐  SoC  Dev  Process   Security  Plan Go  for  a  pracQcal  (and  pragma;c)  approach  towards  security:     1.  Learning  from  other  people’s  mistakes   2.  Develop/deploy  tools  to  detect  and  correct  problems   3.  Planning  to  have  everything  compromised   Our  security  plan  will  be  documented  in  a  deliverable,  available  upon   request.   26  Apr  2016   15  
  • 16. SEAF  Webinar  -­‐  SoC  Dev  Process   Learning  from  other  people’s  mistakes CSA’s  Top  8  cloud  threats  for  SaaS   1.  Data  Breaches   2.  Data  Loss   3.  Account  or  Service  High-­‐jacking   4.  Insecure  Interfaces  and  APIs   5.  DoS   6.  Malicious  Insiders   7.  Insufficient  Due  Diligence   8.  Shared  Technology   VulnerabiliQes   OWASP’s  Top  10  security  threats   1.  InjecQon   2.  Broken  AuthenQcaQon  and  Session   Management   3.  Cross-­‐Site  ScripQng  (XSS)   4.  Insecure  Direct  Object  References   5.  Security  MisconfiguraQon   6.  SensiQve  Data  Exposure   7.  Missing  FuncQon  Level  Access  Control   8.  Cross-­‐Site  Request  Forgery  (CSRF)   9.  Using  Components  with  Known   VulnerabiliQes   10.  Unvalidated  Redirects  and  Forwards   26  Apr  2016   16  
  • 17. SEAF  Webinar  -­‐  SoC  Dev  Process   Our  plan •  Our  security  plan  will  aim  at  counteracQng  against  major  threats   which  are  pregy  broad  and  cover  a  lot  of  ground.     •  We  plan  to  have  everything  automated  by  developing  &  deploying   tools  to  detect  and  correct  problems   •  In  case  of  a  compromise  we  aim  for  the  data  and  criQcal  informaQon   to  be  safe:   •  Secured  credenQals,  even  if  compromised   •  Data  Integrity  –  Frequent  backups  offsite   •  Cryptographic  anonymizaQon  of  criQcal  informaQon     •  Upon  comple;on  we  aim  for  SEAF  to  be  in  the  top  ;er  of  secure   web  apps.   26  Apr  2016   17