Talk @ Blockchain Summit Finance / Apr 27th 2017 in Frankfurt
Blockchains – Architekturen Overview and Consensus Models
- Chain / Currency / Consensus / Crypto – how do they work together?
- Why are consistency and consensus in distributed systems so hard?
- How do Proof-of-Work and Proof-of-Stake work?
- Nakamoto Consensus in Decentralized Blockchains and PBFT in Permissioned Blockchains
How to track the location of an Internet of Things (IoT) device on the blockchain and view it in a Google Maps reader application.
This solution features: (Hardware) Particle.io Electron device using C++ programming; (Platform) Provide Platform running on the Ethereum Network using Solidity smart contracts; (Application) Google Maps leveraging the Provide Platform APIs and running on a node.js platform.
Resources:
http://provide.services
http://particle.io
https://cloud.google.com/maps-platform/
For a video overview of the detailed solution:
https://youtu.be/TTroWlQCwZc
Talk @ Blockchain Summit Finance / Apr 27th 2017 in Frankfurt
Blockchains – Architekturen Overview and Consensus Models
- Chain / Currency / Consensus / Crypto – how do they work together?
- Why are consistency and consensus in distributed systems so hard?
- How do Proof-of-Work and Proof-of-Stake work?
- Nakamoto Consensus in Decentralized Blockchains and PBFT in Permissioned Blockchains
How to track the location of an Internet of Things (IoT) device on the blockchain and view it in a Google Maps reader application.
This solution features: (Hardware) Particle.io Electron device using C++ programming; (Platform) Provide Platform running on the Ethereum Network using Solidity smart contracts; (Application) Google Maps leveraging the Provide Platform APIs and running on a node.js platform.
Resources:
http://provide.services
http://particle.io
https://cloud.google.com/maps-platform/
For a video overview of the detailed solution:
https://youtu.be/TTroWlQCwZc
1) What does it mean to be secure?
2) What are trying to protect?
3) Who are the attackers?
4) Physical access
5) Secure boot techniques
6) Encryption, certificates, code signing, and digital signatures
7) Characteristics of a secure system
8) Stes to secure the data center, border gateway, and the edge devices
Topics of this presentation:
- Fundamental concepts and principles.
- General architecture guidance.
- IoT applications component design.
- Cross-cutting issues.
This presentation by Andrii Antilikatorov (Consultant, Engineering, GlobalLogic) was delivered at GlobalLogic Kharkiv .NET TechTalk #1 on May 24, 2019.
Blockchain technology is being touted as the Next Big Thing, seemingly capable of great feats of strength and perhaps even curing the common cold. But what exactly is it and how could it contribute to a security program? This session will describe how blockchain works, define its value proposition, and identify specific use cases where blockchain makes sense and some where it doesn't. Along the way, we will discuss similar capabilities and technologies that accomplish the objectives.
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoKaleido
Easily Deploy Your dApps with the Truffle Development Framework on a Kaleido Private Chain.
The goal for the Truffle Suite: A world-class development environment, testing framework and asset pipeline for blockchains using the Ethereum Virtual Machine (EVM), aiming to make life as a developer easier.
About Kaleido: The Kaleido Blockchain Business Cloud is the only full-stack platform for building and running cross-cloud, hybrid enterprise ecosystems.
Getting Started in Blockchain Security and Smart Contract AuditingBeau Bullock
Why is blockchain security important?
Blockchain usage has exploded since the Bitcoin whitepaper was first published in 2008. Many applications rely on this technology for increased trust and privacy, where they would otherwise be absent from a centralized system.
The ecosystem surrounding blockchain technology is large, complex, and has many moving pieces. Exchanges exist where users can transact various cryptocurrencies, NFTs, and tokens. Smart contracts can be written to programmatically apply behavior to blockchain transactions. Decentralized Finance (DeFi) markets exist where users can swap tokens without needing to sign up for an account.
