The document discusses security best practices for online identity, including using globally unique identifiers, hashing passwords with an iterative workload, encrypting data with hybrid encryption using single-use keys, and securely transmitting data over transport layer security. The goal is to establish trust between a service and its users by protecting identity data through secure storage and transmission.
From a presentation I gave to the inaugural meeting of the Hacks & Hackers Ottawa chapter. It's a general survey on data journalism (nee computer-assisted reporting).
Healthy Paranoia: What Keeps Me Up at NightMatt Wurst
With a digital landscape that is constantly changing, social marketers must work with a sense of urgency. This presentation is a summary of what is changing and how to channel our fears to make a positive impact.
How to Protect Your Oracle Database from HackersJeff Kayser
Secure your databases! It's where all the juicy information is, right? You know that, and hackers know that. Securing an Oracle database is journey, and you need to take the first step. Come see how you can protect your Oracle Database from hackers
From a presentation I gave to the inaugural meeting of the Hacks & Hackers Ottawa chapter. It's a general survey on data journalism (nee computer-assisted reporting).
Healthy Paranoia: What Keeps Me Up at NightMatt Wurst
With a digital landscape that is constantly changing, social marketers must work with a sense of urgency. This presentation is a summary of what is changing and how to channel our fears to make a positive impact.
How to Protect Your Oracle Database from HackersJeff Kayser
Secure your databases! It's where all the juicy information is, right? You know that, and hackers know that. Securing an Oracle database is journey, and you need to take the first step. Come see how you can protect your Oracle Database from hackers
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...Kaido Kikkas
Musings on the role of technology, spiced up with lessons from some very different folks (based on Pekka Himanen, Howard Rheingold and J.R.R. Tolkien).
These are the slides from my re:publica talk. You can watch the talk here: http://youtu.be/jM6hP6ERPW8 or skip to the end of this presentation.
On the last weekend of 2013 Marcus was writing a list of things that had really annoyed him during the past 12 months. At the top of the list was Edward Snowden. Confused as to why this might be, he let his mind wander a little and found himself in a managed solutions office in Munich airport. He found himself in a meeting room with a beamer, notepads and a plate of biscuits.
It was 2008 and he’d been given a brief.
Four middle-aged gentlemen in suits enter the room, hands are shook, the door is locked and coffee is served. The senior man in the room repeats the terms of the meeting and then Marcus is asked to begin.
“The Pledge, The Turn, The Prestige – The Snowden Pitch” is a fictional pitch presentation that approaches the NSA as if it were a client with unlimited budget, an image problem within the espionage community and explores Edward Snowden as the protagonist of the biggest worked shoot the world has ever seen.
The talk explores why the NSA would have done this, what they would have to gain and, more importantly, it considers that which we have not yet seen – The Prestige.
Præsentation for PROSA listing some threat and how to reduce risk - open source oyu can reuse slides for your own presentations https://github.com/kramshoej/security-courses
Profile Of The Worlds Top Hackers Webinar Slides 063009Lumension
Data theft and breaches from cybercrime may have cost businesses as much as $1 trillion globally in lost intellectual property and expenditures for repairing damage. The current economic climate combined with new technologies such as Web 2.0 and Cloud Computing have undoubtedly created more opportunities for hackers, criminals, and industrial espionage firms who are targeting critical infrastructures and systems to steal sensitive information. This presentation from the Profile of the World's Top Hackers with Byron Acohido of USA Today, Mafiaboy, and Paul Henry provides critical insight into the inner workings of the cybercrime underground and outlines what businesses can do to protect their vital systems and information.
Meisten Manager und Entwickler bezeichnen Perl als eine gefährliche Programmiersprache, die der Source Code kompliziert und verwirrend macht. So werden für die Projekte "sichere" Sprachen gewählt, die mehr strickt und weniger flexibel sind. Selbstverständlich ist ein Kinderdreirad sicherer als einen Rennwagen, aber es gibt Aufgaben, für die der Zweite wesentlich besser passt.
Perl ist schnell und flexibel. Man muss nur immer bewusst sein, dass Perl gefährlich ist.
