The document discusses the concept of intent-based networking where the intent or desired configuration of an application is defined separately from the infrastructure policies and operational policies. It describes how intent can be expressed in terms of endpoint groups, contracts between groups, and forwarding models to automate the configuration of networking and security components based on the application intent. Key aspects covered include separation of duties between infrastructure, tenant intent, and operational policies, and how access and forwarding models can be defined through relationships between network containers and contexts.
Developing Bullet-Proof Payment Applications for Mobile and Consumer Electron...PayPalX Developer Network
This session covers the technical approach to embedding payment functionality in applications. Attendees should be somewhat familiar with PayPal payment flows, knowledgeable about security risks, and aware of secure application development practices and methodologies.
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computingijtsrd
Autonomic cloud emerge as a result of emerging four properties of autonomic computing in cloud that are self-healing, self-monitoring, self-repairing and self-optimization We have defined a methodology to improve the security in cloud computing and also defined a methodology that can ensure the autonomic management in autonomic cloud computing We have selected 1 of the 7 properties of the autonomic cloud computing that is autonomic management Our main focus is on the security enhancement and avoidance of cloud intrusion in autonomic cloud computing Bilal Hussain CH "Cloud Intrusion and Autonomic Management in Autonomic Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-6 , October 2018, URL: http://www.ijtsrd.com/papers/ijtsrd18378.pdf
The basics of cloud computing , Everything as a service, cloud broker, Importance of Telco in cloud computing and more.
Download it here
https://youtu.be/ohK8Nd8Jq_o
The missing piece : when Docker networking and services finally unleashes so...Adrien Blind
Docker now provides several building blocks, combining engine, clustering, and componentization, while the new networking and service features enable many new usecases such as multi-tenancy. In this session, you will first discover the new experimental networking and service features expected soon, and then drift rapidly to software architecture, explaining how a complete Docker stack unleashes microservices paradigms.
The first part of the talk will introduce what SDNs and service registries are to the audience and will cover corresponding network & service experimental features of docker accordingly, with a technical focus. For instance, it explains how to create an overlay network of top of a swarm cluster or how to publish services.
The second part of the talk moves from infrastructure to application concerns, explaining that application architecture paradigms are shifting. In particular, we discuss the growing porosity of companies’s IS (especially due to massive use of cloud services) drifting security boundaries from the global IS perimeter, to the application shape. We also remind that traditional SOA patterns leveraging on buses (ie. ESBs & ETLs) are being replaced by microservices promoting more direct, full-mesh, interactions. To get the picture really complete, we’ll also rapidely remind other trends and shifts which are already covered by other docker components: scalability & resiliency to be supported by the apps themselves, fine-grained applications, or even infrastructure commoditization…
Most of all, the last part depicts a concrete, state-of-the-art application, applying all the properties discussed previously, and leveraging on a multi-tenant docker full stack using new networking and services features, in addition to traditional swarm, compose, and engine components. And just because we say it doesn’t mean it’s true, we’ll be happy to demonstrate this live !
Whilst the web modifications our existence cloud of things may alter our existence Again-This new technology cloud of things Rising
the next engineering that change the idea from love issues and use individuals to enjoy people and use issues, crib tech handle both
humanity issue in health and power, assisting aged and disabled people and retains the guarantee of repairing the centuryaged
individual issues of poverty, illness, assault, and bad management. A genuine achievement comes whenever you assist others achieve
success chief is created by commanders not fans. A genuine achievement is available in event in Japan-America-Europe but
additionally in not just of common ownership of the new technology. Our concept to all-is common ownership of cloud of things.