All of these pieces are prone to vulnerabilities, and with blockchain being at the forefront of emerging technology new issues are being found daily.
In this Black Hills Information Security (BHIS) webcast, we'll use case studies about recent blockchain hacks to introduce the underlying issues that occur in writing/engineering smart contracts that have ultimately lead to the loss of millions of dollars to attackers.
Presentation from Grace Hopper Celebration 2016. Topic: Blockchain and Internet of Things (IoT) in the IBM Bluemix platform includes Demo. Speakers: Valerie Lampkin, Sumabala Nair and Carole Corley
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE
How to Debug IoT Agents Webinar - 17th April 2019
Corresponding webinar recording: https://youtu.be/FRqJsywi9e8
Chapter: IoT Agents
Difficulty: 3
Audience: Any Technical
Presenter: Jason Fox (Senior Technical Evangelist, FIWARE Foundation)
How to debug IoT Agents - investigating what goes wrong and how to fix it.
Azure IoT Hub is a PaaS scalable and multi-tenant platform that allows developers to easely build features like device registration, secure bidirectional communication between their core platform and their devices in the field, and at the same time be the hub for all the massive amount of data being generated by all those sensors that needs to be processed and stored, and with all that has become a core piece of a IoT solution that you want to build. On this session you will get to know the Azure IoT hub pretty well, getting introduced to the main features and seeing it in action and how fast you can deploy a solution with it and take the most out of Azure and your sensors to start making the most out of those sensors and their data.
Shared on 5th Dec at SGInnovate with Swirlds Mance Harmon, Jordan Fried and Edgar Seah.
Hashgraph consensus, demo apps in Swirlds Java SDK, babble (unofficial golang implementation of Hashgraph) and their implications for distributed ledger technology.
Ethereum Devcon1 Report (summary writing)Tomoaki Sato
Ethereum devcon1 in London, 27th November By Tomoaki Sato I have been to the conference, so I wrote this summary and doing presentation in Japan. The meetup name is "Smart Contract Japan". Some of the presentations are missing, or added.
Please refer these official sources also
Devcon
http://devcon.ethereum.org/
Devcon1 youtube presentations
https://www.youtube.com/user/ethereumproject
Devcon1 slides on reddit
https://www.reddit.com/r/ethereum/comments/3soym7/devcon_1_slides/
1) What does it mean to be secure?
2) What are trying to protect?
3) Who are the attackers?
4) Physical access
5) Secure boot techniques
6) Encryption, certificates, code signing, and digital signatures
7) Characteristics of a secure system
8) Stes to secure the data center, border gateway, and the edge devices
Topics of this presentation:
- Fundamental concepts and principles.
- General architecture guidance.
- IoT applications component design.
- Cross-cutting issues.
This presentation by Andrii Antilikatorov (Consultant, Engineering, GlobalLogic) was delivered at GlobalLogic Kharkiv .NET TechTalk #1 on May 24, 2019.
Blockchain technology is being touted as the Next Big Thing, seemingly capable of great feats of strength and perhaps even curing the common cold. But what exactly is it and how could it contribute to a security program? This session will describe how blockchain works, define its value proposition, and identify specific use cases where blockchain makes sense and some where it doesn't. Along the way, we will discuss similar capabilities and technologies that accomplish the objectives.
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoKaleido
Easily Deploy Your dApps with the Truffle Development Framework on a Kaleido Private Chain.
The goal for the Truffle Suite: A world-class development environment, testing framework and asset pipeline for blockchains using the Ethereum Virtual Machine (EVM), aiming to make life as a developer easier.
About Kaleido: The Kaleido Blockchain Business Cloud is the only full-stack platform for building and running cross-cloud, hybrid enterprise ecosystems.
Getting Started in Blockchain Security and Smart Contract AuditingBeau Bullock
Why is blockchain security important?
Blockchain usage has exploded since the Bitcoin whitepaper was first published in 2008. Many applications rely on this technology for increased trust and privacy, where they would otherwise be absent from a centralized system.