In diesem Vortrag werden die Strategien und Methoden vorgestellt, die während mehrjähriger Verwendung von Perl und anderen "gefährlichen" Sprachen gesammelt wurden und die in verschiedenen Projekten geholfen haben, Software schneller zu entwickeln, logische Fehler zu vermeiden, Bugs zu finden und mit unsicheren Kundendaten umzugehen.
Sakai11 Migration Planning: When Paranoia Leads to Successrobin0red
Information on migration planning methods used at the University of California, Santa Cruz as it moved from Blackboard to Sakai.
Migration Strategies and Resources and experiences offered by rSmart.
The first cut of a talk on the R&D process in software development, including taking an invention to patent.
Includes two sets of code examples. One is Forth implemented in a 1980s dialect of Basic.
The other introduces evolutionary prototyping using a hybrid ruby/bash methodology.
Generics, Reflection, and Efficient CollectionsEleanor McHugh
This is a talk about how we structure and collate information so as to effectively process it, the language tools Go provides to help us do this, and the sometimes frustrating tradeoffs we must make when marry the real world with the digital.
We'll start by looking at basic collection types in Go: array, slice, map, and channel. These will then be used as the basis for our own user defined types with methods for processing the collected items.
These methods will then be expanded to take functions as parameters (the higher order functional style popularised by languages such as Ruby) and by using Go's Reflection package we will generalise them for a variety of tasks and uses cases.
Reflection adds an interpreted element to our programs with a resulting performance cost. Careful design can often minimise this cost and it may well amortise to zero on a sufficiently large collection however there is always greater code complexity to manage. When the data to be contained in a user defined collection is homogenous we can reduce much of this complexity by using Generics and our next set of examples will demonstrate this.
At the end of this talk you should have some useful ideas for designing your own collection types in Go as well as a reasonable base from which to explore Reflection, Generics, and the Higher-Order Functional style of programming.
Go for the paranoid network programmer, 3rd editionEleanor McHugh
Draft third edition of my #golang network programming and cryptography talk given to the Belfast Gophers Meetup. Now with an introduction to websockets.
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...Kaido Kikkas
Musings on the role of technology, spiced up with lessons from some very different folks (based on Pekka Himanen, Howard Rheingold and J.R.R. Tolkien).
These are the slides from my re:publica talk. You can watch the talk here: http://youtu.be/jM6hP6ERPW8 or skip to the end of this presentation.
On the last weekend of 2013 Marcus was writing a list of things that had really annoyed him during the past 12 months. At the top of the list was Edward Snowden. Confused as to why this might be, he let his mind wander a little and found himself in a managed solutions office in Munich airport. He found himself in a meeting room with a beamer, notepads and a plate of biscuits.
It was 2008 and he’d been given a brief.
Four middle-aged gentlemen in suits enter the room, hands are shook, the door is locked and coffee is served. The senior man in the room repeats the terms of the meeting and then Marcus is asked to begin.
“The Pledge, The Turn, The Prestige – The Snowden Pitch” is a fictional pitch presentation that approaches the NSA as if it were a client with unlimited budget, an image problem within the espionage community and explores Edward Snowden as the protagonist of the biggest worked shoot the world has ever seen.
The talk explores why the NSA would have done this, what they would have to gain and, more importantly, it considers that which we have not yet seen – The Prestige.
Præsentation for PROSA listing some threat and how to reduce risk - open source oyu can reuse slides for your own presentations https://github.com/kramshoej/security-courses
Profile Of The Worlds Top Hackers Webinar Slides 063009Lumension
Data theft and breaches from cybercrime may have cost businesses as much as $1 trillion globally in lost intellectual property and expenditures for repairing damage. The current economic climate combined with new technologies such as Web 2.0 and Cloud Computing have undoubtedly created more opportunities for hackers, criminals, and industrial espionage firms who are targeting critical infrastructures and systems to steal sensitive information. This presentation from the Profile of the World's Top Hackers with Byron Acohido of USA Today, Mafiaboy, and Paul Henry provides critical insight into the inner workings of the cybercrime underground and outlines what businesses can do to protect their vital systems and information.
Meisten Manager und Entwickler bezeichnen Perl als eine gefährliche Programmiersprache, die der Source Code kompliziert und verwirrend macht. So werden für die Projekte "sichere" Sprachen gewählt, die mehr strickt und weniger flexibel sind. Selbstverständlich ist ein Kinderdreirad sicherer als einen Rennwagen, aber es gibt Aufgaben, für die der Zweite wesentlich besser passt.
