This document discusses challenges and opportunities for building identity providers (IdPs) as a service using a cloud-of-clouds approach. It outlines how a multi-cloud architecture can increase resilience and trustworthiness compared to single cloud or data center deployments. Experimental evaluations show the multi-cloud approach improves performance and scalability while reducing costs compared to other options. However, technical challenges remain around efficient wide-area networks, interoperability, and privacy across multiple cloud providers.
This talk provides a 2017 updated view on SDN and the broader Network Softwarization trend (e.g., + NFV, P4) aiming and trying to provide a clarifying view on the evolving SDN definitions (beyond a purist view) by explaining the main characteristics of SDN embodiments in 2017+
Software-Defined Networking (SDN): Unleashing the Power of the NetworkRobert Keahey
It goes without saying that cloud computing has dramatically reshaped the information technology services landscape. Virtualization is unleashing the power of commodity-based technology and open source communities are building new applications and services at an astonishing rate, but networking has lagged behind compute and storage in virtualization and automation. We’ve become accustomed to specialized networking silicon, complex operating systems and highly distributed control planes. For the most part, we’ve accepted the model along with its high costs.
All that is changing! New protocols such as OpenFlow are freeing the network control plane from proprietary operating systems and hardware platforms. We are entering a new era where customers control the features – and release schedules – of new, open networking applications that address the needs of the mega-scale world.
A lot of work is required to realize the potential of Software-Defined Networking (SDN), where we can enjoy the benefits derived from “software automating software.” This talk will examine some of the history that led us to the point where current networking architectures are no longer viable for cloud computing at mega-scale. We’ll take a look at the basics of SDN and some of its key elements – OpenFlow, network virtualization, and orchestration – along with some of the initiatives and companies that are setting the stage for the next generation of networking.
DEVNET-1114 Automated Management Using SDN/NFVCisco DevNet
How is the open source community using SDN/NFV to create truly heterogeneous, inter-operable, multi-tenant cloud data centers? We’ll present results from our independent testing of cloud orchestration, middleware, SaaS, and Iaas multi-vendor solutions, including SDN’s inroads to the telecommunication world and how networking influences emerging trends like Docker virtual containers in the cloud.
This talk provides a 2017 updated view on SDN and the broader Network Softwarization trend (e.g., + NFV, P4) aiming and trying to provide a clarifying view on the evolving SDN definitions (beyond a purist view) by explaining the main characteristics of SDN embodiments in 2017+
Software-Defined Networking (SDN): Unleashing the Power of the NetworkRobert Keahey
It goes without saying that cloud computing has dramatically reshaped the information technology services landscape. Virtualization is unleashing the power of commodity-based technology and open source communities are building new applications and services at an astonishing rate, but networking has lagged behind compute and storage in virtualization and automation. We’ve become accustomed to specialized networking silicon, complex operating systems and highly distributed control planes. For the most part, we’ve accepted the model along with its high costs.
All that is changing! New protocols such as OpenFlow are freeing the network control plane from proprietary operating systems and hardware platforms. We are entering a new era where customers control the features – and release schedules – of new, open networking applications that address the needs of the mega-scale world.
A lot of work is required to realize the potential of Software-Defined Networking (SDN), where we can enjoy the benefits derived from “software automating software.” This talk will examine some of the history that led us to the point where current networking architectures are no longer viable for cloud computing at mega-scale. We’ll take a look at the basics of SDN and some of its key elements – OpenFlow, network virtualization, and orchestration – along with some of the initiatives and companies that are setting the stage for the next generation of networking.
DEVNET-1114 Automated Management Using SDN/NFVCisco DevNet
How is the open source community using SDN/NFV to create truly heterogeneous, inter-operable, multi-tenant cloud data centers? We’ll present results from our independent testing of cloud orchestration, middleware, SaaS, and Iaas multi-vendor solutions, including SDN’s inroads to the telecommunication world and how networking influences emerging trends like Docker virtual containers in the cloud.