The ecosystem surrounding blockchain technology is large, complex, and has many moving pieces. Exchanges exist where users can transact various cryptocurrencies, NFTs, and tokens. Smart contracts can be written to programmatically apply behavior to blockchain transactions. Decentralized Finance (DeFi) markets exist where users can swap tokens without needing to sign up for an account.
All of these pieces are prone to vulnerabilities, and with blockchain being at the forefront of emerging technology new issues are being found daily.
In this Black Hills Information Security (BHIS) webcast, we'll use case studies about recent blockchain hacks to introduce the underlying issues that occur in writing/engineering smart contracts that have ultimately lead to the loss of millions of dollars to attackers.
Presentation from Grace Hopper Celebration 2016. Topic: Blockchain and Internet of Things (IoT) in the IBM Bluemix platform includes Demo. Speakers: Valerie Lampkin, Sumabala Nair and Carole Corley
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE
How to Debug IoT Agents Webinar - 17th April 2019
Corresponding webinar recording: https://youtu.be/FRqJsywi9e8
Chapter: IoT Agents
Difficulty: 3
Audience: Any Technical
Presenter: Jason Fox (Senior Technical Evangelist, FIWARE Foundation)
How to debug IoT Agents - investigating what goes wrong and how to fix it.
Azure IoT Hub is a PaaS scalable and multi-tenant platform that allows developers to easely build features like device registration, secure bidirectional communication between their core platform and their devices in the field, and at the same time be the hub for all the massive amount of data being generated by all those sensors that needs to be processed and stored, and with all that has become a core piece of a IoT solution that you want to build. On this session you will get to know the Azure IoT hub pretty well, getting introduced to the main features and seeing it in action and how fast you can deploy a solution with it and take the most out of Azure and your sensors to start making the most out of those sensors and their data.
Shared on 5th Dec at SGInnovate with Swirlds Mance Harmon, Jordan Fried and Edgar Seah.
Hashgraph consensus, demo apps in Swirlds Java SDK, babble (unofficial golang implementation of Hashgraph) and their implications for distributed ledger technology.
Ethereum Devcon1 Report (summary writing)Tomoaki Sato
Ethereum devcon1 in London, 27th November By Tomoaki Sato I have been to the conference, so I wrote this summary and doing presentation in Japan. The meetup name is "Smart Contract Japan". Some of the presentations are missing, or added.
Please refer these official sources also
Devcon
http://devcon.ethereum.org/
Devcon1 youtube presentations
https://www.youtube.com/user/ethereumproject
Devcon1 slides on reddit
https://www.reddit.com/r/ethereum/comments/3soym7/devcon_1_slides/
BlockChain basics for the non-technical banker covering what's happening, what the opportunities are, and the problems we all face. Covers BitCoin and Ethereum with brief mentions made of Ripple and the HyperLedger project.
A free-flowing, non-technical guide to NFTs.
The guide starts with blockchain basics and gradually builds to explain NFT use cases in the metaverse and how brands are using NFTs to engage with customers.
A lot of resources are added towards the end to let the reader continue her journey in the web3.
Censorship resistance is a requirement for building a safer future with #AI. In the presentation from our meetup in Zug (Jul 2018) we are explaining why it is so and how Pandora Boxchain team develops such technology.
Sing up on the future meetups on http://meetu.ps/e/Fwg7Z/jKDhn/a and #FreeAI!
Slidedeck used during the Azure UG meetup in Singapore on 17th May 2019. Demonstrates Blockchain Application Use case and Architecture in Enterprise Application. We also cover-up Permission Block chain Hyper-ledger Fabric Architecture and Setup Consortium Network on Microsoft Azure .