Perl ist schnell und flexibel. Man muss nur immer bewusst sein, dass Perl gefährlich ist.
In diesem Vortrag werden die Strategien und Methoden vorgestellt, die während mehrjähriger Verwendung von Perl und anderen "gefährlichen" Sprachen gesammelt wurden und die in verschiedenen Projekten geholfen haben, Software schneller zu entwickeln, logische Fehler zu vermeiden, Bugs zu finden und mit unsicheren Kundendaten umzugehen.
Sakai11 Migration Planning: When Paranoia Leads to Successrobin0red
Information on migration planning methods used at the University of California, Santa Cruz as it moved from Blackboard to Sakai.
Migration Strategies and Resources and experiences offered by rSmart.
The first cut of a talk on the R&D process in software development, including taking an invention to patent.
Includes two sets of code examples. One is Forth implemented in a 1980s dialect of Basic.
The other introduces evolutionary prototyping using a hybrid ruby/bash methodology.
Generics, Reflection, and Efficient CollectionsEleanor McHugh
This is a talk about how we structure and collate information so as to effectively process it, the language tools Go provides to help us do this, and the sometimes frustrating tradeoffs we must make when marry the real world with the digital.
We'll start by looking at basic collection types in Go: array, slice, map, and channel. These will then be used as the basis for our own user defined types with methods for processing the collected items.
These methods will then be expanded to take functions as parameters (the higher order functional style popularised by languages such as Ruby) and by using Go's Reflection package we will generalise them for a variety of tasks and uses cases.
Reflection adds an interpreted element to our programs with a resulting performance cost. Careful design can often minimise this cost and it may well amortise to zero on a sufficiently large collection however there is always greater code complexity to manage. When the data to be contained in a user defined collection is homogenous we can reduce much of this complexity by using Generics and our next set of examples will demonstrate this.
At the end of this talk you should have some useful ideas for designing your own collection types in Go as well as a reasonable base from which to explore Reflection, Generics, and the Higher-Order Functional style of programming.
Go for the paranoid network programmer, 3rd editionEleanor McHugh
Draft third edition of my #golang network programming and cryptography talk given to the Belfast Gophers Meetup. Now with an introduction to websockets.
An introduction to functional programming with goEleanor McHugh
A crash course in functional programming concepts using Go. Heavy on code, light on theory.
You can find the examples at https://github.com/feyeleanor/intro_to_fp_in_go
Implementing virtual machines in go & c 2018 reduxEleanor McHugh
An updated version of my talk on virtual machine cores comparing techniques in C and Go for implementing dispatch loops, stacks & hash maps.
Lots of tested and debugged code is provided as well as references to some useful/interesting books.
Digital Identity talk from Strange Loop 2018 and Build Stuff Lithuania 2018 including walkthrough of the uPass system and the design principles behind it.
Don't Ask, Don't Tell - The Virtues of Privacy By DesignEleanor McHugh
This is a fairly technical overview of the considerations involved in architecting software systems to support privacy. Rather than focus on what the law demands - something which can change across time and jurisdictions - it looks at the real problems we need to solve to know as little about the users of computer systems as possible whilst achieving their needs.
Don't ask, don't tell the virtues of privacy by designEleanor McHugh
A very light intro talk on privacy, identity, and designing with the latter to preserve the former.
Probably makes no sense at all without the audio so if it whet's your appetite dig through my other decks on these topics. Most of those have code in for the more technically minded.
An overview of the uPass digital identity system. Covers the core problem domain and the end-to-end stack from liveness to black-box transaction store. Lots of diagrams, references to all the relevant patent applications and so forth.
An introduction to Go from basics to web through the lens of "Hello World", extracted from the Book "A Go Developer's Notebook" available from http://leanpub.com/GoNotebook
Finding a useful outlet for my many Adventures in goEleanor McHugh
A talk about my Leanpub-published living eBook: A Go Developer's Notebook. Buy my book? Write your own Book using Leanpub? Learn you some Golang for fun?
