The document discusses different types of open WiFi networks and their pros and cons in terms of privacy, security, and reliability. It categorizes WiFi networks as either open or broken based on factors such as encryption, authentication, management, and firewalling. The author prefers encrypted and authenticated networks like eduroam that are managed but non-firewalled and open. The goal is to transform systems like eduroam into a distributed authentication model to enable secure and responsible WiFi access anywhere, which is technically possible today.
5 minute pitch in Mobile Monday Tampere (#momotre) about the opportunties in cloud based identity management and what is Arch Red's (my company) offering.
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyKarri Huhtanen
Karri Huhtanen's presentation about Wi-Fi Roaming Security and Privacy in Disobey 2024 on the 16th of February 2024 ( https://disobey.fi/2024/profile/disobey2024-154-wi-fi-roaming-security-and-privacy ).
Wi-Fi network security presentations are often about breaking the link level (radio) encryption or deploying evil twin Wi-Fi access points to perform man-in-the-middle attacks. This presentation focuses instead to the security and privacy in Wi-Fi roaming, offloading and federated networks, where there are different issues and vectors to utilise or defend against.
Adding OpenRoaming to existing IdP and roaming federation serviceKarri Huhtanen
The first deployment experiences of adding OpenRoaming functionality to existing IdP and roaming federation service. A presentation presented in the OpenRoaming Implementer's call on the 2nd of November 2022.
My presentation in the Radiator Software's webinar about OpenRoaming, how it works, what are its benefits and how Radiator Software can help to deploy it in your business.
5 minute pitch in Mobile Monday Tampere (#momotre) about the opportunties in cloud based identity management and what is Arch Red's (my company) offering.
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyKarri Huhtanen
Karri Huhtanen's presentation about Wi-Fi Roaming Security and Privacy in Disobey 2024 on the 16th of February 2024 ( https://disobey.fi/2024/profile/disobey2024-154-wi-fi-roaming-security-and-privacy ).
Wi-Fi network security presentations are often about breaking the link level (radio) encryption or deploying evil twin Wi-Fi access points to perform man-in-the-middle attacks. This presentation focuses instead to the security and privacy in Wi-Fi roaming, offloading and federated networks, where there are different issues and vectors to utilise or defend against.
Adding OpenRoaming to existing IdP and roaming federation serviceKarri Huhtanen
The first deployment experiences of adding OpenRoaming functionality to existing IdP and roaming federation service. A presentation presented in the OpenRoaming Implementer's call on the 2nd of November 2022.
My presentation in the Radiator Software's webinar about OpenRoaming, how it works, what are its benefits and how Radiator Software can help to deploy it in your business.
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingKarri Huhtanen
A presentation at FUNET Technical Days 2021 about research projects combining (5G) SIM authentication to eduroam Finland and ongoing work and benefits with OpenRoaming global Wi-Fi roaming in roam.fi or eduroam Finland networks.
Routing host certificates in eduroam/govroamKarri Huhtanen
A presentation for govroam stakeholders' meeting about issuing, configuring and deploying such host client certificates, which can be used in roaming federation networks such as eduroam, govroam, roam.fi, openroaming etc.
A presentation for KyLÄ project opening seminar ( https://projects.tuni.fi/kyla/tapahtumat/avausseminaari/ ) about experiences and lessons learned in building cooperative labs, testbeds and networks.
Privacy and traceability in Wi-Fi networksKarri Huhtanen
Tampere Smart City Week 2021 presentation about recent privacy and traceability developments in Wi-Fi networks and especially about MAC address randomisation and its implications.
Updated, extended presentation how to deploy EAP-TLS based certificate authentication and authorisation solution within organisation or enterprise. In addition to EAP-TLS in general, the presentation also covers some features of Radiator RADIUS server software, which are particularly useful when used with certificates and EAP-TLS. The presentation was originally presented in the JISC govroam stakeholder's meeting 23rd of October 2019 in London, United Kingdom.
Security issues in RADIUS based Wi-Fi AAA (aka WPA2 Enterprise AAA) presentation in alumni seminar for Tampere University of Technology information technology, software engineering and telecommunications alumni at Tampere University of Technology, 13th of October 2018.
If you think they are easy, you are (probably) doing them wrong. A presentation about issues with TLS and X.509 certificates for Tampere security people (TreSec, @TreSecCommunity) meetup on 21st of March 2018.
What is Network Function Virtualisation (NFV)?Karri Huhtanen
An updated presentation (v1.2) about what is the concept and the idea behind Network Function Virtualisation (NFV) for Tampere University of Technology Service oriented architectures course. Includes introduction to NFV and VNF (Virtualised Network Function) architecture, components and interfaces.
What is Network Function Virtualisation (NFV)?Karri Huhtanen
A presentation about what is the concept and the idea behind Network Function Virtualisation (NFV). Includes introduction to NFV and VNF (Virtualised Network Function) architecture, components and interfaces.
