Secure & authentication By Lai HIEU - eXo SEA
•Download as PPT, PDF•
0 likes•770 views
- The document discusses secure communication and authentication, covering topics like digital certificates, public key infrastructure (PKI), TLS/SSL, Java security architecture, and eXo platform implementation. - It provides an overview of TLS/SSL and how it is based on public key cryptography. Digital certificates are used to bind a public key with an identity to authenticate parties. - PKI utilizes public/private key pairs to facilitate secure exchange of information between two parties like in the example conversation between Nobita and Doraemon.
Report
Share
Report
Share
Recommended
DDoS And Spoofing, a risk to the decentralized internet
Spoofing brings great risk to the internet and very few networks are capable of mitigating attacks, resulting in the internet possibly being centered on a hand full of networks
Class Project Showcase: DNS Spoofing
1) The document discusses DNS spoofing techniques including DNS cache poisoning, DNS ID spoofing, and exploiting the birthday paradox.
2) It describes two versions of a DNS ID spoofing tool called dnsspoof.py that either targets a specific victim or all victims on the network.
3) Examples are given using the Scapy Python library to build and sniff packets to demonstrate how the DNS spoofing tools could be implemented.
BCS_PKI_part1.ppt
Public Key Infrastructure (PKI) uses public/private key cryptography and digital certificates to authenticate users and devices, encrypt and sign messages and documents. The document discusses how PKI works including the use of digital signatures to authenticate messages, the need for a trusted authority to issue certificates binding public keys to identities, and recommendations for implementing a basic PKI including documenting policies and procedures. Common cryptographic algorithms for encryption, signatures and hashing are also briefly described.
#Morecrypto (with tis) - version 2.2
This document discusses the importance of using more encryption on the Internet to increase privacy and security. It makes the following key points:
1) The Internet has become too easy to monitor as we have built it without sufficient security protections by default. More encryption needs to be implemented across Internet services and protocols to make eavesdropping more difficult.
2) Developers should enable encryption by default for all new Internet protocols. Opportunistic encryption techniques can provide some protections even without full authentication.
3) Individuals can help push for more encryption by requiring encrypted connections when using services and enabling tools like HTTPS Everywhere on their browsers. Transitioning to encrypted connections wherever possible raises the bar for surveillance.
15 intro to ssl certificate & pki concept
https://www.facebook.com/MostafaElLathyIT
mostafa.it@hotmail.com
https://www.youtube.com/channel/UCAEiVvBP3DbIKUcoZBcaHvQ
Pki by Steve Lamb
The document provides an overview of public key infrastructure (PKI) and how it works. It explains foundational concepts like encryption, authentication, and digital signatures. It then discusses how PKI enables the use of public/private key cryptography to securely distribute keys and authenticate parties through the use of digital certificates verified by a certificate authority. The document covers common algorithms like RSA, ECC, AES, and hash functions and provides recommendations around implementing and securing a PKI.
Encryption Primer por Cathy Nolan
The document provides an overview of encryption:
1) Encryption is the process of encoding information to prevent unauthorized access. It involves transforming plain text into ciphertext using cryptographic algorithms and encryption keys.
2) There are two main types of encryption - symmetric which uses the same key for encryption and decryption, and asymmetric which uses a public/private key pair.
3) When implementing encryption, organizations must determine what data needs protection, how it will be encrypted both in transit and at rest, and how encryption keys will be managed. Failure to properly manage keys could result in permanent data loss.
#Morecrypto 1.8 - with introduction to TLS
We need to protect our Internet communication - from basic web surfing to IP telephony, E-mail and Internet of things. This presentation gives some background and introduces one of the core security protocols - TLS, Transport Layer Security. This presentation is licensed under the Creative Commons Attribution-ShareAlike 4.0 International License.
Update: See http://www.slideshare.net/oej/morecrypto-with-tis-version-20
Recommended
DDoS And Spoofing, a risk to the decentralized internet
Spoofing brings great risk to the internet and very few networks are capable of mitigating attacks, resulting in the internet possibly being centered on a hand full of networks
Class Project Showcase: DNS Spoofing
1) The document discusses DNS spoofing techniques including DNS cache poisoning, DNS ID spoofing, and exploiting the birthday paradox.
2) It describes two versions of a DNS ID spoofing tool called dnsspoof.py that either targets a specific victim or all victims on the network.
