The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, “I could write this myself.”
2017 Devoxx MA Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2019 ITkonekt Stateless REST Security with MicroProfile JWTJean-Louis MONTEIRO
This presentation will be focusing on this landscape and explain how to leverage the quickly evolving MicroProfile JWT specification to secure Microservices and in a fully stateless and scalable manner. We’ll introduce the specification in a quick fashion and move on to code examples that show how to setup JWT verification and obtain trusted claims via lookup or dependency injection.
Seguridad en microservicios via micro profile jwtCésar Hernández
La curva de aprendizaje para la seguridad es severa e implacable. Esta sesión profundiza el estado actual y evolución que la seguridad en arquitecturas basadas en servicios REST han requerido con conceptos competitivos como OAuth 2.0 en el mundo mobile y HTTP signatures utilizado por Amazon en API's B2B. Finalmente se presenta el proyecto Eclipse MicroProfile JWT que provee un API Java Empresarial optimizado para arquitecturas orientadas a Microservicios. Se presentará un caso práctico en el que se desarrollará una aplicación segura con MicroProfile JWT, Apache TomEE y AngularJS. Demostrando de esta forma las capacidades de configuración, CDI, autenticación y autorización avanzadas que ofrece Eclipse MicroProfile JWT. Durante esta sesión los asistentes podrán ver los conceptos básicos de seguridad REST con Oauth 2.0, JWT y Http signatures. El caso práctico será presentado utilizando Eclipse Microprofile sobre una aplicación con un Front-End AngularJS y Java EE en Apache TomEE.
2018 colombia deconstruyendo y evolucionando la seguridad en servicios restCésar Hernández
La curva de aprendizaje para la seguridad es severa e implacable. Las especificaciones prometen una flexibilidad infinita y habitualmente dan nuevos nombres a los conceptos antiguos. Esta sesión profundiza el estado actual y evolución que la seguridad en arquitecturas basadas en servicios REST han requerido con conceptos competitivos como OAuth 2.0 en el mundo mobile y HTTP signatures utilizado por Amazon en API's B2B. Finalmente, se analiza un nuevo borrador de Internet lanzado este año que los combina a ambos en el sistema perfecto de dos factores que podría proporcionar una consolidación para los escenarios de REST mobile y de negocios.
2018 ecuador deconstruyendo y evolucionando la seguridad en servicios restCésar Hernández
La curva de aprendizaje para la seguridad es severa e implacable. Las especificaciones prometen una flexibilidad infinita y habitualmente dan nuevos nombres a los conceptos antiguos. Esta sesión profundiza el estado actual y evolución que la seguridad en arquitecturas basadas en servicios REST han requerido con conceptos competitivos como OAuth 2.0 en el mundo mobile y HTTP signatures utilizado por Amazon en API's B2B. Finalmente, se analiza un nuevo borrador de Internet lanzado este año que los combina a ambos en el sistema perfecto de dos factores que podría proporcionar una consolidación para los escenarios de REST mobile y de negocios.
Stateless Microservice Security via JWT and MicroProfile - MexicoOtávio Santana
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, the first half of this session delves into OAuth 2.0 with and without JWTs and shows how it falls into two camps: stateful and stateless. Starting at Basic Auth and walking forward, we'll compare each with heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security against a baseline Microservice architecture.
The second half of this presentation we'll deep dive into MicroProfile JWT, which offers a clean Java API and standard configuration for consuming JWTs in Java Microservices. Code and demo focused, we'll see a complete MicroProfile JWT, TomEE and AngularJS app running on Oracle Cloud that issues JWTs with custom backend-data, performs server-side verification and injection of claims, and client-side login and refresh. All code in Github, you'll leave ready to bootstrap your next truly secure full-stack project.
Stateless Microservice Security via JWT and MicroProfile - ES Otavio Santana
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, the first half of this session delves into OAuth 2.0 with and without JWTs and shows how it falls into two camps: stateful and stateless. Starting at Basic Auth and walking forward, we'll compare each with a heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security against a baseline Microservice architecture.
