NYC Identity Summit Tech Day: Best Practices for API Security

•Download as PPTX, PDF•

1 like•297 views

The document discusses best practices for API security, including using OAuth2 tokens that are issued and managed centrally, protecting communications with TLS, throttling incoming traffic to APIs, enforcing centralized policies at an enforcement point, and monitoring and auditing APIs. It provides ForgeRock Identity Gateway as an example of a solution that implements these practices.

Software

© 2016 ForgeRock. All rights reserved.
Best Practices for API
Security
Ludovic Poitou, Product Management Director

© 2016 ForgeRock. All rights reserved.
API Security
?

© 2016 ForgeRock. All rights reserved.
Example:
ForgeRock
Identity Gateway
APIs
ForgeRock
Access Management
Throttling
Authorization

© 2016 ForgeRock. All rights reserved.
API Key
• Use OAuth2 Tokens
• Issued & managed centrally
• Standard based
• Access tokens are short-lived
and revocable
• Scopes for finer permissions

© 2016 ForgeRock. All rights reserved.
Protecting against Disclosure
• Secure End to End
• Between Client and Gateway
• Between Gateway and API
• TLS
• Certificate based
Authentication

© 2016 ForgeRock. All rights reserved.
Protect Against Misuse and DOS
• Throttle the incoming traffic
• Overall
• Per API
• Per Client
• Also a monetization strategy!
https://www.flickr.com/photos/telstar/

© 2016 ForgeRock. All rights reserved.
Policy Decision and Enforcement Point
• Centralized policy
management
• Introspect Token
• Call ForgeRock Access
Management PDP
• Border enforcement
• Specific rules and conditions
• Not Found vs Forbidden
https://www.flickr.com/photos/yannickgar/

© 2016 ForgeRock. All rights reserved.
Monitoring and Auditing
• Monitoring
• Status
• Throughput and Response
Times statistics
• Auditing
• Logs
• Reporting
• Billing

© 2016 ForgeRock. All rights reserved.
Summary

© 2016 ForgeRock. All rights reserved.
Throttling
Message Transformation Monitoring
Session Management Token Exchange
SSO
Scripting
Relying Party
Authentication
Authorization Federation (SAML / OIDC)
Password Capture &
Replay
Protected Resources Identity Providers Data Stores
Web Applications
APIs
Services Layer
Access Layer HTTP / HTTPS OAuth2.0 | OpenID Connect | SAMLv2
External Layer
Databases
Directories
Files
Audit
ForgeRock Identity Platform: Identity Gateway

© 2016 ForgeRock. All rights reserved. 12

© 2016 ForgeRock. All rights reserved.
Best Practices for API
Security
Ludovic Poitou – Product Management Director
Ludovic.Poitou@ForgeRock.com
@ludomp

What's hot

The Future of Digital Identity in the Age of the Internet of Things

ForgeRock

Identity Gateway with the ForgeRock Identity Platform - So What’s New? Devices, and Things: Better Than a Fish in Your Ear In the Hitchhiker’s Guide to the Galaxy they have a handy little thing called a Babel Fish. Put it in your ear and you can instantly communicate with anything, anywhere in the galaxy. It’s quick and painless and works great. And that’s exactly how the ForgeRock Identity Gateway works too. It’s a simple, standards-based approach to extend access to web applications, application programming interfaces (APIs), and devices and things. The ForgeRock Identity Gateway, provides a flexible policy enforcement point to support your current environment while migrating towards a modern, standards-based platform. So you can connect digital assets across your ecosystem, with minimal-to-no changes. And no slimy little fish required! Highlights: - Intro to the ForgeRock Identity Platform - New features available in this release - Maintaining existing infrastructure through password replay - Gateway and a Mobile device walk into a bar…. - Federating services - Mobilizing those apps Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

Identity Gateway with the ForgeRock Identity Platform - So What’s New?

ForgeRock

The ForgeRock Identity Platform is trusted by companies around the world to be their foundation for digital transformation. ForgeRock extends their leadership in this space with the latest release of the ForgeRock Identity Platform, featuring advanced capabilities to meet the needs of today’s consumer facing digital services. In this webinar, learn how new features improve customer engagement and insight, offer greater privacy controls, extend security and usability for internet of things (IoT), enable DevOps and dynamic architectures, and more.

The Future is Now: The ForgeRock Identity Platform, Early 2017 Release

ForgeRock

Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...