3) Examples are given using the Scapy Python library to build and sniff packets to demonstrate how the DNS spoofing tools could be implemented.
BCS_PKI_part1.ppt
Public Key Infrastructure (PKI) uses public/private key cryptography and digital certificates to authenticate users and devices, encrypt and sign messages and documents. The document discusses how PKI works including the use of digital signatures to authenticate messages, the need for a trusted authority to issue certificates binding public keys to identities, and recommendations for implementing a basic PKI including documenting policies and procedures. Common cryptographic algorithms for encryption, signatures and hashing are also briefly described.
#Morecrypto (with tis) - version 2.2
This document discusses the importance of using more encryption on the Internet to increase privacy and security. It makes the following key points:
1) The Internet has become too easy to monitor as we have built it without sufficient security protections by default. More encryption needs to be implemented across Internet services and protocols to make eavesdropping more difficult.
2) Developers should enable encryption by default for all new Internet protocols. Opportunistic encryption techniques can provide some protections even without full authentication.
3) Individuals can help push for more encryption by requiring encrypted connections when using services and enabling tools like HTTPS Everywhere on their browsers. Transitioning to encrypted connections wherever possible raises the bar for surveillance.
15 intro to ssl certificate & pki concept
https://www.facebook.com/MostafaElLathyIT
mostafa.it@hotmail.com
https://www.youtube.com/channel/UCAEiVvBP3DbIKUcoZBcaHvQ
Pki by Steve Lamb
The document provides an overview of public key infrastructure (PKI) and how it works. It explains foundational concepts like encryption, authentication, and digital signatures. It then discusses how PKI enables the use of public/private key cryptography to securely distribute keys and authenticate parties through the use of digital certificates verified by a certificate authority. The document covers common algorithms like RSA, ECC, AES, and hash functions and provides recommendations around implementing and securing a PKI.
Encryption Primer por Cathy Nolan
The document provides an overview of encryption:
1) Encryption is the process of encoding information to prevent unauthorized access. It involves transforming plain text into ciphertext using cryptographic algorithms and encryption keys.
2) There are two main types of encryption - symmetric which uses the same key for encryption and decryption, and asymmetric which uses a public/private key pair.
3) When implementing encryption, organizations must determine what data needs protection, how it will be encrypted both in transit and at rest, and how encryption keys will be managed. Failure to properly manage keys could result in permanent data loss.
#Morecrypto 1.8 - with introduction to TLS
We need to protect our Internet communication - from basic web surfing to IP telephony, E-mail and Internet of things. This presentation gives some background and introduces one of the core security protocols - TLS, Transport Layer Security. This presentation is licensed under the Creative Commons Attribution-ShareAlike 4.0 International License.
Update: See http://www.slideshare.net/oej/morecrypto-with-tis-version-20
Network Security Primer
The document provides an overview of security topics including algorithms, encryption, digital signatures, certificates, and cryptography. It discusses the need for message security, privacy, authentication, integrity and non-repudiation. It then describes symmetric key cryptography, public key cryptography, digital signatures, key management, certificates, and security at the IP, transport and application layers including SSL/TLS, IPSec, PGP and S/MIME.
Security via Java
This document provides an introduction to security concepts like cryptography, digital signatures, and Java security. It discusses symmetric and public key cryptography, hash functions, and digital signatures. It also describes Java security APIs for cryptography, access control, and PKI. Examples are given for cryptographic operations in Java like encrypting/decrypting data, signing/verifying signatures, and working with key stores. The document also discusses XML signature standards and implementations.
HTTPS, Here and Now
The tools at our disposal today for deploying HTTPS are tremendously powerful, and easy to use. Initiatives like Let's Encrypt offer certificates, and new security policies like HSTS and HPKP allow you to protect against extremely powerful attacks. HTTPS, Here and Now!
This was an invited talk at the ICT Security Happening, organized by the VDAB Competence Center in Leuven.
Introduction To PKI Technology
The document provides an overview of a course on PKI (Public Key Infrastructure) technology. It outlines the topics that will be covered over two days, including secret key cryptography algorithms like AES and RSA, digital certificates, certificate authorities, and practical PKI applications like S/MIME, SSL, and IPSEC. The objectives of the course are to understand cryptographic fundamentals, public key infrastructure elements and how they interact, and why PKI is useful for enabling e-commerce and enhancing security.