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Adventures in paranoia with sinatra and sequel
1. ro
ug
cu h
t
adventures in paranoia
with sinatra and sequel
Eleanor McHugh
@feyeleanor
http://github.com/feyeleanor
Thursday, 4 April 2013
2. ro
ug
cu h
t
adventures in paranoia
with sinatra and sequel
Eleanor McHugh
@feyeleanor
http://github.com/feyeleanor
Thursday, 4 April 2013
3. ro
ug
cu h
t
adventures in paranoia
with sinatra and sequel
Eleanor McHugh
@feyeleanor
http://github.com/feyeleanor
Thursday, 4 April 2013
4. ro
ug
cu h
t
caveat lector
think carefully before doing security
Thursday, 4 April 2013
5. I am not a certified security professional
and it's unlikely you are either
what follows is definitely above our pay grade
and presented to provoke further study
so if privacy truly matters to you - and it should
hire a certified security professional
then follow their advice assiduously
http://slides.games-with-brains.net
Thursday, 4 April 2013
6. adventure
Pronunciation: /əәdˈvɛntʃəә/
noun
{mass noun}
an unusual and exciting or daring experience: her recent adventures in Italy
excitement associated with danger or the taking of risks: she travelled the world in
search of adventure
a reckless or potentially hazardous action or enterprise.
archaic a commercial venture.
http://slides.games-with-brains.net
Thursday, 4 April 2013
7. paranoia
Pronunciation: /ˌparəәˈnɔɪəә/
noun
{mass noun}
a mental condition characterized by delusions of persecution, unwarranted jealousy,
or exaggerated self-importance, typically worked into an organized system. It may
be an aspect of chronic personality disorder, of drug abuse, or of a serious condition
such as schizophrenia in which the person loses touch with reality.
unjustified suspicion and mistrust of other people: mild paranoia afflicts all prime
ministers
http://slides.games-with-brains.net
Thursday, 4 April 2013
8. paranoia
Pronunciation: /ˌparəәˈnɔɪəә/
noun
{mass noun}
the perfectly reasonable belief that someone, somewhere is watching your
online behaviour with malicious and/or nefarious intent. It may be a result of
reading a Hacking Exposed or Hacking for Dummies publication, experiencing
the fallout from identity theft, or mixing with cryptographers and cypherpunks.
justified suspicion and mistrust of other people: chronic paranoia afflicts all
information security professionals
http://slides.games-with-brains.net
Thursday, 4 April 2013
9. trust no one
how can we believe our visitors are who they claim to be
http://slides.games-with-brains.net
Thursday, 4 April 2013
10. trust no one
how can visitors be confident we protect their privacy
http://slides.games-with-brains.net
Thursday, 4 April 2013
11. establish a well-known presence
assign globally unique identities
only accept opaque credentials
secure storage wherever identity data rests
secure transport wherever identity data moves
separate authentication and authorisation
http://slides.games-with-brains.net
Thursday, 4 April 2013
12. globally unique identities
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
13. globally unique identities
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
14. high entropy identifiers
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
15. SecureRandom.uuid
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
16. SecureRandom.uuid
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
17. SecureRandom.uuid
hashed passwords
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
18. SecureRandom.uuid
OpenSSL::Digest::SHA512
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
19. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
20. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
21. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
hybrid encryption
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
22. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
23. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
OpenSSL::Cipher::AES
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
24. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
OpenSSL::Cipher::AES
single-use keys
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
25. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
OpenSSL::Cipher::AES
single-use keys
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
33. random_bytes
random_number
urlsafe_base64
uuid
http://slides.games-with-brains.net
Thursday, 4 April 2013
34. require ‘securerandom’
def random_string min = 8, max = 64
length = SecureRandom.random_bytes(max - min)
length = SecureRandom.random_bytes(min + length)
SecureRandom.random_number length
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
35. OpenSSL
the default security toolkit of the internet
http://slides.games-with-brains.net
Thursday, 4 April 2013
36. SHA2
cryptographic hashing algorithm
http://slides.games-with-brains.net
Thursday, 4 April 2013
37. require ‘openssl’
class SHA2
attr_accessor :rounds, :salt
def initialize options = {}
end
def encode value
end
def sign value = nil
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
43. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
44. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
45. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
46. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
47. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
48. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
49. def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
50. def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
51. def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
52. class SHA2
attr_accessor :rounds, :salt
def initialize options = {}
@digest = OpenSSL::Digest::SHA512.new options
@salt = options[:salt] || 'salted'
@rounds = options[:rounds] || 100000
@key = options[:signing_key] || ""
end
def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
53. AES
single-key symmetric encryption
http://slides.games-with-brains.net
Thursday, 4 April 2013
54. require ‘openssl’
class AES
attr_reader :result, :key, :iv
def initialize options = {}
end
def encode data = ""
end
def decode cipher_text = ""
end
def encode_and_pack data
end
def unpack_and_decode cipher_text
end
private
def update data = ""
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
55. def update data = ""
@result = @cipher.update data
@result << @cipher.final
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
56. def update data = ""
@result = @cipher.update data
@result << @cipher.final
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
57. def update data = ""
@result = @cipher.update data
@result << @cipher.final
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
58. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
59. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
60. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
61. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
62. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
63. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
64. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
65. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
66. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
67. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
68. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
69. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
70. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
71. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
72. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
73. def encode_and_pack data
[iv, encode(data)].pack 'mm'
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
74. def encode_and_pack data
[iv, encode(data)].pack 'mm'
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
75. def encode_and_pack data
[iv, encode(data)].pack 'mm'
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
76. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
77. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
78. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
79. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
80. RSA
2-key asymmetric encryption
http://slides.games-with-brains.net
Thursday, 4 April 2013
81. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
82. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
83. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
84. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
85. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
86. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
87. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
88. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
89. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
90. encrypted datastores
encryption-aware tables in Sequel
http://slides.games-with-brains.net
Thursday, 4 April 2013
91. encrypted datastores
(this is not a sequel talk)
http://slides.games-with-brains.net
Thursday, 4 April 2013
92. encrypted datastores
(we're just using it for its friendly DDL)
http://slides.games-with-brains.net
Thursday, 4 April 2013
93. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
94. class Account < Sequel::Model
plugin!:schema
plugin :validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
95. class Account < Sequel::Model
plugin!:schema
plugin :validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
96. class Account < Sequel::Model
plugin!:schema
plugin!:validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
97. class Account < Sequel::Model
plugin!:schema
plugin!:validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
98. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
99. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
100. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
101. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
102. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
103. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index! ! :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
104. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index! ! :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
105. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index! ! :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
106. class Account < Sequel::Model
plugin! :schema
plugin! :validation_helpers
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
107. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
108. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
109. module Model
def self.included mod
mod.plugin!:validation_helpers
mod.plugin!:schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
110. class Account < Sequel::Model
include Model
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
111. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
112. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
113. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
114. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
115. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
116. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
def == entity
self[:id] == entity.id rescue false
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
117. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
def == entity
self[:id] == entity.id rescue false
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
118. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
def == entity
self[:id] == entity.id rescue false
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
119. class Account < Sequel::Model
include Model
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
120. module Model
require 'securerandom'
def generate_id
SecureRandom.uuid
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
121. module Model
require 'securerandom'
def generate_id
SecureRandom.uuid
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
122. module Model
require 'securerandom'
def generate_id
SecureRandom.uuid
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
123. class Account < Sequel::Model
include Model
set_schema do
primary_key! :id, type: :varchar, auto_increment: false, unique: true
String :name
String :retrieval_email
index :id, unique: true
index :name, unique: true
index :retrieval_email, unique: true
end
unrestrict_primary_key
def before_create
generate_id
super
end
def validate
super
validates_unique :id, :name, :retrieval_email
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
124. class Account < Sequel::Model
include Model
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
125. module EncryptedModel
def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
end
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
126. module EncryptedModel
def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
end
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
127. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
128. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
129. field encryption
with encrypted search
http://slides.games-with-brains.net
Thursday, 4 April 2013
130. automatically encrypt on storing
automatically decrypt on retrieval
support equality searches
http://slides.games-with-brains.net
Thursday, 4 April 2013
131. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
132. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
133. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
134. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
135. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
136. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
blob :key, null: true
blob :iv, null: true
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
137. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
blob! ! :key, null: true
blob :iv, null: true
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
138. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
blob! ! :key, null: true
blob! ! :iv, null: true
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
139. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
140. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
141. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
142. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
143. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
144. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
145. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
149. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
150. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
151. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
152. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
153. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013