Bitcoin has been a hot topic in the technology industry since its boom in 2017. The underlying technology of bitcoin is the blockchain that has impressed many of the onlookers due to its transparency and usability in this globalized world. In cryptocurrencies, a ledger is operated which contains all the data regarding the transactions and contracts that are to be executed. These ledgers are maintained on multiple nodes around the world. Every node has to maintain a full copy of the ledger which currently is 15 GB for bitcoin. As more and more transactions are carried on the blockchain, this approach becomes slow. Scaling is the only solution to counter this problem, that's where the sharding technology comes into play. In sharding, rather than each node maintaining the full ledger, the ledger is divided or sharded into multiple fragments. So, in short, each node consists of a small part of the ledger rather than the whole ledger which is easy to maintain and in turn helps in scaling the blockchain. So rather than a full blockchain, we have shard chains that consist of multiple node or validator networks which are then assigned multiple tasks like verifying transactions or operations.
This presentation is about blockchain.
When Thomas Edison invented the electric lamp in 1879, he did not make a market analysis. The market did not have an identified need for a lamp but for light. This is a kind of disruptive original ideas.
Satoshi Nakamoto (a person or a group) did not do a market analysis neither . The blockchain was born after the financial crisis of 2008 as people lost trust in banks.
Satoshi Nakamoto introduced a new model of trust based on cryptographic proof in a decentralised & distributed ledger.
What is bloackchain technology ? Why blockchain is disruptive? And what are the main blockchain technologies ?
The main things you need to know about blockchain:
+ What Is A Blockchain. Theory
+ Ordering Facts
+ Blocks
+ Mining
+ Money and Cryptocurrencies
+ Contracts
Innovation im Spannungsfeld des „Weg-Von“ und dem „Hin-Zu“ - 19/11/2019Lothar Wieske
Vor einigen Jahren hatte in Deutschland ein richtiger Silicon-Valley Tourismus seinen Einzug gehalten. Reihenweise zogen erweitere Vorstandsteams ins Tal der Täler um Ideen auf- und abzusaugen, wie man das eigene Unternehmen als deutsches Google aufstellen oder gar einen der großen Digital-Vorbilder direkt Konkurrenz machen könne.
Ernüchterung machte sich breit. Zuviel des “Hin-Zu” und zuwenig eines “Weg-Von”. Mit einfachem Nachahmen ist Digitalisierung nicht zu meistern und die vollkommen andere Genese von bspw. Facebook, Stanford und Valley läßt sich nicht so einfach wegabstrahieren. Aus der praktischen Erfahrung in verschiedenen Szenarien leitet der Vortrag eine Synthese der Arbeiten von Elisabeth Kübler-Ross zu Trauerphasen und von Frederic Laloux zu Kulturskripten her. Damit können neben dem Aufstellen der technologischen Roadmaps auch verzahnte weichere Themen des – unternehmerischen und gesellschaftlichen – Wandels verstanden, eingeordnet und gestaltet werden.
Digital, disruptiv, Industrie 4.0 und IoT … eigentlich mag man es gar nicht mehr hören. Rauf und runter wetteifern die Medien mit immer neuen reißerischen Titeln: „Wir verschlafen die Entwicklung“, „Wir verspielen den Standort“. So oder so ähnlich klingen die Kassandrarufe. Vielleicht führt aber eher der Schwall an Bezeichnungen und die Unschärfe ihrer Verwendung zur Abstumpfung potenzieller Empfänger. Deswegen will
dieser Artikel das begriffliche Gerüst etwas ordnen.
Denn die Digitale Disruption ist da.
Sie wächst, dringt immer weiter vor und beschleunigt unser aller Leben.
Cloud Computing erobert längst die Herzen und Budgets von Managern und IT-Bereichen. Kommt da wirklich etwas Neues, oder etikettieren wir nur wieder einmal Produkte und Initiativen um? Ist Cloud Computing mehr als nur die Verlängerung der Innovationen rund um Virtualisierung, Standardisierung und Automatisierung? Wir lernen in diesem Artikel die Architekturklassen ACID und BASE zu unterscheiden, warum und wie uns das CAP-Theorem als Architekten eindeutige Entscheidungen abverlangt und schauen in die Wiege des Cloud Computings sowie hinter die Kulissen großer Websites wie Amazon und Google.