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
The document discusses e-Xpert Gate, a web-based secure access solution that allows users to access internal applications from any device with a web browser. It provides strong authentication using RSA SecurID or SSL client certificates to securely access intranet resources through a firewall. The solution uses SSL/TLS to encrypt traffic and authenticate users, preventing direct unsecured access to internal servers and networks.
Introduction to Cryptography.pptx
This document provides an introduction to cryptography in Java, covering key topics like cryptographic algorithms, encryption, signatures, hashing, and their usage in Java. It explains symmetric and asymmetric encryption, how algorithms like AES and RSA work, and how Java implements cryptography through interfaces like Cipher and MessageDigest. Design patterns like Strategy and Factory are used to encapsulate algorithms. Examples are provided to demonstrate signing, encrypting, and hashing data in Java applications using the cryptography APIs. The goal is to improve awareness of cryptography and make its usage in Java straightforward and easy to understand.
[Wroclaw #8] TLS all the things!
This document discusses how TLS (Transport Layer Security) works to securely encrypt internet communication. It explains the key aspects of TLS including authentication, key exchange, encryption, integrity protection, and forward secrecy. It discusses X.509 certificates and certificate chains. It also covers choosing strong cryptographic algorithms and key lengths to provide adequate security. Examples of cipher suites are provided that specify the cryptographic primitives and parameters used to implement security. Finally, resources for further learning about TLS/SSL and ways to validate TLS configurations are recommended.
Network security
it is veru helpfull for who are interested to network related topics...and also usefull for student in network subject,.
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate is a web-based solution that provides secure remote access to internal resources using strong encryption and authentication over the internet. It acts as a reverse proxy, sitting within the firewall, to allow authenticated and encrypted access to internal servers from any internet browser without requiring custom client software. It supports SSL/TLS to encrypt communications and offers authentication methods like basic authentication, external authentication via RADIUS/LDAP, and client-side certificate authentication for high security requirements.
Secure socket layer
This document provides an overview of SSL/TLS (Secure Sockets Layer/Transport Layer Security) and how it works to secure data transmission over the internet. It discusses why SSL is important for encrypting data and verifying identities. It then explains the basic process of how SSL works, including how a client encrypts requests using a server's public key and how the server decrypts with its private key. The document outlines the requirements to implement SSL, including generating a key and obtaining a certificate. It differentiates between self-signed and authorized certificates. Finally, it provides steps to create a certificate using OpenSSL and configure the Apache web server to use SSL.
Ip sec talk
This document provides an overview of IP Security (IPSec). It begins with defining what IPSec is and its objectives of protecting IP packet contents and enforcing trusted communication. It then describes how IPSec works, including the Internet Key Exchange (IKE) protocol used to establish security associations (SAs), and how IPSec protects against various attacks. The document outlines best practices for configuring and using IPSec, and discusses some common issues like performance overhead and network address translation traversal support.
SSL/TLS for Mortals (Voxxed Days Luxembourg)
This document provides an overview of SSL/TLS including:
1. Why SSL/TLS is important for secure connections between systems and applications.
2. An explanation of public/private key encryption and how digital certificates and certificate authorities work to establish trust.
3. A demonstration of how SSL/TLS protects data in transit using encryption.
4. Examples of vulnerabilities in older SSL/TLS versions and how protocols have evolved over time to improve security.
5. Details of a compromise of the DigiNotar certificate authority that resulted in distrust of its certificates.
SSL
TLS (Transport Layer Security) is a protocol that provides secure communication over the Internet by addressing issues of privacy, integrity, and authentication. It uses encryption to ensure privacy, message authentication codes to ensure integrity, and X.509 certificates to perform authentication between clients and servers. TLS is commonly used with HTTPS to secure web browsing and can also be used by other applications like email, voice over IP, and file transfer.
The new rocket science stuff in microsoft pki
The document provides an overview of new features in Windows Server 2008 Certificate Services compared to Windows Server 2003 Certificate Services. Key changes include Certificate Services now being called Active Directory Certificate Services (ADCS), support for newer cryptographic standards like Suite B, improved revocation checking with OCSP, and the ability to restrict key recovery agents and enrollment agents by template or security group. Overall, Certificate Services is largely the same between versions but Windows Server 2008 and ADCS have additional security improvements and features.
#MoreCrypto : Introduction to TLS
TLS provides confidentiality, identity, and integrity for internet communication. It is used for HTTPS web pages and applications on computers and phones. TLS is based on SSL and uses asymmetric encryption where the server sends a public key to set up the secure connection. The client then challenges the server, which responds using its private key to prove its identity. Certificates bind a public key to an identity and are signed by a Certification Authority. They contain information like the key, owner identity, and validity period.