ForgeRock

A Backstage Tour of Identity - Paris Identity Summit 2016

ForgeRock

User-Managed Access: Why and How? - Access Control in Digital Contract Contexts

ForgeRock

The Future is Now: What’s New in ForgeRock Identity Gateway

ForgeRock

Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades

ForgeRock

Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...

ForgeRock

Security & Identity for the Internet of Things Webinar

ForgeRock

Identity Relationship Management - The Right Approach for a Complex Digital W...

ForgeRock

Canberra Executive Breakfast - A Citizen-Centric Approach to Identity

ForgeRock

This session covers the challenges that online retailer “Band Materials” now face as the business grows and the external customer base increases to internet scale. What steps can the management take to transform their customer identity landscape? This backstage tour will cover the live deployment and configuration of components within the ForgeRock Identity Platform. The session includes interactive discussion and feature: - Single View of the Customer - Social media registration - Multi-Factor Single Sign On - Consent driven sharing - IoT integration You will leave the tour with a good understanding of how to deploy large scale digital identity projects and where you should start.

Backstage Tour of Identity - London Identity Summit

ForgeRock

Daniel Raskin, SVP Product Management, ForgeRock - The identity world is evolving … again. The growth of IoT endpoints is outpacing the scale of standard identity platforms. More non-traditional things are now given digital identities. New device protocols force identity platforms to become proficient in "foreign languages," in order to communicate with next-generation devices and services. The identity use case of yesteryear is gone: We need to reinvent what a typical identity deployment looks like. In this session, we will explore this changed world and discuss how identity needs to adapt.

Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...

ForgeRock

Today's CIO is balancing an increasing risk of data breaches and privacy regulations with a business hunger to deliver frictionless, personalized omni-channel experiences. Customer trust is key to how successful this fragile relationship is, drawing spotlight on how we manage privacy and security concerns across web, mobile and IoT technologies. Hear how organisations and governments are moving from legacy Identity and Access Management to Identity Relationship Management, as the foundation for trusted digital relationships.

Build a Trust Platform to Enable a Frictionless Customer Experience

ForgeRock

Sydney Identity Unconference Introduction and Highlights

ForgeRock

No IoT Without Identity

ForgeRock

IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow

ForgeRock

The Future is Now: What’s New in ForgeRock Access Management

ForgeRock

The wait is over! ForgeRock is releasing shiny new versions of all solution areas of the ForgeRock Identity Platform. To give you a preview on what’s coming, join this webinar to hear directly from the Product Managers what’s new in: Access Management Identity Management Directory Services Identity Gateway Shared Services Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

Webinar: ForgeRock Identity Platform Preview (Dec 2015)

ForgeRock

What's hot (20)

The Future of Digital Identity in the Age of the Internet of Things

Identity Gateway with the ForgeRock Identity Platform - So What’s New?

The Future is Now: The ForgeRock Identity Platform, Early 2017 Release

Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...

A Backstage Tour of Identity - Paris Identity Summit 2016

User-Managed Access: Why and How? - Access Control in Digital Contract Contexts

The Future is Now: What’s New in ForgeRock Identity Gateway

Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades

Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...

Security & Identity for the Internet of Things Webinar

Identity Relationship Management - The Right Approach for a Complex Digital W...

Canberra Executive Breakfast - A Citizen-Centric Approach to Identity

Backstage Tour of Identity - London Identity Summit

Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...

Build a Trust Platform to Enable a Frictionless Customer Experience

Sydney Identity Unconference Introduction and Highlights

No IoT Without Identity

IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow

The Future is Now: What’s New in ForgeRock Access Management

Webinar: ForgeRock Identity Platform Preview (Dec 2015)

Viewers also liked

Uniformes empresariales, BIGBANG México

BIGBANG

Uniformes para empresas df

BIGBANG

13 the ciolos reform

Tomas Garcia Azcarate

Módulo iv slideshare

9789243503325 spa

Mexicanidad

бизнес драйв

Carta docente

Camdenton School USA

UDES MAESTRÍA MAPA CONCEPTUAL

Luis Fernando Peña Jimenez

Periprosthetic fractures are the third most common reason for revision total hip arthroplasty. Surgical treatment of periprosthetic fractures belongs to the most difficult procedures due to the extensive surgery, elderly polymorbid patients and the high frequency of other complications. The aim of this study was to evaluate the results of operatively treated periprosthetic femoral fractures after total hip arthroplasty.