Technology and Africa to be always a primary stage within this common ownership to repair Africa issues in poverty, illness, assault,
and bad management and we have to alter Africa from ICT customer to ICT maker and head ASDF Africa a forward thinking
Affiliation using the perspective of shifting Africa from being truly a passive customer to some prominent head and person of
electronic systems like cloud of things. With the purpose of linking the electronic space between Africa and also the remaining globe.
http://globecom2015.ieee-globecom.org/content/industry-posters
http://www.google.com.eg/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&ved=0ahUKEwipqL-QjafMAhXL2hoKHUcJAD0QFgg0MAU&url=http%3A%2F%2Fworkspace.unpan.org%2Fsites%2Finternet%2FDocuments%2FUNPAN95410.pdf&usg=AFQjCNGEbD5i1bU8Az6766mhvL7n3r6huQ&sig2=d1_ALN8cwE4oZ56E3Vm7Fw
http://www.ipoareview.org/wp-content/uploads/2016/05/Statement-by-Dr.Assem-Abdel-Hamied-Mousa-President-of-the-Association-of-Scientists-Developers-and-FacultiesASDF.pdf
Developing Bullet-Proof Payment Applications for Mobile and Consumer Electron...PayPalX Developer Network
This session covers the technical approach to embedding payment functionality in applications. Attendees should be somewhat familiar with PayPal payment flows, knowledgeable about security risks, and aware of secure application development practices and methodologies.
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computingijtsrd
Autonomic cloud emerge as a result of emerging four properties of autonomic computing in cloud that are self-healing, self-monitoring, self-repairing and self-optimization We have defined a methodology to improve the security in cloud computing and also defined a methodology that can ensure the autonomic management in autonomic cloud computing We have selected 1 of the 7 properties of the autonomic cloud computing that is autonomic management Our main focus is on the security enhancement and avoidance of cloud intrusion in autonomic cloud computing Bilal Hussain CH "Cloud Intrusion and Autonomic Management in Autonomic Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-6 , October 2018, URL: http://www.ijtsrd.com/papers/ijtsrd18378.pdf
The basics of cloud computing , Everything as a service, cloud broker, Importance of Telco in cloud computing and more.
Download it here
https://youtu.be/ohK8Nd8Jq_o
The missing piece : when Docker networking and services finally unleashes so...Adrien Blind
Docker now provides several building blocks, combining engine, clustering, and componentization, while the new networking and service features enable many new usecases such as multi-tenancy. In this session, you will first discover the new experimental networking and service features expected soon, and then drift rapidly to software architecture, explaining how a complete Docker stack unleashes microservices paradigms.
The first part of the talk will introduce what SDNs and service registries are to the audience and will cover corresponding network & service experimental features of docker accordingly, with a technical focus. For instance, it explains how to create an overlay network of top of a swarm cluster or how to publish services.
The second part of the talk moves from infrastructure to application concerns, explaining that application architecture paradigms are shifting. In particular, we discuss the growing porosity of companies’s IS (especially due to massive use of cloud services) drifting security boundaries from the global IS perimeter, to the application shape. We also remind that traditional SOA patterns leveraging on buses (ie. ESBs & ETLs) are being replaced by microservices promoting more direct, full-mesh, interactions. To get the picture really complete, we’ll also rapidely remind other trends and shifts which are already covered by other docker components: scalability & resiliency to be supported by the apps themselves, fine-grained applications, or even infrastructure commoditization…
Most of all, the last part depicts a concrete, state-of-the-art application, applying all the properties discussed previously, and leveraging on a multi-tenant docker full stack using new networking and services features, in addition to traditional swarm, compose, and engine components. And just because we say it doesn’t mean it’s true, we’ll be happy to demonstrate this live !
Whilst the web modifications our existence cloud of things may alter our existence Again-This new technology cloud of things Rising
the next engineering that change the idea from love issues and use individuals to enjoy people and use issues, crib tech handle both
humanity issue in health and power, assisting aged and disabled people and retains the guarantee of repairing the centuryaged
individual issues of poverty, illness, assault, and bad management. A genuine achievement comes whenever you assist others achieve
success chief is created by commanders not fans. A genuine achievement is available in event in Japan-America-Europe but
additionally in not just of common ownership of the new technology. Our concept to all-is common ownership of cloud of things.