SDN Basics – What You Need to Know about Software-Defined NetworkingSDxCentral
SDNUniversity™ is our exclusive educational series on software-defined networking (SDN) and network functions virtualization (NFV) designed to help you develop practical, real-world knowledge and skills. Take advantage of this opportunity to learn SDN basics through a free, interactive online training session featuring experts from SDNCentral and Computerlinks.
Software Defined Networking (SDN) Technology BriefZivaro Inc
An overview of Software-Defined Networking (SDN) and the key benefits of moving to a virtualized network, including:
- Improved time to market through automation
- Optimal trafficking with a global view of the network
- Quicker enablement of new services
- Reduced operating costs
- Improved management and visibility
- Simplified operation of network devices
From "Introduction to Software Defined Networking" webinar presented by GTRI CTO Scott Hogg on March 10, 2016. Webinar recording: https://youtu.be/gRXnctYDBjE
Software Defined Networks (SDN) is an evolutionary paradigm that will not only change how the vendors will built their products and technologies, but also change how the organizations are going to consume these capabilities. That said, adoption of these SDN capabilities is very low. Some of them is shaped by the myths and expectations around what SDN can versus cannot do. It is therefore important to understand these adoption challenges and correspondingly use some of the consultative services frameworks to overcome these challenges.
- SDN : Software defined network : Introduction & Basics
- Why we need SDN & Features of SDN
- SDN Role in Data and Forwarding Plane , Control Plane & Management Plane
- SDN Framework & Architecture
- Openflow Architecture
- Need of SDN
Introduction to SDN and Network Programmability - BRKRST-1014 | 2017/Las VegasBruno Teixeira
Jason Davis, Distinguished Services Engineer , Cisco Software-Defined Networking (SDN) is an exciting new approach to network IT Service Management. If you are trying to understand what SDN is and want to understand more about Controllers, APIs, Overlays, OpenFlow and ACI, then this introductory session is for you! We will cover the genesis of SDN, what it is, what it is not, and Cisco's involvement in this space. You may also be wondering what products and services are SDN-enabled and how you can solve your unique business challenges by enhancing and differentiating your services by leveraging network programmability. Cisco's SDN-enabled Products and Services will be explained enabling you to consider your own implementations. Since SDN extends network flexibility and functionality which impacts Network Engineering and Operations teams, we'll also cover the IT Service Management impact. Finally, we'll explore what skills and capabilities are needed to take advantage of SDN and Network Programmability. Network engineers, network operation staff, IT Service Managers, IT personnel managers, and application/compute SMEs will benefit from this session.
SDN Basics – What You Need to Know about Software-Defined NetworkingSDxCentral
SDNUniversity™ is our exclusive educational series on software-defined networking (SDN) and network functions virtualization (NFV) designed to help you develop practical, real-world knowledge and skills. Take advantage of this opportunity to learn SDN basics through a free, interactive online training session featuring experts from SDNCentral and Computerlinks.
Software Defined Networking (SDN) Technology BriefZivaro Inc
An overview of Software-Defined Networking (SDN) and the key benefits of moving to a virtualized network, including:
- Improved time to market through automation
- Optimal trafficking with a global view of the network
- Quicker enablement of new services
- Reduced operating costs
- Improved management and visibility
- Simplified operation of network devices
From "Introduction to Software Defined Networking" webinar presented by GTRI CTO Scott Hogg on March 10, 2016. Webinar recording: https://youtu.be/gRXnctYDBjE
Software Defined Networks (SDN) is an evolutionary paradigm that will not only change how the vendors will built their products and technologies, but also change how the organizations are going to consume these capabilities. That said, adoption of these SDN capabilities is very low. Some of them is shaped by the myths and expectations around what SDN can versus cannot do. It is therefore important to understand these adoption challenges and correspondingly use some of the consultative services frameworks to overcome these challenges.