Webinar SSL English
Slides of the Webinar "SSL, impact and optimisation"
INTRODUCTION
What is SSL?
The purpose of SSL
History of SSL / TLS
Overview of a TLS connection
PART 1
What is the role of an SSL certificate?
Levels of validation
Options for certificates: SAN and Wildcard
The certificate ordering process
Certificate chain
SSL algorithms: encryption & authentication
Examples
PART 2
TLS and IPV4 exhaustion
HAProxy and SNI
TLS impacts
SSL offloading
SEO
Security of the SSL protocol
Alfresco DevCon 2019: Encryption at-rest and in-transit
To guarantee data integrity and confidentiality in Alfresco, we need to implement authentication and encryption at-rest and in-transit. With micro services proliferation, orchestrating platforms, complex topologies of services and multiple programming languages, there is a demand of new ways to manage service-to-service communication, and in some cases, without the application needing to be aware. In addition to that, compliance requirements around encryption and authentication come to the picture requiring new ways to handle them. This talk will review encryption at-rest solutions for ADBP, and will be also discuss about solutions for encryption and authentication between services. This will be an introduction to service mesh and TLS/mTLS. We will see a demo of ACS running with Istio over EKS along with tools like WaveScope, Kiali, Jaeger, Grafana, Service Graph and Prometheus.
8.X Sec & I Pv6
The document summarizes key concepts around network security protocols IPSEC, IPv6, ISAKMP, IKE, and DNSSEC. It discusses how IPSEC provides authentication, integrity and confidentiality at the IP layer for IPv4 and is built into IPv6. It describes the differences between IPv4 and IPv6. It explains how security associations are used to provide certain security properties for traffic and can be of type AH or ESP. It also provides an overview of the Authentication Header and Encapsulating Security Payload used by IPSEC, as well as protocols like ISAKMP, IKE, and DNSSEC that support secure network communications.
Web cryptography javascript
The document discusses introducing cryptography concepts from a developer perspective using JavaScript. It covers authentication and encryption methods like AES, RSA, and hashing algorithms. It also discusses browser storage, the Web Cryptography API, cryptography libraries for JavaScript like CryptoJS, encrypting data on servers with Node.js, and tools for analyzing encryption. Practical examples are provided on implementing cryptography in apps.
Web Security
This document discusses various aspects of web security including:
1. Secure Socket Layer (SSL) and Transport Layer Security (TLS) which provide secure communication over the internet.
2. Secure Electronic Transaction (SET) which is an open encryption standard that protects credit card transactions on the internet.
3. The document outlines different security considerations for the web including vulnerabilities of web servers and the need for mechanisms like SSL, TLS at the transport layer and SET at the application layer.
MEET-BIS Vietnam TOR_ ES_2013
This document outlines the terms of reference for an environmental impact audit of the MEET-BIS Vietnam energy efficiency and water saving project. The audit will (1) calculate potential CO2 reductions from energy efficient and water saving products sold to SMEs, (2) verify product usage with SME interviews, and (3) assess stakeholder awareness of environmental impacts. The consultant will develop a methodology, conduct a desk study and SME sampling, consult stakeholders, and produce draft and final reports summarizing the audit's findings. The audit aims to establish the project's environmental impacts from 2013-August 2013 in Vietnam's Hanoi region.
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
- Scala is an object-oriented and functional programming language that runs on the Java Virtual Machine (JVM) and is interoperable with Java code
- Scala aims to improve on statically typed languages by better supporting reusable components through unifying functional programming and object-oriented programming concepts
- This is achieved through representing functions as objects, encoding algebraic data types as classes, and modeling components as objects that can be composed through mixins
More Related Content
Similar to Secure & authentication By Lai HIEU - eXo SEA
Network Security Primer
The document provides an overview of security topics including algorithms, encryption, digital signatures, certificates, and cryptography. It discusses the need for message security, privacy, authentication, integrity and non-repudiation. It then describes symmetric key cryptography, public key cryptography, digital signatures, key management, certificates, and security at the IP, transport and application layers including SSL/TLS, IPSec, PGP and S/MIME.