Technology and Africa to be always a primary stage within this common ownership to repair Africa issues in poverty, illness, assault,
and bad management and we have to alter Africa from ICT customer to ICT maker and head ASDF Africa a forward thinking
Affiliation using the perspective of shifting Africa from being truly a passive customer to some prominent head and person of
electronic systems like cloud of things. With the purpose of linking the electronic space between Africa and also the remaining globe.
http://globecom2015.ieee-globecom.org/content/industry-posters
http://www.google.com.eg/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&ved=0ahUKEwipqL-QjafMAhXL2hoKHUcJAD0QFgg0MAU&url=http%3A%2F%2Fworkspace.unpan.org%2Fsites%2Finternet%2FDocuments%2FUNPAN95410.pdf&usg=AFQjCNGEbD5i1bU8Az6766mhvL7n3r6huQ&sig2=d1_ALN8cwE4oZ56E3Vm7Fw
http://www.ipoareview.org/wp-content/uploads/2016/05/Statement-by-Dr.Assem-Abdel-Hamied-Mousa-President-of-the-Association-of-Scientists-Developers-and-FacultiesASDF.pdf
Erik Costlow, Product Evangelist at Contrast Security, was Oracle's principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...Docker, Inc.
Presented by Adrien Blind, DevOps Coach, Socîeté Générale and Laurent Grangeau, Solutions Architect, Finaxys
Docker now provides several building blocks, combining engine, clustering, and componentization, while the new networking and service features enable many new usecases such as multi-tenancy.
In this session, you will first discover the new experimental networking and service features expected soon, and then drift rapidly to software architecture, explaining how a complete Docker stack unleashes microservices paradigms.
A brief and sharp explanation of the Cloud Service Brokerage concept. Starts with general cloud introduction explaining why brokers/aggregators/intermediaries might be needed. The second part explains the most important concepts of cloud service brokerage. And in the end the portfolio management matrix is proposed as an assessment tool.
Software systems are fragile with respect to software evolution. They consist of many software artefacts that make implicit assumptions about one another. When such artefacts get replaced by newer versions, some of these assumptions may get invalidated, thus causing subtle evolution conflicts. A particular instance of fragility in class-based object-oriented programming languages is the fragile base class problem. Another instance of fragility is the fragile pointcut problem in aspect-oriented programming. Solutions to the fragility problem typically involve providing a means to define and verify an evolution contract explicitly.
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays
apidays LIVE Singapore 2021 - Digitisation, Connected Services and Embedded Finance
April 21 & 22, 2021
Why verifying user identity Is not enough In 2021
David Stewart, CEO of Approov
Erik Costlow, Product Evangelist at Contrast Security, was Oracle's principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...Docker, Inc.
Presented by Adrien Blind, DevOps Coach, Socîeté Générale and Laurent Grangeau, Solutions Architect, Finaxys
Docker now provides several building blocks, combining engine, clustering, and componentization, while the new networking and service features enable many new usecases such as multi-tenancy.
In this session, you will first discover the new experimental networking and service features expected soon, and then drift rapidly to software architecture, explaining how a complete Docker stack unleashes microservices paradigms.
A brief and sharp explanation of the Cloud Service Brokerage concept. Starts with general cloud introduction explaining why brokers/aggregators/intermediaries might be needed. The second part explains the most important concepts of cloud service brokerage. And in the end the portfolio management matrix is proposed as an assessment tool.
Software systems are fragile with respect to software evolution. They consist of many software artefacts that make implicit assumptions about one another. When such artefacts get replaced by newer versions, some of these assumptions may get invalidated, thus causing subtle evolution conflicts. A particular instance of fragility in class-based object-oriented programming languages is the fragile base class problem. Another instance of fragility is the fragile pointcut problem in aspect-oriented programming. Solutions to the fragility problem typically involve providing a means to define and verify an evolution contract explicitly.
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays
apidays LIVE Singapore 2021 - Digitisation, Connected Services and Embedded Finance
April 21 & 22, 2021
Why verifying user identity Is not enough In 2021
David Stewart, CEO of Approov
Similar to INTENT-BASED-NETWORKING-UNFOLD.pptx (20)
2. “The traveler who crosses a mountain in
the direction of a star runs the risk of
forgetting which is his guiding star if he
concentrates too exclusively on the
climbing problems. If he only acts for
action's sake, he will get nowhere.”