Elastic Compute Cloud: Darf es noch ein Server mehr sein?Lothar Wieske
Die Elastic Compute Cloud (EC2) von Amazon erlaubt die Nutzung von Compute/Network/Storage ferngesteuert über Web Services. Wir werden vertiefen, wie die Steuerung von EC2 über Web Services und über die Kommandozeile funktioniert. In einer Application Tier werden wir Tomcat-Instanzen hinter einem Load Balancer anlegen und die Zahl der Instanzen automatisch an die Last anpassen (Auto Scaling und Elastic Load Balancing). Und als Database Tier werden wir eine Oracle-Datenbank und einen Relational Database Service (Automatisiertes Backup- und Patch-Management) aufsetzen.
Amazon Web Services: Flaggschiff des Cloud ComputingsLothar Wieske
Die Public Cloud von Amazon segelt als Flaggschiff des Cloud Computings voran und nimmt immer mehr Passagiere an Bord. Infrastructure-as-a-Service mit Amazon Web Services – wie funktioniert das eigentlich und wie bediene ich die Elastic Compute Cloud, den Simple Storage Service und die CloudFront? Wir stellen die zugrunde liegenden Konzepte vor und veranschaulichen sie an Beispielen zum Nachmachen. Wir werden Server in EC2 starten, Objekte in S3 ablegen und eine Website mit CloudFront weltweit ausrollen – dafür benötigen wir einen Browser. Es kostet uns ungefähr eine Stunde Zeit und etwa einen Euro.
The technology radar screens actual and emerging elements of modern cloud architectures among them containers and microservices as well as lambda architecture and mean stack.
Cassandra – die NoSQL-Datenbank für große Mengen und schnelle ZugriffeLothar Wieske
Cloud Computing stellt höchste Anforderungen an Dateisysteme und Datenbanken. Mit Klassikern wie dem Google Bigtable und Amazon Dynamo haben die Pioniere neue Architekturkonzepte hervorgebracht. Apache Cassandra (Facebook) ist ein Beispiel für eine verteilte, skalierbare, performante und schemafreie Datenbank mit Eventual Consistency. Cassandra hebt ein Bigtable-Datenmodell auf eine DynamoPlattform, d. h. Cassandra bietet einen strukturierten Speicher für Schlüssel/Werte-Zuordnungen mit Eventual Consistency. Cassandra ist in Java implementiert und lädt zum Experimentieren ein.
Dateisysteme und Datenbanken im Cloud ComputingLothar Wieske
Cloud Computing transformiert die Informationstechnik. Die Konzepte zum Storage fallen bei den Anbietern von Infrastructure-as-a-Service und Platform-as-a-Service einstweilen noch recht unterschiedlich aus. Ein Überblick über Blob, Block, Queue und Table Storage stellt die Möglichkeiten vor. In Minutenschnelle zur relationalen Datenbank mit automatischem Backup- und Patch-Management? Auch dazu gibt es einen Einstieg. Die Erläuterungen des theoretischen Hintergrunds des CAP-Theorems und der praktischen Nutzung von Eventual Consistency machen Sie fit, sich mit Amazon Dynamo, Google Bigtable und Apache Cassandra zu beschäftigen.
Vom Utility Computing zum Cloud ComputingLothar Wieske
Virtualisierung, Standardisierung und Automation waren und sind die Treiber für Utility Computing; beim Cloud Computing kommen Simplification, Commoditization und Federation dazu. Wer Cloud Computing erfolgreich betreiben und benutzen will, muss sich viel stärker mit den Geschäftsmodellen und ihren technischen und wirtschaftlichen Zusammenhängen beschäftigen. Zunächst werden Beispiele für Amazon und Salesforce vorgestellt. Abschließend werden Ideen und Konzepte von Public Clouds und Private Clouds abgeglichen insbesondere mit Blick auf Commodity Clouds und Enterprise Clouds.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
3. SMAC
...