$Periprosthetic fractures$ $Periprosthetic fractures$

Periprosthetic fractures

Martin Korbel

High flexion TKR overview

Hiren Divecha

MGUH Joint Replacement Class

schwartz2138

Automobile chassis and body

Ràhúl Pâtêl

Viewers also liked (14)

Uniformes empresariales, BIGBANG México

Uniformes para empresas df

13 the ciolos reform

Módulo iv slideshare

9789243503325 spa

Mexicanidad

бизнес драйв

Carta docente

Camdenton School USA

UDES MAESTRÍA MAPA CONCEPTUAL

$Periprosthetic fractures$ $Periprosthetic fractures$

Periprosthetic fractures

High flexion TKR overview

MGUH Joint Replacement Class

Automobile chassis and body

Similar to NYC Identity Summit Tech Day: Best Practices for API Security

Information is the new currency and as more “things” come online the volume of data will dramatically increase. Typically, this data is stored in multiple repositories and different personas have different levels of access. In this webinar, which was recorded on August 18th, 2015, you can learn how to answer key questions to today’s tough challenges: How do we keep sensitive data, secure it and make it accessible? How do we manage authorization policies related to this data? How do we manage entitlements for not only web apps, but also users, devices and things? ForgeRock’s Senior Software Developer, Andy Forrest, discussed the challenges and solutions surrounding Entitlements.

Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"

ForgeRock

Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...

ForgeRock

De la bonne utilisation de OAuth2

Leonard Moustacchis

SpringOne Platform 2016 Speaker: David Ferriera; Director, Cloud Technology, Forgerock Microservices architecture elevates the challenges for Authentication and Authorization management. When a single frontend request can result in many backend microservices calls, it is important to balance security and performance. ForgeRock provides a standards-based blueprint that provides a flexible solution for making these choices while protecting your Cloud Foundry services end to end.

An Authentication and Authorization Architecture for a Microservices World

VMware Tanzu

OpenId Connect Protocol

Michael Furman

London Adapt or Die: Securing your APIs the Right Way!

Apigee | Google Cloud

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin

FIDO Alliance

How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects

Maxim Salnikov

Description: This webinar will explore how to improve security by enforcing identity, ensuring the requests are correctly authorized to access the resources it’s requesting. How to leverage standards based identity, such as OAuth2, SAML or OpenID Connect or even social login, to make it easier for users, devices, things and API’s to interact with your digital services while improving security. Webinar Highlights: Overview of OpenIG Demo on the power of OpenIG’s gateway integration capabilities Demo of upcoming features in OpenIG 4.0, including throttling Q&A Join ForgeRock’s Product Manager of OpenDJ and OpenIG, Ludovic Poitou and Senior Product Marketing Manager, Justin Pirie, to discuss OpenIG.

OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...

ForgeRock

The Platform Big Picture

ForgeRock

Wavestone forgerock banking demo

Bertrand Carlier

[Workshop] API-driven Integration

WSO2

FIDO2 and Microsoft

FIDO Alliance

Co-Founder and CTO, Paul Fremantle and Solutions Architect, Senaka Fernando facilitated this workshop at Jax London 2014. The workshop illustrated how API management helps organizations participate in the API Economy; with the first half of the workshop looking at the overall landscape and approaches, while the second half focusing on using Open Source API Management tooling to expose, monitor and manage APIs.

Workshop: API Management

WSO2

API Management - a hands on workshop - Paul Fremantle

JAXLondon2014

How to Build, Manage, and Promote APIs

WSO2

FIDO Technical Overview at FIDO KWG Hackathon

Ki-Eun Shin

How to Build an Effective API Security Strategy

Nordic APIs

OAuth based reference architecture for API Management

WSO2

Adapt or Die Sydney - API Security

Apigee | Google Cloud

Similar to NYC Identity Summit Tech Day: Best Practices for API Security (20)

Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"

Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...

De la bonne utilisation de OAuth2

An Authentication and Authorization Architecture for a Microservices World

OpenId Connect Protocol

London Adapt or Die: Securing your APIs the Right Way!

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin

How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects

OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...