The second half of this presentation we'll deep dive into MicroProfile JWT, which offers a clean Java API and standard configuration for consuming JWTs in Java Microservices. Code and demo focused, we'll see a complete MicroProfile JWT, TomEE and AngularJS app running on Oracle Cloud that issues JWTs with custom backend-data, performs server-side verification and injection of claims, and client-side login and refresh. All code in Github, you'll leave ready to bootstrap your next truly secure full-stack project.
Stateless Microservice Security via JWT and MicroProfile - GuatemalaOtávio Santana
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, the first half of this session delves into OAuth 2.0 with and without JWTs and shows how it falls into two camps: stateful and stateless. Starting at Basic Auth and walking forward, we'll compare each with heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security against a baseline Microservice architecture.
The second half of this presentation we'll deep dive into MicroProfile JWT, which offers a clean Java API and standard configuration for consuming JWTs in Java Microservices. Code and demo focused, we'll see a complete MicroProfile JWT, TomEE and AngularJS app running on Oracle Cloud that issues JWTs with custom backend-data, performs server-side verification and injection of claims, and client-side login and refresh. All code in Github, you'll leave ready to bootstrap your next truly secure full-stack project.
2017 Devoxx MA Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2019 ITkonekt Stateless REST Security with MicroProfile JWTJean-Louis MONTEIRO
This presentation will be focusing on this landscape and explain how to leverage the quickly evolving MicroProfile JWT specification to secure Microservices and in a fully stateless and scalable manner. We’ll introduce the specification in a quick fashion and move on to code examples that show how to setup JWT verification and obtain trusted claims via lookup or dependency injection.
Seguridad en microservicios via micro profile jwtCésar Hernández
La curva de aprendizaje para la seguridad es severa e implacable. Esta sesión profundiza el estado actual y evolución que la seguridad en arquitecturas basadas en servicios REST han requerido con conceptos competitivos como OAuth 2.0 en el mundo mobile y HTTP signatures utilizado por Amazon en API's B2B. Finalmente se presenta el proyecto Eclipse MicroProfile JWT que provee un API Java Empresarial optimizado para arquitecturas orientadas a Microservicios. Se presentará un caso práctico en el que se desarrollará una aplicación segura con MicroProfile JWT, Apache TomEE y AngularJS. Demostrando de esta forma las capacidades de configuración, CDI, autenticación y autorización avanzadas que ofrece Eclipse MicroProfile JWT. Durante esta sesión los asistentes podrán ver los conceptos básicos de seguridad REST con Oauth 2.0, JWT y Http signatures. El caso práctico será presentado utilizando Eclipse Microprofile sobre una aplicación con un Front-End AngularJS y Java EE en Apache TomEE.
2018 colombia deconstruyendo y evolucionando la seguridad en servicios restCésar Hernández
La curva de aprendizaje para la seguridad es severa e implacable. Las especificaciones prometen una flexibilidad infinita y habitualmente dan nuevos nombres a los conceptos antiguos. Esta sesión profundiza el estado actual y evolución que la seguridad en arquitecturas basadas en servicios REST han requerido con conceptos competitivos como OAuth 2.0 en el mundo mobile y HTTP signatures utilizado por Amazon en API's B2B. Finalmente, se analiza un nuevo borrador de Internet lanzado este año que los combina a ambos en el sistema perfecto de dos factores que podría proporcionar una consolidación para los escenarios de REST mobile y de negocios.
2018 ecuador deconstruyendo y evolucionando la seguridad en servicios restCésar Hernández
La curva de aprendizaje para la seguridad es severa e implacable. Las especificaciones prometen una flexibilidad infinita y habitualmente dan nuevos nombres a los conceptos antiguos. Esta sesión profundiza el estado actual y evolución que la seguridad en arquitecturas basadas en servicios REST han requerido con conceptos competitivos como OAuth 2.0 en el mundo mobile y HTTP signatures utilizado por Amazon en API's B2B. Finalmente, se analiza un nuevo borrador de Internet lanzado este año que los combina a ambos en el sistema perfecto de dos factores que podría proporcionar una consolidación para los escenarios de REST mobile y de negocios.
Stateless Microservice Security via JWT and MicroProfile - MexicoOtávio Santana
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, the first half of this session delves into OAuth 2.0 with and without JWTs and shows how it falls into two camps: stateful and stateless. Starting at Basic Auth and walking forward, we'll compare each with heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security against a baseline Microservice architecture.