Antoine de Saint-Exupéry
3. Micromanagement
Automation has
been an attempt at
industrialization of
micromanagement
practices
do do do do do do do do do do
do do do do
Do this sequence of things
4. App intent
this is how I expose
myself to other apps/
components/services
This is how
I need to
consume
infra
This is my application
component
some other app
some other app
storage
requirements
compute
requirements
placement
requirements
scaling
rules
booting/init
rules
image
rules
vm vm …. vm
some app/
component/
service
What apps/components/
services do I depend on?
a real application consists of many of these
Network and netsec
are implicit
! Abstraction
! Portability
! Self-containment
! No leakage of unnecessary knowledge across apps
5. What is Network Control?
A B
YES You can
talk about this:
{ subject*, L4 Ports, … }
! End point A can talk to end point B
C D
NO You can’t
! End point C can’t talk to end point D
! the rest is path optimization
SDN, HDN, …
Traditional Networking, …
Overlays, ….
Quantum Entanglement, ….
6. … In French
I like to talk
about bees..
Vous me rappelez des
abeilles! (let’s talk about
bees… in French…)
Blah blah blah.…
PROViDER CONSUMER
Policy is like control of the subjects that
people can talk about. Provider specifies the
subjects and rules and consumer can only
communicate on specified subjects, subjected
to rules associated with the subjects.
….endpoints talking to each other
14. contractsurface
a logical
projection of an
“API” onto a
“wire” from the
vantage point of
the provider
subject
subject
taboo
taboo
subject
subject
subject
subject
taboo
taboo
subject
subjectsubject
subject
taboo
taboo
subject
subject
subject
subject
subject
taboo
taboo
subject
subject
Ooo la la…
I feel very safe.
Consume me!
protective membrane
consisting of multiple
contracts
receptor
15. contractsurface
a self contained
service definition
with any number of
symmetrically
behaving “end-
points”
subject
subject
taboo
taboo
subject
subject
subject
subject
taboo
taboo
subject
subjectsubject
subject
taboo
taboo
subject
subject
subject
subject
subject
taboo
taboo
subject
subject
Contact D
ContractB
Contract C
ContractA
Protective Membrane
contracts express
how this service can
be talked to, what
about, and what
happens to the
conversations
group
group
17. What would a three-tier app look like?
EPG WEB EPG APP EPG DB
provide
provide
provide
provide provide provide
infra shared services
consume consume consume
L3 context
bd bd bd
webcontract
javacontract
sqlcontract
mgmt contract
Outside
consume consume
consumeNW Public
NW Private
subnet
subnet
18. What would a three-tier app look like?
EPG WEB EPG APP EPG DB
provide
provide
provide
provide provide provide
infra shared services
consume consume consume
L3 context
bd bd bd
webcontract
javacontract
sqlcontract
mgmt contract
Outside
consume consume
consumeNW Public
NW Private
subnet
subnet
access
control
self-documenting
expressionofintent
isolation
19. Division of Labor: separation of responsibilities
infrastructure policies
! How infrastructure is used
! How fabric is used
Tenant intent
EPG WEB EPG APP EPG DB
NW Public
NW Private
subnet
subnet
provide
provide
provide
provide provide provide
infra shared services
consume consume consume
L3 context
bd bd bd
webcontract
javacontract
sqlcontract
mgmt contract
Outside
consume consume
consume
isolation
access control
Operational Policies
! Exceptions
! Faults
! Stats
! Health
! Logs
! …
tenant/
app owner
networking guy
ops guy
29. interconnected components, with dependencies and requirements
cont
cont
…
web
VM
VM
…
app
phys
phys
…
db
internet
External
Private
Network
Intent-defined networking
30. Define Intent: What app is. What app Needs.
How do apps talk to each other
Automate instrumentation of intent