The Platform Big Picture

Wavestone forgerock banking demo

[Workshop] API-driven Integration

FIDO2 and Microsoft

Workshop: API Management

API Management - a hands on workshop - Paul Fremantle

How to Build, Manage, and Promote APIs

FIDO Technical Overview at FIDO KWG Hackathon

How to Build an Effective API Security Strategy

OAuth based reference architecture for API Management

Adapt or Die Sydney - API Security

More from ForgeRock

In this webcast, KuppingerCole´s Principal Analyst Martin Kuppinger will introduce the concept of Identity Management for the Internet of Things. Following Martin's opening talk, ForgeRock´s Gerhard Zehethofer will discuss how ForgeRock is now extending these capabilities into the areas of managed and unmanaged devices, enhancing the customer experience as well as security and privacy at scale for people, services, and things.

Digital Identities in the Internet of Things - Securely Manage Devices at Scale

ForgeRock

Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond

ForgeRock

Identity Live Sydney: Identity Management - A Strategic Opportunity

ForgeRock

Identity Live Singapore: Transform Your Cybersecurity Capability

ForgeRock

Identity Live Singapore 2018 Keynote Presentation

ForgeRock

Identity Live Sydney 2018 Keynote Presentation

ForgeRock

Identity Live Singapore: Just Ask 'Em

ForgeRock

Identity Live Singapore: Building Trust & Privacy in a Connected Society

ForgeRock

Identity Live Sydney: Intelligent Authentication

ForgeRock

Identity Live Sydney: Building Trust and Privacy in a Connected Society

ForgeRock

Containerized IAM on Amazon Web Services - Deep Dive A deep technical look at the architecture behind running containerized IAM on AWS and what your team needs for a successful deployment You’ll experience an in depth review of: Assets and processes needed to containerize ForgeRock Architecture and processes guiding containerized IAM on AWS How containers are deployed into Kubernetes Monitoring and management strategies Continuous integration configuration

Get the Exact Identity Solution you Need in the Cloud - Deep Dive

ForgeRock

Get the Exact Identity Solution You Need - In the Cloud - Overview

ForgeRock

Authentication and MFA is no longer a one-mode-fits-all experience. Customer-centric companies need flexible intelligence models and simple, consistent login journeys across channels—web, call center, mobile—without being forced to bolt MFA on top of usernames and passwords. ForgeRock’s VP, Global Strategy and Innovation, Ben Goodman, and Trusona’s Chief Design Officer, Kevin Goldman, explain how ForgeRock combined with Trusona creates a broad range of multi-factor authentication modalities all with a consistent user experience, including primary MFA without usernames, passwords or typing whatsoever. Bonus: Trusona will reveal findings from the first-ever passwordless MFA behavioral research.

ForgeRock and Trusona - Simplifying the Multi-factor User Experience

ForgeRock

Opening Keynote (Identity Live Berlin 2018)

ForgeRock

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...

ForgeRock

BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)

ForgeRock

Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...

ForgeRock

Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...

ForgeRock

Shift from GDPR readiness to sustained compliance to improve your business an...

ForgeRock

Intelligent Authentication (Identity Live Berlin 2018)

ForgeRock

More from ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale

Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond

Identity Live Sydney: Identity Management - A Strategic Opportunity

Identity Live Singapore: Transform Your Cybersecurity Capability

Identity Live Singapore 2018 Keynote Presentation

Identity Live Sydney 2018 Keynote Presentation

Identity Live Singapore: Just Ask 'Em

Identity Live Singapore: Building Trust & Privacy in a Connected Society

Identity Live Sydney: Intelligent Authentication

Identity Live Sydney: Building Trust and Privacy in a Connected Society

Get the Exact Identity Solution you Need in the Cloud - Deep Dive

Get the Exact Identity Solution You Need - In the Cloud - Overview

ForgeRock and Trusona - Simplifying the Multi-factor User Experience

Opening Keynote (Identity Live Berlin 2018)

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...

BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)

Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...

Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...

Shift from GDPR readiness to sustained compliance to improve your business an...

Intelligent Authentication (Identity Live Berlin 2018)

Recently uploaded

Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.

How Recreation Management Software Can Streamline Your Operations.pptx

wottaspaceseo

Into the Box 2024 - Keynote Day 2 Slides.pdf

Ortus Solutions, Corp

Globus Compute Introduction - GlobusWorld 2024

Globus

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

WSO2

De mooiste recreatieve routes ontdekken met RouteYou en FME

Jelle | Nordend

As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.