The second half of this presentation we'll deep dive into MicroProfile JWT, which offers a clean Java API and standard configuration for consuming JWTs in Java Microservices. Code and demo focused, we'll see a complete MicroProfile JWT, TomEE and AngularJS app running on Oracle Cloud that issues JWTs with custom backend-data, performs server-side verification and injection of claims, and client-side login and refresh. All code in Github, you'll leave ready to bootstrap your next truly secure full-stack project.
Stateless Microservice Security via JWT and MicroProfile - ES Otavio Santana
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, the first half of this session delves into OAuth 2.0 with and without JWTs and shows how it falls into two camps: stateful and stateless. Starting at Basic Auth and walking forward, we'll compare each with a heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security against a baseline Microservice architecture.
The second half of this presentation we'll deep dive into MicroProfile JWT, which offers a clean Java API and standard configuration for consuming JWTs in Java Microservices. Code and demo focused, we'll see a complete MicroProfile JWT, TomEE and AngularJS app running on Oracle Cloud that issues JWTs with custom backend-data, performs server-side verification and injection of claims, and client-side login and refresh. All code in Github, you'll leave ready to bootstrap your next truly secure full-stack project.
Stateless Microservice Security via JWT and MicroProfile - GuatemalaOtávio Santana
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, the first half of this session delves into OAuth 2.0 with and without JWTs and shows how it falls into two camps: stateful and stateless. Starting at Basic Auth and walking forward, we'll compare each with heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security against a baseline Microservice architecture.
The second half of this presentation we'll deep dive into MicroProfile JWT, which offers a clean Java API and standard configuration for consuming JWTs in Java Microservices. Code and demo focused, we'll see a complete MicroProfile JWT, TomEE and AngularJS app running on Oracle Cloud that issues JWTs with custom backend-data, performs server-side verification and injection of claims, and client-side login and refresh. All code in Github, you'll leave ready to bootstrap your next truly secure full-stack project.
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. The presentation also details a competing Amazon-style approach called HTTP Signatures and digs into the architectural differences of all three, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, “I could write this myself.”
2017 dev nexus_deconstructing_rest_securityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. The presentation also details a competing Amazon-style approach called HTTP Signatures and digs into the architectural differences of all three, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, “I could write this myself.”
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architectural impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
GnuPG, popularly knowns as gpg is an alternative to PGP module and mainly used for encryption and decryption of keys while sending mail or data.
This presentation shows various useful gpg commands that you can use in day-to-day life.
2018 Denver JUG Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, "I could write this myself."
As a bonus at the end, well peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
REST API vs gRPC, which one should you use in breaking a monolith [Dev conf 2...Vladimir Dejanovic
You heard of "new thing" called gRPC and promises that it will solve all issues for you, so now you are not sure if you should use it for breaking up your monolith to Microservices. If it is good for Google it should be good for you also right?
On the other hand, you have been using REST API's for some time now, at least as a consumer, so maybe this would be better approach in Microservices waters, or would it?
Which one to chose and which one will fit your use case better?
Join me in this talk were I will try to explain both approaches, good and bad. I will give some points and tips, which will help you in understanding better which one will be better for you. By doing this I will also share some best practices for both approaches
Dublin JUG Stateless Microservice Security via JWT, TomEE and MicroProfileJean-Louis MONTEIRO
Microservices based architecture seems to be the common convergence point in the industry. But when it comes to security we are still struggling to evolve from monolithic systems or people oriented architecture. This presentation will be focusing on this landscape and explain how to leverage the quickly evolving MicroProfile JWT specification to secure Microservices and in a fully stateless and scalable manner. We’ll introduce the specification in a quick and no nonsense fashion and move on to several code examples that show how to setup JWT verification and obtain trusted claims via lookup or dependency injection. For our playground, we’ll be using Apache TomEE, fully open source lightweight Java EE server and MicroProfile implementation.