Security via Java
This document provides an introduction to security concepts like cryptography, digital signatures, and Java security. It discusses symmetric and public key cryptography, hash functions, and digital signatures. It also describes Java security APIs for cryptography, access control, and PKI. Examples are given for cryptographic operations in Java like encrypting/decrypting data, signing/verifying signatures, and working with key stores. The document also discusses XML signature standards and implementations.
HTTPS, Here and Now
The tools at our disposal today for deploying HTTPS are tremendously powerful, and easy to use. Initiatives like Let's Encrypt offer certificates, and new security policies like HSTS and HPKP allow you to protect against extremely powerful attacks. HTTPS, Here and Now!
This was an invited talk at the ICT Security Happening, organized by the VDAB Competence Center in Leuven.
Introduction To PKI Technology
The document provides an overview of a course on PKI (Public Key Infrastructure) technology. It outlines the topics that will be covered over two days, including secret key cryptography algorithms like AES and RSA, digital certificates, certificate authorities, and practical PKI applications like S/MIME, SSL, and IPSEC. The objectives of the course are to understand cryptographic fundamentals, public key infrastructure elements and how they interact, and why PKI is useful for enabling e-commerce and enhancing security.
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
The document discusses e-Xpert Gate, a web-based secure access solution that allows users to access internal applications from any device with a web browser. It provides strong authentication using RSA SecurID or SSL client certificates to securely access intranet resources through a firewall. The solution uses SSL/TLS to encrypt traffic and authenticate users, preventing direct unsecured access to internal servers and networks.
Introduction to Cryptography.pptx
This document provides an introduction to cryptography in Java, covering key topics like cryptographic algorithms, encryption, signatures, hashing, and their usage in Java. It explains symmetric and asymmetric encryption, how algorithms like AES and RSA work, and how Java implements cryptography through interfaces like Cipher and MessageDigest. Design patterns like Strategy and Factory are used to encapsulate algorithms. Examples are provided to demonstrate signing, encrypting, and hashing data in Java applications using the cryptography APIs. The goal is to improve awareness of cryptography and make its usage in Java straightforward and easy to understand.
[Wroclaw #8] TLS all the things!
This document discusses how TLS (Transport Layer Security) works to securely encrypt internet communication. It explains the key aspects of TLS including authentication, key exchange, encryption, integrity protection, and forward secrecy. It discusses X.509 certificates and certificate chains. It also covers choosing strong cryptographic algorithms and key lengths to provide adequate security. Examples of cipher suites are provided that specify the cryptographic primitives and parameters used to implement security. Finally, resources for further learning about TLS/SSL and ways to validate TLS configurations are recommended.
Network security
it is veru helpfull for who are interested to network related topics...and also usefull for student in network subject,.
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate is a web-based solution that provides secure remote access to internal resources using strong encryption and authentication over the internet. It acts as a reverse proxy, sitting within the firewall, to allow authenticated and encrypted access to internal servers from any internet browser without requiring custom client software. It supports SSL/TLS to encrypt communications and offers authentication methods like basic authentication, external authentication via RADIUS/LDAP, and client-side certificate authentication for high security requirements.
Secure socket layer
This document provides an overview of SSL/TLS (Secure Sockets Layer/Transport Layer Security) and how it works to secure data transmission over the internet. It discusses why SSL is important for encrypting data and verifying identities. It then explains the basic process of how SSL works, including how a client encrypts requests using a server's public key and how the server decrypts with its private key. The document outlines the requirements to implement SSL, including generating a key and obtaining a certificate. It differentiates between self-signed and authorized certificates. Finally, it provides steps to create a certificate using OpenSSL and configure the Apache web server to use SSL.
Ip sec talk
This document provides an overview of IP Security (IPSec). It begins with defining what IPSec is and its objectives of protecting IP packet contents and enforcing trusted communication. It then describes how IPSec works, including the Internet Key Exchange (IKE) protocol used to establish security associations (SAs), and how IPSec protects against various attacks. The document outlines best practices for configuring and using IPSec, and discusses some common issues like performance overhead and network address translation traversal support.
SSL/TLS for Mortals (Voxxed Days Luxembourg)
This document provides an overview of SSL/TLS including:
1. Why SSL/TLS is important for secure connections between systems and applications.
2. An explanation of public/private key encryption and how digital certificates and certificate authorities work to establish trust.