Globus Compute wth IRI Workflows - GlobusWorld 2024

Globus

Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.

Enhancing Research Orchestration Capabilities at ORNL.pdf

Globus

Unlocking Business Potential: Tailored Technology Solutions by Prosigns Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support. Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth. Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices. AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making. Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency. DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration. Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly. Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business. Join us on a journey of innovation and growth. Let's partner for success with Prosigns.

Prosigns: Transforming Business with Tailored Technology Solutions

Prosigns

Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload. Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.

Designing for Privacy in Amazon Web Services

KrzysztofKkol1

A Comprehensive Look at Generative AI in Retail App Testing.pdf

kalichargn70th171

In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...

Juraj Vysvader

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

kalichargn70th171

NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?

Understanding Globus Data Transfers with NetSage

Globus

Large Language Models and the End of Programming

Matt Welsh

AI/ML Infra Meetup May. 23, 2024 Organized by Alluxio For more Alluxio Events: https://www.alluxio.io/events/ Speaker: - Junchen Jiang (Assistant Professor of Computer Science, @University of Chicago) Prefill in LLM inference is known to be resource-intensive, especially for long LLM inputs. While better scheduling can mitigate prefill’s impact, it would be fundamentally better to avoid (most of) prefill. This talk introduces our preliminary effort towards drastically minimizing prefill delay for LLM inputs that naturally reuse text chunks, such as in retrieval-augmented generation. While keeping the KV cache of all text chunks in memory is difficult, we show that it is possible to store them on cheaper yet slower storage. By improving the loading process of the reused KV caches, we can still significantly speed up prefill delay while maintaining the same generation quality.

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

Alluxio, Inc.

Vitthal Shirke Microservices Resume Montevideo

Vitthal Shirke

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

takuyayamamoto1800

Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.

How to Position Your Globus Data Portal for Success Ten Good Practices

Globus

BoxLang: Review our Visionary Licenses of 2024

Ortus Solutions, Corp

This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.

top nidhi software solution freedownload

vrstrong314

Recently uploaded (20)

How Recreation Management Software Can Streamline Your Operations.pptx

Into the Box 2024 - Keynote Day 2 Slides.pdf

Globus Compute Introduction - GlobusWorld 2024

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

De mooiste recreatieve routes ontdekken met RouteYou en FME

Globus Compute wth IRI Workflows - GlobusWorld 2024

Enhancing Research Orchestration Capabilities at ORNL.pdf

Prosigns: Transforming Business with Tailored Technology Solutions

Designing for Privacy in Amazon Web Services

A Comprehensive Look at Generative AI in Retail App Testing.pdf

In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

Understanding Globus Data Transfers with NetSage

Large Language Models and the End of Programming

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

Vitthal Shirke Microservices Resume Montevideo

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

How to Position Your Globus Data Portal for Success Ten Good Practices

BoxLang: Review our Visionary Licenses of 2024

top nidhi software solution freedownload

NYC Identity Summit Tech Day: Best Practices for API Security

7. © 2016 ForgeRock. All rights reserved. Protect Against Misuse and DOS • Throttle the incoming traffic • Overall • Per API • Per Client • Also a monetization strategy! https://www.flickr.com/photos/telstar/

8. © 2016 ForgeRock. All rights reserved. Policy Decision and Enforcement Point • Centralized policy management • Introspect Token • Call ForgeRock Access Management PDP • Border enforcement • Specific rules and conditions • Not Found vs Forbidden https://www.flickr.com/photos/yannickgar/

11. © 2016 ForgeRock. All rights reserved. Throttling Message Transformation Monitoring Session Management Token Exchange SSO Scripting Relying Party Authentication Authorization Federation (SAML / OIDC) Password Capture & Replay Protected Resources Identity Providers Data Stores Web Applications APIs Services Layer Access Layer HTTP / HTTPS OAuth2.0 | OpenID Connect | SAMLv2 External Layer Databases Directories Files Audit ForgeRock Identity Platform: Identity Gateway

NYC Identity Summit Tech Day: Best Practices for API Security

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (14)

Similar to NYC Identity Summit Tech Day: Best Practices for API Security

Similar to NYC Identity Summit Tech Day: Best Practices for API Security (20)

More from ForgeRock

More from ForgeRock (20)

Recently uploaded

Recently uploaded (20)

NYC Identity Summit Tech Day: Best Practices for API Security