Darkweb + Python: discover, analyze and extract information from hidden servicesJose Manuel Ortega Candel
The talk will start explaining how Tor project can help us to the research and development of tools for online anonymity and privacy of its users while surfing the Internet, by establishing virtual circuits between the different nodes that make up the Tor network. In addition, we will review how Tor works from anonymity point of view, preventing websites from tracking you. Python help us to automate the process to search an discover hidden services thanks to packages like requests,requesocks and sockspy,At this point we will review the crawling process and show tools in python ecosystem available for this task(https://github.com/jmortega/python_dark_web)
These could be the talking points:
-Introduction to Tor project and hidden services
-Discovering hidden services.
-Modules and packages we can use in python for connecting with Tor network
-Tools that allow search hidden services and atomate the crawling process in Tor network
2018 IterateConf Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2018 SDJUG Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2017 JavaOne Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2018 Boulder JUG Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, "I could write this myself."
As a bonus at the end, well peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
2018 jPrime Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, "I could write this myself."
As a bonus at the end, well peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
Athens IoT meetup #7 - Create the Internet of your Things - Laurent Ellerbach...Athens IoT Meetup
Laurent Ellerbach, technical evangelist manager at Microsoft, presentation of the "Internet of (his garden) Things", explaining the technical architecture details and decisions.
How do Things talk? IoT Application Protocols 101Christian Götz
Analysts predict that in 2020 50 billion devices are connected to the internet. Together with the fact that more and more of these "things" are connected over the cellular network, new challenges are introduced to the communication of Internet of Things (IoT) and machine-to-machine (M2M) scenarios. There are a lot of protocols which claim to be ideal for these use cases, for example MQTT and COAP. In this talk you will get an overview of commonly used protocols and their underlying architectural styles. We will also look at advantages/disadvantages, use cases and the eco-system around them for Java developers.
Cilium - Network security for microservicesThomas Graf
Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application containers and services deployed using Linux container management platforms like Docker and Kubernetes.
A new Linux kernel technology called eBPF is at the foundation of Cilium, which enables the dynamic insertion of BPF bytecode into the Linux kernel. Cilium generates eBPF programs for each individual application container to provide networking, security, loadbalancing and visibility.
Solving HTTP Problems with Code and ProtocolsC4Media
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2G8Jngj.
Natasha Rooney goes through the issues in HTTP, how HTTP2 was developed using Google’s SPDY experiment, and the impact of QUIC. Filmed at qconsf.com.
Natasha Rooney is a member of the W3C Advisory Board and the Stack Evolution Group at IETF. She works as a Engineering Director at GSMA.
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architectural impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
LoRa Flue smoke gas monitoring network [2019 - cassini.ginesi.leaschiera]FrancescoCassini
We have made a pre analysis of pollutions problem and we have thought to check smokes and gasses directly in the single flue, record data and visualize on different platform in base at the uses.
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. The presentation also details a competing Amazon-style approach called HTTP Signatures and digs into the architectural differences of all three, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, “I could write this myself.”
2017 dev nexus_deconstructing_rest_securityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. The presentation also details a competing Amazon-style approach called HTTP Signatures and digs into the architectural differences of all three, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, “I could write this myself.”
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architectural impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
GnuPG, popularly knowns as gpg is an alternative to PGP module and mainly used for encryption and decryption of keys while sending mail or data.
This presentation shows various useful gpg commands that you can use in day-to-day life.
2018 Denver JUG Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, "I could write this myself."
As a bonus at the end, well peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
REST API vs gRPC, which one should you use in breaking a monolith [Dev conf 2...Vladimir Dejanovic
You heard of "new thing" called gRPC and promises that it will solve all issues for you, so now you are not sure if you should use it for breaking up your monolith to Microservices. If it is good for Google it should be good for you also right?
On the other hand, you have been using REST API's for some time now, at least as a consumer, so maybe this would be better approach in Microservices waters, or would it?
Which one to chose and which one will fit your use case better?
Join me in this talk were I will try to explain both approaches, good and bad. I will give some points and tips, which will help you in understanding better which one will be better for you. By doing this I will also share some best practices for both approaches
Dublin JUG Stateless Microservice Security via JWT, TomEE and MicroProfileJean-Louis MONTEIRO
Microservices based architecture seems to be the common convergence point in the industry. But when it comes to security we are still struggling to evolve from monolithic systems or people oriented architecture. This presentation will be focusing on this landscape and explain how to leverage the quickly evolving MicroProfile JWT specification to secure Microservices and in a fully stateless and scalable manner. We’ll introduce the specification in a quick and no nonsense fashion and move on to several code examples that show how to setup JWT verification and obtain trusted claims via lookup or dependency injection. For our playground, we’ll be using Apache TomEE, fully open source lightweight Java EE server and MicroProfile implementation.