3. A demonstration of how SSL/TLS protects data in transit using encryption.
4. Examples of vulnerabilities in older SSL/TLS versions and how protocols have evolved over time to improve security.
5. Details of a compromise of the DigiNotar certificate authority that resulted in distrust of its certificates.
SSL
TLS (Transport Layer Security) is a protocol that provides secure communication over the Internet by addressing issues of privacy, integrity, and authentication. It uses encryption to ensure privacy, message authentication codes to ensure integrity, and X.509 certificates to perform authentication between clients and servers. TLS is commonly used with HTTPS to secure web browsing and can also be used by other applications like email, voice over IP, and file transfer.
The new rocket science stuff in microsoft pki
The document provides an overview of new features in Windows Server 2008 Certificate Services compared to Windows Server 2003 Certificate Services. Key changes include Certificate Services now being called Active Directory Certificate Services (ADCS), support for newer cryptographic standards like Suite B, improved revocation checking with OCSP, and the ability to restrict key recovery agents and enrollment agents by template or security group. Overall, Certificate Services is largely the same between versions but Windows Server 2008 and ADCS have additional security improvements and features.
#MoreCrypto : Introduction to TLS
TLS provides confidentiality, identity, and integrity for internet communication. It is used for HTTPS web pages and applications on computers and phones. TLS is based on SSL and uses asymmetric encryption where the server sends a public key to set up the secure connection. The client then challenges the server, which responds using its private key to prove its identity. Certificates bind a public key to an identity and are signed by a Certification Authority. They contain information like the key, owner identity, and validity period.
Webinar SSL English
Slides of the Webinar "SSL, impact and optimisation"
INTRODUCTION
What is SSL?
The purpose of SSL
History of SSL / TLS
Overview of a TLS connection
PART 1
What is the role of an SSL certificate?
Levels of validation
Options for certificates: SAN and Wildcard
The certificate ordering process
Certificate chain
SSL algorithms: encryption & authentication
Examples
PART 2
TLS and IPV4 exhaustion
HAProxy and SNI
TLS impacts
SSL offloading
SEO
Security of the SSL protocol
Alfresco DevCon 2019: Encryption at-rest and in-transit
To guarantee data integrity and confidentiality in Alfresco, we need to implement authentication and encryption at-rest and in-transit. With micro services proliferation, orchestrating platforms, complex topologies of services and multiple programming languages, there is a demand of new ways to manage service-to-service communication, and in some cases, without the application needing to be aware. In addition to that, compliance requirements around encryption and authentication come to the picture requiring new ways to handle them. This talk will review encryption at-rest solutions for ADBP, and will be also discuss about solutions for encryption and authentication between services. This will be an introduction to service mesh and TLS/mTLS. We will see a demo of ACS running with Istio over EKS along with tools like WaveScope, Kiali, Jaeger, Grafana, Service Graph and Prometheus.
8.X Sec & I Pv6
The document summarizes key concepts around network security protocols IPSEC, IPv6, ISAKMP, IKE, and DNSSEC. It discusses how IPSEC provides authentication, integrity and confidentiality at the IP layer for IPv4 and is built into IPv6. It describes the differences between IPv4 and IPv6. It explains how security associations are used to provide certain security properties for traffic and can be of type AH or ESP. It also provides an overview of the Authentication Header and Encapsulating Security Payload used by IPSEC, as well as protocols like ISAKMP, IKE, and DNSSEC that support secure network communications.
Web cryptography javascript
The document discusses introducing cryptography concepts from a developer perspective using JavaScript. It covers authentication and encryption methods like AES, RSA, and hashing algorithms. It also discusses browser storage, the Web Cryptography API, cryptography libraries for JavaScript like CryptoJS, encrypting data on servers with Node.js, and tools for analyzing encryption. Practical examples are provided on implementing cryptography in apps.
Web Security
This document discusses various aspects of web security including:
1. Secure Socket Layer (SSL) and Transport Layer Security (TLS) which provide secure communication over the internet.
2. Secure Electronic Transaction (SET) which is an open encryption standard that protects credit card transactions on the internet.
3. The document outlines different security considerations for the web including vulnerabilities of web servers and the need for mechanisms like SSL, TLS at the transport layer and SET at the application layer.