- SDN : Software defined network : Introduction & Basics
- Why we need SDN & Features of SDN
- SDN Role in Data and Forwarding Plane , Control Plane & Management Plane
- SDN Framework & Architecture
- Openflow Architecture
- Need of SDN
Introduction to SDN and Network Programmability - BRKRST-1014 | 2017/Las VegasBruno Teixeira
Jason Davis, Distinguished Services Engineer , Cisco Software-Defined Networking (SDN) is an exciting new approach to network IT Service Management. If you are trying to understand what SDN is and want to understand more about Controllers, APIs, Overlays, OpenFlow and ACI, then this introductory session is for you! We will cover the genesis of SDN, what it is, what it is not, and Cisco's involvement in this space. You may also be wondering what products and services are SDN-enabled and how you can solve your unique business challenges by enhancing and differentiating your services by leveraging network programmability. Cisco's SDN-enabled Products and Services will be explained enabling you to consider your own implementations. Since SDN extends network flexibility and functionality which impacts Network Engineering and Operations teams, we'll also cover the IT Service Management impact. Finally, we'll explore what skills and capabilities are needed to take advantage of SDN and Network Programmability. Network engineers, network operation staff, IT Service Managers, IT personnel managers, and application/compute SMEs will benefit from this session.
DDoS Mitigation Solution
360° Protection for Your IT Network Resources
Distributed denial of service attacks continues to evolve in scale, complexity, and sophistication: more distributed, high volumetric traffic, and intruding on the application layer.
A successful attack can potentially enhance unwanted costs on your IT setup and infrastructure. More significantly, it can lead to revenue & brand loss and can hurt customer satisfaction.
To combat these attacks from reaching the enterprise network, you need a resilient, scalable, and secure solution.
HaltDos DDoS Mitigation Solution is an artificial intelligence-based IT security solution that automatically detects and accurately mitigates cyber-attacks on websites and IT Networks in real-time. It provides round the clock multi-layered security with combined network behavioral analysis (NBA), heuristic and reputation techniques to automatically detect and accurately mitigate a wide range of network and application layer DDoS attacks without any human intervention with minimal latency.
PLNOG14: Czy można żyć bez systemu ochrony przed atakami DDoS - Marek JanikPROIDEA
Marek Janik - Huawei
Language: Polish
W trakcie sesji postaram sie zaprezentować sposoby ochrony sieci przed atakami DDoS, zarówno ogólno dostępnych, specjalizowanych oraz jako forma usługi od operatora lub dedykowanej firmy. Po prezentacji będzie można samemu ocenić czy „jakieś” i „jakie” rozwiązanie AntiDDoS jest potrzebne ze względu na prowadzona działalność w Internecie.
Zarejestruj się na kolejną edycję PLNOG już dzisiaj: krakow.plnog.pl
How to get along with HATEOAS without letting the bad guys steal your lunch?Graham Charters
How to get along with HATEOAS without letting the bad guys steal your lunch?
It’s a cool idea - decouple the client from the server and let the application tell the client what it can do dynamically. This approach should allow much more flexibility and resilience as the client and server can evolve separately. Unfortunately, the HATEOAS approach can be a free lunch for cybercriminals unless you understand the simple steps needed to secure your design.
The question is - how to achieve the balance of design flexibility and security in practice?
This session will show you how to create a secure hypermedia-driven RESTful web service using HATEOAS principles. You’ll learn how HATEOAS works, understand how it can be exploited by the bad guys and discover why HATEOAS is still a really good approach .
With code and examples this session will leave you more informed and possibly a little wiser.
This presentations highlights the Cisco Security Architecture. For more information Cisco's security products and solutions please visit our website here: http://www.cisco.com/web/CA/products/vpn.html
Virtual Machine Introspection - Future of the CloudTjylen Veselyj
In this presentation I'm talking about feature of VMI technology that are vital for malware analysis, intrusion detection and attack prevention in virtualized environment. This presentation is part of my Ph.D. work and contain summary of VMI state in 2013.
Presentation from the EPRI-Sandia Symposium on Secure and Resilient Microgrids: Securing Microgrids, Substations, and Distributed Autonomous Systems, presented by David Lawrence, Duke Energy Emerging Technology Office, Baltimore, MD, August 29-31, 2016.
Secure Application Development in the Age of Continuous DeliveryTim Mackey
As delivered at LinuxCon and ContainerCon in Berlin 2016.
Traditionally, when datacenter operators talk about application security, they've tended to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques.