Darkweb + Python: discover, analyze and extract information from hidden servicesJose Manuel Ortega Candel
The talk will start explaining how Tor project can help us to the research and development of tools for online anonymity and privacy of its users while surfing the Internet, by establishing virtual circuits between the different nodes that make up the Tor network. In addition, we will review how Tor works from anonymity point of view, preventing websites from tracking you. Python help us to automate the process to search an discover hidden services thanks to packages like requests,requesocks and sockspy,At this point we will review the crawling process and show tools in python ecosystem available for this task(https://github.com/jmortega/python_dark_web)
These could be the talking points:
-Introduction to Tor project and hidden services
-Discovering hidden services.
-Modules and packages we can use in python for connecting with Tor network
-Tools that allow search hidden services and atomate the crawling process in Tor network
2018 IterateConf Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2018 SDJUG Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2017 JavaOne Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architecturual impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
2018 Boulder JUG Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, "I could write this myself."
As a bonus at the end, well peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
2018 jPrime Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, "I could write this myself."
As a bonus at the end, well peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
Athens IoT meetup #7 - Create the Internet of your Things - Laurent Ellerbach...Athens IoT Meetup
Laurent Ellerbach, technical evangelist manager at Microsoft, presentation of the "Internet of (his garden) Things", explaining the technical architecture details and decisions.
How do Things talk? IoT Application Protocols 101Christian Götz
Analysts predict that in 2020 50 billion devices are connected to the internet. Together with the fact that more and more of these "things" are connected over the cellular network, new challenges are introduced to the communication of Internet of Things (IoT) and machine-to-machine (M2M) scenarios. There are a lot of protocols which claim to be ideal for these use cases, for example MQTT and COAP. In this talk you will get an overview of commonly used protocols and their underlying architectural styles. We will also look at advantages/disadvantages, use cases and the eco-system around them for Java developers.
Cilium - Network security for microservicesThomas Graf
Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application containers and services deployed using Linux container management platforms like Docker and Kubernetes.
A new Linux kernel technology called eBPF is at the foundation of Cilium, which enables the dynamic insertion of BPF bytecode into the Linux kernel. Cilium generates eBPF programs for each individual application container to provide networking, security, loadbalancing and visibility.
Solving HTTP Problems with Code and ProtocolsC4Media
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2G8Jngj.
Natasha Rooney goes through the issues in HTTP, how HTTP2 was developed using Google’s SPDY experiment, and the impact of QUIC. Filmed at qconsf.com.
Natasha Rooney is a member of the W3C Advisory Board and the Stack Evolution Group at IETF. She works as a Engineering Director at GSMA.
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architectural impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
LoRa Flue smoke gas monitoring network [2019 - cassini.ginesi.leaschiera]FrancescoCassini
We have made a pre analysis of pollutions problem and we have thought to check smokes and gasses directly in the single flue, record data and visualize on different platform in base at the uses.
Cilium - API-aware Networking and Security for Containers based on BPFThomas Graf
Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4 to provide traditional networking and security services as well as Layer 7 to protect and secure use of modern application protocols such as HTTP, gRPC and Kafka. Cilium is integrated into common orchestration frameworks such as Kubernetes and Mesos.
2018 JavaLand Deconstructing and Evolving REST SecurityDavid Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, "I could write this myself."