Augmented Reality
Blockchain
Internet of Things
...
...
Artificial Intelligence
Cognitive Services
Deep Learning
...
Business >>> Customer
Pipeline >>> Platform
https://www.flickr.com/photos/n28307/11724219854/
4.
5. Rise of Digital Platforms Over The Last 10 Years
Oil Barrons Stepped Down - Silicon Kids Moved Up
https://github.com/lwieske/digital-pipelines2platforms
6. At current churn rate,
75% of the S&P 500
will be replaced by 2027.
https://www.innosight.com/insight/corporate-longevity-turbulence-ahead-for-large-organizations/
https://www.flickr.com/photos/justinwkern/6328287672/
12. UTXO = Unspent Transaction Outputs
As accounts have an all-or-nothing behaviour, the Bitcoin
blockchain does not store the Ledger. It just keeps a list of
UTXOs as pointers into the journal to keep all information.
Bitcoin Blockchain
LedgerJournalTransaction
Blockchain
15. HashPrevBlock is the SHA256 hash of the previous block.
• Immutes all the historical blocks.
MerkleRoot is the merkle root over the transaction list.
• Immutes the current transaction list.
HashPrevBlock MerkleRoot
................................
................................
Block Header
Bitcoin Blockchain - Immultability
17. A merkle tree in general hashes elements in a list (leaves) and paires and
hashes results until a merkle root remains.
A merkle tree gives granularity in transaction validation; lite clients can
validate entire blocks, transaction groups, or just single transactions with
partial merkle branches only.
#1 #2 #3 #4 #5 #6 #7 #8
78#56#34#12
#1234 #5678
#12345678
tx1 tx2 tx3 tx4 tx5 tx6 tx7 tx8
Bitcoin Blockchain - Immultability
22. Bitcoin Blockchain - Authorization
Bitcoin Curve over a very small prime number - ist GF(43).
Private Key is an arbitrary number between zero and the order of the Abelian Group.
Public Key results from repeated (#=Private Key) addition of the Generator to itself.
ECDSA starts with that construction ...
https://github.com/lwieske/blocktech-ecdsa/blob/master/ecdsa.ipynb
24. Byzantine Agreement
(single source has an initial value)
Agreement: All non-faulty processes must agree on the same value.
Consensus Problem
(all processes have an initial value)
Agreement: All non-faulty processes must agree on the same (single) value.
These problems are equivalent to one another!
Bitcoin Blockchain - Consensus
25. FLP 1985
Impossibility of Distributed Consensus with One FaultyProcess
Fischer & Lynch & Paterson, JACM 1985
The consensus problem involves an asynchronous system
of processes, some of which may beunreliable. The problem
is for the reliable processes to agree on a binary value.
In this paper, it is shown that every protocol for this problem has the
possibility of nontermination, even with only one faulty process.
By way of contrast, solutions are known for the synchronous case, the
“Byzantine Generals”problem.
Bitcoin Blockchain - Consensus
26. PBFT 1999
Practical Byzantine Fault Tolerance
Castro & Liskov, OSDI 1999
This paper presents a new, practical algorithm for
state machine replication that tolerates Byzantine faults.
The algorithm offers both liveness and safetyprovided at most
out of a total of replicas are simultaneously faulty.
The algorithm works in asynchronous systems like the Internet and it
incorporates important optimizations that enable it to perform efficiently
Bitcoin Blockchain - Consensus
27. Nakamoto Consensus 2008
Bitcoin: A Peer-to-Peer Electronic Cash System
Satoshi Nakamoto, 2008
... The network timestamps transactions by hashing them into an
ongoing chain of hash-based proof-of-work, forming a record that
cannot be changed without redoing the proof-of-work. The longest
chain not only serves as proof ... that it came from the largest pool
of CPU power. As long as a majority of CPU power is controlled
by nodes that are not cooperating to attack the network, they'll
generate the longest chain and outpace attackers.