The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment of micro-services, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily.
In this session we’ll present:
• How known vulnerabilities can make their way into production deployments
• How deployment of vulnerable code can be minimized
• How to determine the vulnerability status of a container
• How to determine the risk associated with a specific package
As delivered by Tim Mackey, Senior Technical Evangelist - Black Duck Software, at LinuxCon and ContainerCon in Berlin 2016.
Traditionally, when datacenter operators talk about application security, they've tended to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques.
The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment of micro-services, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily.
In this session we’ll present:
• How known vulnerabilities can make their way into production deployments
• How deployment of vulnerable code can be minimized
• How to determine the vulnerability status of a container
• How to determine the risk associated with a specific package
Using hypervisor and container technology to increase datacenter security pos...Black Duck by Synopsys
As presented by Tim Mackey, Senior Technical Evangelist - Black Duck Software, at LinuxCon/ContainerCon 2016:
Cyber threats consistently rank as a high priority for data center operators and their reliability teams. As increasingly sophisticated attacks mount, the risk associated with a zero-day attack is significant. Traditional responses include perimeter monitoring and anti-malware agents. Unfortunately, those techniques introduce performance and management challenges when used at large VM densities, and may not work well with containerized applications.
Fortunately, the Xen Project community has collaborated to create a solution which reduces the potential of success associated with rootkit attack vectors. When combined with recent advancements in processor capabilities, and secure development models for container deployment, it’s possible to both protect against and be proactively alerted to potential zero-day attacks. In this session, we’ll cover models to limit the scope of compromise should an attack be mounted against your infrastructure. Two attack vectors will be illustrated, and we’ll see how it’s possible to be proactively alerted to potential zero-day actions without requiring significant reconfiguration of your datacenter environment.
Technology elements explored include those from Black Duck, Bitdefender, Citrix, Intel and Guardicore.
Similar to Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and opportunities (20)
Towards Secure and Dependable Authentication and Authorization InfrastructuresDiego Kreutz
We propose a resilience architecture for improving the security and dependability of authentication and au- thorization infrastructures, in particular the ones based on RADIUS and OpenID. This architecture employs intrusion- tolerant replication, trusted components and untrusted gate- ways to provide survivable services ensuring compatibility with standard protocols. The architecture was instantiated in two prototypes, one implementing RADIUS and another implementing OpenID. These prototypes were evaluated in fault-free executions, under faults, under attack, and in diverse computing environments. The results show that, beyond being more secure and dependable, our prototypes are capable of achieving the performance requirements of enterprise environ- ments, such as IT infrastructures with more than 400k users.
The dark side of SDN and OpenFlow
Security & Dependability issues, challenges, and research opportunities.
Attack vectors and threats.
Practical security assessment of OpenFlow-enabled networks.
Vulnerabilities of current Network Operating Systems (e.g., Cisco IOS).
Computação em Nuvem: conceitos, tendências e aplicações em Software LivreDiego Kreutz
Computação em Nuvem: conceitos, tendências e aplicações em Software Livre
• Definições
• Tendências
• O papel do Software Livre
• Indústria e mercado
• Desafios
Seminário RNP de Capacitação e Inovação - RNP SCI 2010
Mesa redonda: Serviços de rede: uma visão de futuro (Network services: a future vision)
- serviços
- computação em nuvem
- demandas
- percepções e previsões
SecFutNet project - Secutiry for Future NetworkDiego Kreutz
In this talk I present an overview of SecFuNet project. It is a STREP from EC (European Comission) call FP7-ICT-2011-EU-Brazil targeting the objective Future Internet - security.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
A tale of scale & speed: How the US Navy is enabling software delivery from l...
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and opportunities
1. Identity Providers-as-a-Service built as
Cloud-of-Clouds: challenges and opportunities
Diego Kreutz and Eduardo Feitosa
FedCSIS/SODIS 2014, Warsaw, Poland
3. Common Threats and Challenges
Cyber Crimes/Attacks!