As a bonus at the end, well peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
MQTT - Communication in the Internet of ThingsChristian Götz
Das Internet der Dinge (IoT) und Maschine-zu-Maschine Kommunikation (M2M) ist momentan in aller Munde. Studien zeigen das es bis 2020 50 Milliarden Geräte sein werden, die über das Internet miteinander kommunizieren und jede Sekunde kommen 80 neue Geräte hinzu. Momentan dominierende Protokolle wie HTTP/REST sind nur bedingt geeignet, um die Anforderungen abzudecken. Herausforderungen sind zum Beispiel das Senden von Nachrichten von einem Gerät zu vielen, Skalierung der Anzahl an Geräte, Push Notifications und Sicherstellung der korrekten Übermittlung. Das Publish/Subscribe-Protokoll MQTT erfüllt diese Anforderungen und wurde für mobile Geräte entwickelt. Es wird beispielsweise von Facebook für den Messenger eingesetzt. Dieser Vortrag gibt eine Einführung in MQTT sowie die Implementierung Eclipse Paho und zeigt anhand von Beispielquellcode und einer Livedemo, welche Probleme man damit lösen kann. - See more at: http://www.developer-week.de/History/2014/Programm/Veranstaltung/(event)/14178#sthash.ioXw2aoi.dpuf
Cilium:: Application-Aware Microservices via BPFCynthia Thomas
Intro to Cilium Microservices Security with Kubernetes Integration
Open Source Cilium website: cilium.io
GH: github.com/cilium/cilium
Join our Slack! cilium.herokuapp.com
Follow us on Twitter!
@ciliumproject
@_techcet_
How Do ‘Things’ Talk? - An Overview of the IoT/M2M Protocol Landscape at IoT ...Christian Götz
Analysts predict that by 2020, 50 billion devices will be connected to the Internet. Together with the fact that more and more of these “things” are connected over cellular networks, new challenges are introduced to the communication of Internet of Things (IoT) and machine-to-machine (M2M) scenarios. There are a lot of protocols which claim to be ideal for these use cases, for example MQTT and CoAP. In this session you will get an overview of commonly used protocols and their underlying architectural styles. We will also look at advantages/disadvantages, use cases and the ecosystem around them.
WebRTC Tutorial by Dean Bubley of Disruptive Analysis & Tim Panton of Westhaw...Dean Bubley
Tutorial on WebRTC technologies, standards, use-cases and business models. First given at the ICIN conference in Venice, October 2013.
By Dean Bubley, analyst at Disruptive Analysis, and Tim Panton, WebRTC developer at Westhawk Ltd
Similar to 2018 Madrid JUG Deconstructing REST Security (20)
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Crescat
Crescat is industry-trusted event management software, built by event professionals for event professionals. Founded in 2017, we have three key products tailored for the live event industry.
Crescat Event for concert promoters and event agencies. Crescat Venue for music venues, conference centers, wedding venues, concert halls and more. And Crescat Festival for festivals, conferences and complex events.
With a wide range of popular features such as event scheduling, shift management, volunteer and crew coordination, artist booking and much more, Crescat is designed for customisation and ease-of-use.
Over 125,000 events have been planned in Crescat and with hundreds of customers of all shapes and sizes, from boutique event agencies through to international concert promoters, Crescat is rigged for success. What's more, we highly value feedback from our users and we are constantly improving our software with updates, new features and improvements.
If you plan events, run a venue or produce festivals and you're looking for ways to make your life easier, then we have a solution for you. Try our software for free or schedule a no-obligation demo with one of our product specialists today at crescat.io
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeAftab Hussain
Understanding variable roles in code has been found to be helpful by students
in learning programming -- could variable roles help deep neural models in
performing coding tasks? We do an exploratory study.
- These are slides of the talk given at InteNSE'23: The 1st International Workshop on Interpretability and Robustness in Neural Software Engineering, co-located with the 45th International Conference on Software Engineering, ICSE 2023, Melbourne Australia
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
53. #RESTSecurity @dblevins @tomitribe
MadridJUG
#RESTSecurity @brunobat_ @tomitribe
Access Token Now
• header (JSON > Base64 URL Encoded)
• describes how the token signature can be checked
• payload (JSON > Base64 URL Encoded)
• Basically a map of whatever you want to put in it
• Some standard entries such as expiration
• signature (Binary > Base64 URL Encoded
• The actual digital signature
• made exclusively by the /oauth2/token endpoint
• If RSA, can be checked by anyone
96. #RESTSecurity @dblevins @tomitribe
MadridJUG
#RESTSecurity @brunobat_ @tomitribe
Where to store the JWTs ?
• Local Storage!
• Some people are using cookies for that...
• Encode it's contents with base64URL
• The refresh token must not be sent in all requests… Unless…
• Update the cookie transparently when the Access Token expires
• You can potentially do cookie revocation.