Bitcoin Blockchain - Consensus
29. Difficulty demands leading zeros in the block header hash.
Nonce has to be guessed to achieve that.
This guessing is compute intensiv, so it is a proof of work.
Difficulty Nonce
................................
................................
Block Header
Bitcoin Blockchain - Consensus
30. Sometimes several miners come with competing new blocks.
There are rules to direct the race towards the longest chain.
Finally, proof of work inhibits double spending of (U)TXOs.
Difficulty Nonce
................................
................................
Block Header
Bitcoin Blockchain - Consensus
46. Hyperledger Fabric is a platform for distributed ledger
solutions, underpinned by a modular architecture
delivering high degrees of confidentiality, resiliency,
flexibility and scalability. It is designed to support
pluggable implementations of different components, and
accommodate the complexity and intricacies that exist
across the economic ecosystem.
Hyperledger Fabric delivers a uniquely elastic and
extensible architecture, distinguishing it from alternative
blockchain solutions.
Hyperledger
50. https://www.flickr.com/photos/hiltibold/6978014677/
A smart contract is a computerized transaction protocol
that executes the terms of a contract. The general
objectives of smart contract design are to satisfy
common contractual conditions (such as payment terms,
liens, confidentiality, and even enforcement), minimize
exceptions both malicious and accidental, and minimize
the need for trusted intermediaries. Related economic
goals include lowering fraud loss, arbitration and
enforcement costs, and other transaction costs
Nick Szabo, 1994
51. Whisper
(Network)
Swarm
(Storage)
Engine
(Compute)
Ethereum Virtual Machine
Ethereum allows users to create their own operations (not just predefined
bitcoin transactions). This way, it serves as platform and protocol for
decentralized blockchain applications – not only for cryptocurrencies.
At the heart of Ethereum is the Ethereum Virtual Machine (EVM), an
infrastructure (compute, network, storage) that executes code of arbitrary
algorithmic complexity called Smart Contracts.
Developers can create applications that run on the EVM using friendly
programming languages modelled on existing languages like JavaScript
and Python.
52. Whisper
(Network)
Swarm
(Storage)
Engine
(Compute)
Normal Accounts Contract AccountsGas
ChainState
Ethereum Virtual Machine + Smart Contracts
Ether is the fuel for operating the Ethereum platform. It is a payment to the
machines executing the requested smart contract operations on the EVM.
The total supply of ether and its rate of issuance was decided by the
donations gathered on the 2014 presale. The results were roughly: 60
million ether created to contributors of the presale and 12 Million (20% of
the above) were created to the development fund. 5 ethers are created
every block (roughly 15-17 seconds) to the miner of the block and 2-3
ethers are sometimes sent to another miner if they were also able to find a
solution but his block wasn't included (called uncle/aunt reward).
65. Brooklyn Microgrid
Brooklyn is known the world over for things small-batch and local, like
designer clogs, craft bourbon and artisanal sauerkraut.
In a promising experiment in an affluent swath of the borough, dozens of
solar-panel arrays spread across rowhouse rooftops are wired into a
growing network. Called the Brooklyn Microgrid, the project is signing up
residents and businesses to a virtual trading platform that will allow solar-
energy producers to sell excess-electricity credits from their systems to
buyers in the group, who may live as close as next door.
66. slock.it - The Universal Sharing Network: Rent, Sell or Share Anything
With Slock.it, Airbnb apartments become fully automated, smart objects
can be rented on demand and unused vehicles get a new lease on life.
72. https://www.flickr.com/photos/intherough/3253349104/
Blockchains drive business and technology.
Bitcoin‘s Proof-of-Work scales to 1000s of nodes.
Etherum plans to adopt Proof-of-Stake very soon.
Hyperledger partitions into endorsing and validating nodes.
Smart Contracts/Chaincodes enable programmable values.
Blockchains transforms the Internet-of-Things into an Internet-of-Value.