Building secure, privacy aware, quality Wi-Fi coverage via cooperationKarri Huhtanen
Building secure, privacy aware, quality Wi-Fi coverage via cooperation presentation for MindTrek 2015 ( #mtom2015 ) in Tampere, Finland. The presentation covers an idea to build community Wi-Fi networks by joining existing networks via federated RADIUS authentication just like eduroam, but for all organisations, cities, government organisations, operators and companies regardless if they are commercial or not.
Connecting the Dots: Integrating RADIUS to Network Measurement and MonitoringKarri Huhtanen
Nowadays data of the network usage is too often separated to various network components all around service provider network. Utilising RADIUS more efficiently is one approach to collect more data about network usage, combining it to network measurement, monitoring and management makes it even more efficient tool to use to get a real network situation and history overview.
Building city and nationwide Wi-Fi coverage via cooperationKarri Huhtanen
Building city and nationwide Wi-Fi coverage via cooperation presents the problem of building yet another overlapping citywide network instead of choosing cooperative approach to connect existing Wi-Fi networks via common policies, configurations and authentication decisions. The presentation promotes expanding eduroam(tm) model from academic world to regional, intercompany and government roaming.
Using NoSQL databases to store RADIUS and Syslog dataKarri Huhtanen
A seminar presentation done for TUT's NoSQL course. A brief look into the possibility and the feasibility of using NoSQL databases to store RADIUS accounting and Syslog data. In this particular case, Syslog-NG, Radiator RADIUS server and MongoDB were used as trial platforms. The presentation includes configuration examples and also some code.
Joukkoliikennedatan ongelmat ja ratkaisujaKarri Huhtanen
Avoimen datan talkoissa työryhmämme otti mietittäväkseen joukkoliikennedatan ongelmat. Ryhmän löytämät kaksi ongelmaa ja niiden ratkaisut ovat kuitenkin yleisiä datan tarjoamiseen liittyviä ongelmia ja ratkaisuja, joita kannattaa ainakin miettiä avointa dataa tarjotessa.
A quick overview of the possible business models of the cloud computing companies. Done for Tampere University of Technology seminar course about cloud computing ( http://www.cs.tut.fi/~tsysta/Pilvilaskenta.html ).
Building Funet WLAN Roaming, eduroam Finland and Wireless TampereKarri Huhtanen
A quick presentation about Funet WLAN roaming, eduroam in Finland and about Wireless Tampere, which is based on eduroam architecture and technologies. The presentation also contains a short clip from my Terena Networking Conference 2010 presentation about the implementation and the future development of the Finnish Top Level RADIUS roaming server.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingKarri Huhtanen
A presentation at FUNET Technical Days 2021 about research projects combining (5G) SIM authentication to eduroam Finland and ongoing work and benefits with OpenRoaming global Wi-Fi roaming in roam.fi or eduroam Finland networks.
Routing host certificates in eduroam/govroamKarri Huhtanen
A presentation for govroam stakeholders' meeting about issuing, configuring and deploying such host client certificates, which can be used in roaming federation networks such as eduroam, govroam, roam.fi, openroaming etc.
A presentation for KyLÄ project opening seminar ( https://projects.tuni.fi/kyla/tapahtumat/avausseminaari/ ) about experiences and lessons learned in building cooperative labs, testbeds and networks.
Privacy and traceability in Wi-Fi networksKarri Huhtanen
Tampere Smart City Week 2021 presentation about recent privacy and traceability developments in Wi-Fi networks and especially about MAC address randomisation and its implications.
Updated, extended presentation how to deploy EAP-TLS based certificate authentication and authorisation solution within organisation or enterprise. In addition to EAP-TLS in general, the presentation also covers some features of Radiator RADIUS server software, which are particularly useful when used with certificates and EAP-TLS. The presentation was originally presented in the JISC govroam stakeholder's meeting 23rd of October 2019 in London, United Kingdom.
Security issues in RADIUS based Wi-Fi AAA (aka WPA2 Enterprise AAA) presentation in alumni seminar for Tampere University of Technology information technology, software engineering and telecommunications alumni at Tampere University of Technology, 13th of October 2018.
If you think they are easy, you are (probably) doing them wrong. A presentation about issues with TLS and X.509 certificates for Tampere security people (TreSec, @TreSecCommunity) meetup on 21st of March 2018.
What is Network Function Virtualisation (NFV)?Karri Huhtanen
An updated presentation (v1.2) about what is the concept and the idea behind Network Function Virtualisation (NFV) for Tampere University of Technology Service oriented architectures course. Includes introduction to NFV and VNF (Virtualised Network Function) architecture, components and interfaces.
What is Network Function Virtualisation (NFV)?Karri Huhtanen
A presentation about what is the concept and the idea behind Network Function Virtualisation (NFV). Includes introduction to NFV and VNF (Virtualised Network Function) architecture, components and interfaces.
Building secure, privacy aware, quality Wi-Fi coverage via cooperationKarri Huhtanen
Building secure, privacy aware, quality Wi-Fi coverage via cooperation presentation for MindTrek 2015 ( #mtom2015 ) in Tampere, Finland. The presentation covers an idea to build community Wi-Fi networks by joining existing networks via federated RADIUS authentication just like eduroam, but for all organisations, cities, government organisations, operators and companies regardless if they are commercial or not.