Similar to Secure & authentication By Lai HIEU - eXo SEA (20)
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
More from Thuy_Dang
MEET-BIS Vietnam TOR_ ES_2013
This document outlines the terms of reference for an environmental impact audit of the MEET-BIS Vietnam energy efficiency and water saving project. The audit will (1) calculate potential CO2 reductions from energy efficient and water saving products sold to SMEs, (2) verify product usage with SME interviews, and (3) assess stakeholder awareness of environmental impacts. The consultant will develop a methodology, conduct a desk study and SME sampling, consult stakeholders, and produce draft and final reports summarizing the audit's findings. The audit aims to establish the project's environmental impacts from 2013-August 2013 in Vietnam's Hanoi region.
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
- Scala is an object-oriented and functional programming language that runs on the Java Virtual Machine (JVM) and is interoperable with Java code
- Scala aims to improve on statically typed languages by better supporting reusable components through unifying functional programming and object-oriented programming concepts
- This is achieved through representing functions as objects, encoding algebraic data types as classes, and modeling components as objects that can be composed through mixins
Shell scripting - By Vu Duy Tu from eXo Platform SEA
This document provides an overview of shell scripting and how it can be used for eXo Platform applications. It defines what a shell and shell script are, describes common shells like bash and csh, and covers shell script basics like parameters, operators, and control structures. Examples are given of how shell scripts could be used to automate tasks in eXo like building projects, running commands, and checking for bugs. The document also outlines a proposed "EXOCT" shell script for commonly used eXo functions.
AOP-IOC made by Vi Quoc Hanh and Vu Cong Thanh in SC Team
This document provides an overview of Inversion of Control (IoC) and Aspect Oriented Programming (AOP). It defines IoC as a technique for creating and wiring together objects to handle dependencies. The benefits of IoC include loose coupling, increased testability, and separation of concerns. AOP is introduced as a technique that allows cross-cutting concerns to be modularized. It works by defining aspects that specify where and when advice should be executed, such as around method joins points. Common AOP engines and frameworks are also mentioned.
Mcf presentation by Hai NGUYEN-Portal team
Cloud Foundry is an open source Platform as a Service (PaaS) that supports multiple frameworks, cloud providers, and application services. Micro Cloud Foundry is a complete version of Cloud Foundry that runs in a virtual machine, allowing for local development and flexibility. It supports frameworks like Spring, Rails/Sinatra, and Node.js as well as services like MySQL, MongoDB, and Redis. The VMware Cloud CLI (VMC) allows deploying apps to Cloud Foundry and configuring services, and can be used offline with Micro Cloud Foundry.
Web accessibility developers by Bao AN - eXo SEA
The document outlines eXo's roadmap to improve web accessibility of its products according to WCAG 2.0 Level AA guidelines by April 2012, including evaluating products with automation tools and human checks, organizing any issues found in Jira, and providing best practices for web accessibility compliance.
SEO presentation By Dang HA - ECM team
This document provides an overview of search engine optimization (SEO) techniques, including what SEO is, how search engines work, common SEO strategies, and how eXo's products support SEO. Key SEO strategies discussed include optimizing keywords, links, meta tags, and content. The document also explains how search engines crawl and index websites and the importance of files like robots.txt and sitemaps.xml. Finally, it outlines some of eXo's built-in SEO features like automatically generating meta tags and SEO files for sites.
Xss.e xopresentation from eXo SEA
This document discusses cross-site scripting (XSS) attacks, how they work, examples of different types of XSS attacks, their impact, and how to prevent them. It also provides examples of how XSS vulnerabilities were detected and exploited in specific eXo products, and references for audiences to learn more about secure coding practices and XSS prevention.
Lotus Collaboration by Le Thanh Quang in CT
The document discusses various collaborative software tools from Lotus, including:
1. LotusLive, a suite of cloud-based collaboration services including communities, activities, events, and files sharing capabilities.
2. Lotus Notes, a collaborative software that helped the City of Forest Park Police Services Department reduce storage capacity by 77% and avoid costs of a large storage system.
3. Lotus collaboration tools like communities, activities, events, and file sharing services that allow sharing information among project teams and connecting people with common interests or expertise.
Regular expression made by To Minh Hoang - Portal team
The document discusses using finite state machines and regular expressions to parse patterns in text. It provides examples of how finite state machines can be used to recognize patterns and comments in code. The key concepts covered include using finite state machines and stacks to handle contextual patterns, capturing groups in regular expressions, and how parsers in software like Java and GateIn are implemented using these techniques.