Software Bugs & Vulnerabilities
Logical Failures
3
4. 4
Vulnerabilities and Treats in IdPs
Vulnerability/Support RADIUS OpenID
Tolerates crash faults (e.g., back-end clusters) YES YES
Tolerates arbitrary faults NO NO
Tolerates infrastructure outages NO NO
Tolerates DDoS attacks NO NO
Risk of common vulnerabilities HIGH HIGH
Risk of sensitive data leakage HIGH HIGH
Diverse security-related vulnerabilities YES YES
Susceptible to resource depletion attacks YES YES
6. 6
What can we do about it?
Approach 1: try to fix
everything!?
7. 7
What can we do about it?
Approach 2: increase the
system’s resilience and
trustworthiness
Hybrid system architectures, specialized components, clouds, …
8. 8
Current State of Affairs
Fault
tolerance/resilience
Level
of
trust
C1
C2
C3 C4
C6
C5
9. Goals
9
Develop new hybrid system
architectures.
Use cloud and multi-cloud
environments to increase the
resilience and trustworthiness of
critical systems.
Reduce costs and foster new
business models.
10. Cloud: some benefits
10
Ø Elasticity of resources"
Ø Cost-effectiveness"
§ Reduce CAPEX and OPEX for business"
Ø Efficient and productive tools and systems"
Ø Protection against high scale attacks"
11. Cloud: some challenges
11
Ø Failures: are still high"
Ø Performance"
§ Hard to measure"
§ Not yet enough for HPC apps"
Ø Price models"
§ No standards"
§ No easy way to measure and compare"
Ø Confidentiality & Privacy"
§ Cloud provider has access to your data"
12. Multi-Cloud: some benefits
12
Ø Increasing reliability"
§ Up to three nines"
Ø Lower costs"
Ø No vendor lock-in"
Ø Better privacy and confidentiality"
§ Multi-cloud storage crypto solutions"
Ø Improved performance"
Ø Diversity of attack defenses"
13. Multi-Cloud: challenges
13
Ø Inter-cloud high network latency"
Ø Network performance, reliability and costs"
Ø Privacy and confidentiality"
§ Yet, still easier to solve than in a single cloud"
Ø Deployment and management costs"
§ Different technologies"
§ Diversity of tools"
§ Lack of standardized interoperability"
17. 17
ROpenID Architecture
User
Browser / !
Certificate /
Attributes!
IdP Service
Replicas!
Service Providers
(SPs) / Relying
Parties (RPs)!
IdP Gateways!
Resilient and
Secue IdP!
Secure Authentication!
(confidentiality)!
Alternative Path!
Default Path!
18. Ø Arbitrary faults:
§ Between the
CIS and
gateway
18
Client!
Cx!
CIS!
Cx!
Service!
Sx!
Gateway!
Gx!
Timeout A! Timeout B!
Corrupted response !
from replica Sx!
Corrupted response !
from replica Gx!
Byzantine behavior!
from replica Cx!
ROpenID Fault Detection Mechanisms
Ø Timeouts:"
§ Between client and service"
§ Between service and gateway"
Ø Corrupted messages detection"
§ Between service and client"
§ Between gateway and service"
19. 19
Main Building Blocks
1. Virtual Machines"
2. Trusted Computing Base"
§ e.g. hypervisors"
3. Trusted Components"
§ e.g. smart cards, TPMs, isolated VMs, secured PCs"
4. Replication & Recovery Protocols"
§ e.g. BFT-SMaRt and ITVM"
5. Diversity"
§ e.g. different operating systems"
6. Strong mutual authentication"
§ e.g. EAP-TLS"
20. 20
What is a TC in our model?
A trusted/secure component can be “any” device capable of ensuring !
the data and operation confidentiality of the target system/environment.!
Smart Cards" TPM" Tamper Resistant
a FPGA"
A Highly Secured
(shielded) Computer"
Virtual TPM"
(e.g. vTPM)"
Secure Hypervisor
(e.g. sHyper)"
40. Identity Providers-as-a-Service built as
Cloud-of-Clouds: challenges and opportunities
Diego Kreutz and Eduardo Feitosa
FedCSIS/SODIS 2014, Warsaw, Poland