Connecting the Dots: Integrating RADIUS to Network Measurement and MonitoringKarri Huhtanen
Nowadays data of the network usage is too often separated to various network components all around service provider network. Utilising RADIUS more efficiently is one approach to collect more data about network usage, combining it to network measurement, monitoring and management makes it even more efficient tool to use to get a real network situation and history overview.
Building city and nationwide Wi-Fi coverage via cooperationKarri Huhtanen
Building city and nationwide Wi-Fi coverage via cooperation presents the problem of building yet another overlapping citywide network instead of choosing cooperative approach to connect existing Wi-Fi networks via common policies, configurations and authentication decisions. The presentation promotes expanding eduroam(tm) model from academic world to regional, intercompany and government roaming.
Using NoSQL databases to store RADIUS and Syslog dataKarri Huhtanen
A seminar presentation done for TUT's NoSQL course. A brief look into the possibility and the feasibility of using NoSQL databases to store RADIUS accounting and Syslog data. In this particular case, Syslog-NG, Radiator RADIUS server and MongoDB were used as trial platforms. The presentation includes configuration examples and also some code.
Joukkoliikennedatan ongelmat ja ratkaisujaKarri Huhtanen
Avoimen datan talkoissa työryhmämme otti mietittäväkseen joukkoliikennedatan ongelmat. Ryhmän löytämät kaksi ongelmaa ja niiden ratkaisut ovat kuitenkin yleisiä datan tarjoamiseen liittyviä ongelmia ja ratkaisuja, joita kannattaa ainakin miettiä avointa dataa tarjotessa.
A quick overview of the possible business models of the cloud computing companies. Done for Tampere University of Technology seminar course about cloud computing ( http://www.cs.tut.fi/~tsysta/Pilvilaskenta.html ).
Building Funet WLAN Roaming, eduroam Finland and Wireless TampereKarri Huhtanen
A quick presentation about Funet WLAN roaming, eduroam in Finland and about Wireless Tampere, which is based on eduroam architecture and technologies. The presentation also contains a short clip from my Terena Networking Conference 2010 presentation about the implementation and the future development of the Finnish Top Level RADIUS roaming server.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
Open WiFi or Broken WiFi?
1. Open WiFi or
Broken WiFi?
Karri Huhtanen
on Google+,
@khuhtanen on Twitter,
firstname . surname
(at) archred . com
2. *) COMMON OPEN WIFI CON: NO ENCRYPTION
=> NO PRIVACY, LESS OR NO SECURITY
Open vs.
Open WiFi type Pros Cons
Broken?
(CITY-)WIDE, MANAGED, TRULY OPEN, BUT MANAGED
*), BUSINESS MODEL?, NEVER
MULTIPROVIDER, NO AND MONITORED FOR GOOD
SEEN ONE IMPLEMENTED OPEN
AUTHENTICATION, NO SERVICE QUALITY AND
ANYWHERE
FIREWALLING SECURITY
OPEN IF WORKS, CAN BE
RANDOM OPEN ACCESS *), CAN BE ALREADY
FIXED OR REBOOTED BY ANY
POINT WITH DEFAULT COMPROMISED, NO BROKEN
USER, NO ORGANISATION
SETTINGS MANAGEMENT, SERVICE QUALITY
NEEDED
(CITY-)WIDE, *), MONOPOLY => PRICING,
MANAGED(LIKE), SINGLE QUALITY, NO COMPETITION =>
CLEAR BUSINESS MODEL FOR
UPLINK PROVIDER, NO NO DEVELOPMENT, BUSINESS BROKEN
THE UPLINK PROVIDER
AUTHENTICATION, MODEL?, FIREWALL CAN MAKE
FIREWALLING NETWORK USELESS
MOBILE WIFI (TRAIN, *), UNRELIABLE UPLINKS,
NO AUTHENTICATION WORKS
ETC.), NO CANNOT BE MANAGED =>
PRETTY WELL WITH BROKEN
AUTHENTICATION, SERVICE QUALITY, FIREWALL
UNRELIABLE UPLINKS
STRICT FIREWALLING CAN MAKE NETWORK USELESS
*), TEMPORARY, => DEPLOYMENT
CONFERENCE WIFI, NO
NO AUTHENTICATION WORKS PROBLEMS, SERVICE QUALITY,
AUTHENTICATION, NO OPEN
PRETTY WELL UPLINK BANDWIDTH, BUSINESS
FIREWALLING
MODEL?
3. And that is why I personally like to use and see
encrypted, authenticated, managed non-
firewalled, WiFi with open interfaces (such as
eduroam) instead of BROKEN WIFI.
The challenge and ultimate objective in WiFi
community networks for me is to transform
eduroam model to open, distributed WiFi
authentication system so that someday there
will be worldroam to use WiFi securely and
responsibly anywhere.
The thing is, we can already do this technically...