Os gi introduction made by Ly MInh Phuong-SOC team
OSGi is an architecture that provides a dynamic module system for Java to address issues like JAR dependency management and dynamic loading/unloading of modules. It defines bundles as the basic deployment and versioning unit. Bundles have a lifecycle and can import/export and register/consume services through the OSGi framework and service registry. OSGi aims to provide a dynamic and flexible environment for modular Java applications, especially in embedded, desktop and enterprise domains.
eXo Presentation: Bonita by Nguyen Anh Vu
1. The document introduces Bonita BPM, an open source workflow and business process management software.
2. It discusses key concepts in workflow and BPM like tasks, transitions, conditions. Bonita BPM consists of Bonita Studio to design processes, the Bonita engine to run them, and Bonita XP as a portal.
3. The document demonstrates creating a sample "Publish Document" process in Bonita Studio, simulating it, and integrating it with the eXoPlatform through Bonita XP.
Chromattic usage in eXo Social
A presentation made by eXo Platform SEA. We introduce Chromatic usage in eXo Social with several key features. Hope you enjoy it!
More from Thuy_Dang (13)
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
Scala - By Luu Thanh Thuy CWI team from eXo Platform SEA
Shell scripting - By Vu Duy Tu from eXo Platform SEA
Shell scripting - By Vu Duy Tu from eXo Platform SEA
AOP-IOC made by Vi Quoc Hanh and Vu Cong Thanh in SC Team
AOP-IOC made by Vi Quoc Hanh and Vu Cong Thanh in SC Team
Regular expression made by To Minh Hoang - Portal team
Regular expression made by To Minh Hoang - Portal team
Os gi introduction made by Ly MInh Phuong-SOC team
Os gi introduction made by Ly MInh Phuong-SOC team
Recently uploaded
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Presentation of the OECD Artificial Intelligence Review of Germany
Consult the full report at https://www.oecd.org/digital/oecd-artificial-intelligence-review-of-germany-609808d6-en.htm
20240609 QFM020 Irresponsible AI Reading List May 2024
Everything I found interesting about the irresponsible use of machine intelligence in May 2024
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
How to Get CNIC Information System with Paksim Ga.pptx
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
HCL Notes and Domino License Cost Reduction in the World of DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
National Security Agency - NSA mobile device best practices
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Pushing the limits of ePRTC: 100ns holdover for 100 days
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Programming Foundation Models with DSPy - Meetup Slides
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Removing Uninteresting Bytes in Software Fuzzing
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
UiPath Test Automation using UiPath Test Suite series, part 6
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Communications Mining Series - Zero to Hero - Session 1
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Recently uploaded (20)
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
Secure & authentication By Lai HIEU - eXo SEA
- 1. Secure & Authentication of communication Lai Trung Hieu Collaboration Team
- 2. Introduction
- 3. DNS Spoofing
- 5. Website security indicators https://www.google.com/support/chrome/bin/answer.py?answer=95617&hl=en-US
- 8. SSL story SSL was invented by Netscape Communications in 1994. May 1996, Internet Engineering Task Force (IETF) start to research TLS to be standardize SSL protocol. TLS then became an IETF standards track protocol . January 1999 TLS, 1.0 (SSL 3.1) first published in RFC 2246 1999 to be update version for SSL 3.0. April 2006, TLS 1.1 (SSL 3.2) August 2008 TLS 1.2 (SSL 3.3)
- 9. TLS/SSL fundamental Based on public key cryptography
- 11. Digital certificate & PKI
- 12. Copyright 2010 eXo Platform SAS Digital certificate Electronic document which uses a digital signature to bind a public key with an identity
- 14. Public key infrastructure Public & private key concept
- 17. Introduction {Some thing} information to be exchanged {Something}key information encrypted by key Digest[Something] make a digest for information
- 18. Digital signature Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! {digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
- 19. Exchange keys Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my public key. Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
- 20. Digital certificate Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key
- 21. Nobita : Hi, Are you Doraemon? Xeko : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Xeko : ???
- 22. Exchange secret key(session key) Nobita : Hi, Are you Doraemon? Doraemon : Nobita, It’s me Doraemon! Here is my digital certificate . Nobita : Show me your evidence! Doraemon: Nobita, It’s me Doraemon! digest[ Nobita, It’s me Doraemon! !]}Doraemon’private key Nobita : Ok, Doreamon. Here is{secret key}Doraemon’s public key Doraemon : {blah blah}secret-key Nobita: {blah hihi}secret-key
- 23. Java security architecture overview
- 25. Copyright 2010 eXo Platform SAS
- 33. Q & A
- 34. Thank you!