This document discusses how to securely implement real-time collaboration using Etherpad and SecurePass. Etherpad allows real-time collaborative editing of documents. SecurePass provides single sign-on authentication and authorization. The solution uses Apache as a reverse proxy for SecurePass authentication and to limit access to authorized users and domains. Etherpad is configured with a plugin to identify users via the HTTP header passed from Apache.
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020Matt Raible
Spring Boot is an efficient way to build Java applications with the Spring Framework. If you’re developing apps that handle sensitive data, you should make sure they’re secure.
This session will cover HTTPS, dependency checking, CSRF, using a CSP to prevent XSS, OIDC, password hashing, and much more!
You’ll learn how to add these features to a real application, using the Java language you know and love.
* Blog post: https://developer.okta.com/blog/2018/07/30/10-ways-to-secure-spring-boot
* Cheat sheet: https://snyk.io/blog/spring-boot-security-best-practices/
* OIDC demo: http://bit.ly/spring-oidc-demo
10 Excellent Ways to Secure Your Spring Boot Application - The Secure Develop...Matt Raible
Spring Boot is an excellent way to build Java applications with the Spring Framework. If you’re developing apps that handle sensitive data, you should make sure they’re secure. This session will cover HTTPS, dependency checking, CSRF, using a CSP to prevent XSS, OIDC, password hashing, and much more! You’ll learn how to add these features to a real application, using the Java language you know and love.
YouTube: https://www.thesecuredeveloper.com/post/10-excellent-ways-to-secure-your-spring-boot-application
Blog post: https://developer.okta.com/blog/2018/07/30/10-ways-to-secure-spring-boot
Cheat sheet: https://snyk.io/blog/spring-boot-security-best-practices/
Secrets are any sensitive piece of information (like a password, API token, TLS private key) that must be kept safe. This presentation is a practical guide covering what we've done at Cloud Posse to lock down secrets in production. It includes our answer to avoid the same pitfalls that Shape Shift encountered when they were hacked. The techniques presented are compatible with automated cloud environments and even legacy systems.
Capture, record, clip, embed and play, search: video from newbie to ninjaVito Flavio Lorusso
Example driven way, on how you can easily control provisioning of resources, stream, record video, clip it and embed it in your web site.
Integration of video workflows with search and indexing processor to leverage a complete end-to-end solution like a video sharing portal
What the Heck is OAuth and OpenID Connect - RWX 2017Matt Raible
OAuth is not an API or a service: it is an open standard for authorization and any developer can implement it. OAuth is a standard that applications can use to provide client applications with “secure delegated access”. OAuth works over HTTP and authorizes Devices, APIs, Servers and Applications with access tokens rather than credentials, which we will go over in depth below. OpenID Connect (OIDC) is built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the user and, as well as to obtain their basic profile information.
This session covers how OAuth/OIDC works, when to use them, and frameworks/services that simplify authentication.
Blog post: https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth
Apache Roller, Acegi Security and Single Sign-onMatt Raible
Acegi Security is quickly becoming a widely respected security framework for Java applications. Not only does this security framework solve many of the deficiencies of J2EE's security mechanisms, but it's also easy to implement and configure. This tutorial will help you learn more about Acegi Security, as well as how to integrate it into your web applications. The Roller Weblogger project (currently in Apache's incubator) uses Acegi Security for many of its features: authentication, password encryption, remember me and SSL switching. After learning about Roller and Acegi, you will see how to deploy Roller onto Tomcat and Geronimo. Following that, you will learn how to hook Roller/Acegi into Apache Directory Server for authentication. Finally, you will learn how to integrate Roller with a Single Sign-on System (Yale's Central Authentication Service).
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020Matt Raible
Spring Boot is an efficient way to build Java applications with the Spring Framework. If you’re developing apps that handle sensitive data, you should make sure they’re secure.
This session will cover HTTPS, dependency checking, CSRF, using a CSP to prevent XSS, OIDC, password hashing, and much more!
You’ll learn how to add these features to a real application, using the Java language you know and love.
* Blog post: https://developer.okta.com/blog/2018/07/30/10-ways-to-secure-spring-boot
* Cheat sheet: https://snyk.io/blog/spring-boot-security-best-practices/
* OIDC demo: http://bit.ly/spring-oidc-demo
10 Excellent Ways to Secure Your Spring Boot Application - The Secure Develop...Matt Raible
Spring Boot is an excellent way to build Java applications with the Spring Framework. If you’re developing apps that handle sensitive data, you should make sure they’re secure. This session will cover HTTPS, dependency checking, CSRF, using a CSP to prevent XSS, OIDC, password hashing, and much more! You’ll learn how to add these features to a real application, using the Java language you know and love.
YouTube: https://www.thesecuredeveloper.com/post/10-excellent-ways-to-secure-your-spring-boot-application
Blog post: https://developer.okta.com/blog/2018/07/30/10-ways-to-secure-spring-boot
Cheat sheet: https://snyk.io/blog/spring-boot-security-best-practices/
Secrets are any sensitive piece of information (like a password, API token, TLS private key) that must be kept safe. This presentation is a practical guide covering what we've done at Cloud Posse to lock down secrets in production. It includes our answer to avoid the same pitfalls that Shape Shift encountered when they were hacked. The techniques presented are compatible with automated cloud environments and even legacy systems.
Capture, record, clip, embed and play, search: video from newbie to ninjaVito Flavio Lorusso
Example driven way, on how you can easily control provisioning of resources, stream, record video, clip it and embed it in your web site.
Integration of video workflows with search and indexing processor to leverage a complete end-to-end solution like a video sharing portal
What the Heck is OAuth and OpenID Connect - RWX 2017Matt Raible
OAuth is not an API or a service: it is an open standard for authorization and any developer can implement it. OAuth is a standard that applications can use to provide client applications with “secure delegated access”. OAuth works over HTTP and authorizes Devices, APIs, Servers and Applications with access tokens rather than credentials, which we will go over in depth below. OpenID Connect (OIDC) is built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the user and, as well as to obtain their basic profile information.
This session covers how OAuth/OIDC works, when to use them, and frameworks/services that simplify authentication.
Blog post: https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth
Apache Roller, Acegi Security and Single Sign-onMatt Raible
Acegi Security is quickly becoming a widely respected security framework for Java applications. Not only does this security framework solve many of the deficiencies of J2EE's security mechanisms, but it's also easy to implement and configure. This tutorial will help you learn more about Acegi Security, as well as how to integrate it into your web applications. The Roller Weblogger project (currently in Apache's incubator) uses Acegi Security for many of its features: authentication, password encryption, remember me and SSL switching. After learning about Roller and Acegi, you will see how to deploy Roller onto Tomcat and Geronimo. Following that, you will learn how to hook Roller/Acegi into Apache Directory Server for authentication. Finally, you will learn how to integrate Roller with a Single Sign-on System (Yale's Central Authentication Service).
GOTO Copenhagen - Radical Agility with Autonomous Teams and Microservices in ...Jan Löffler
What we've built at Zalando is complex. Supporting – profitably – a publicly traded ecommerce company that does business in 15 diverse European markets, with more than 16 million active users who all speak different languages, use different payment methods, prefer different shipping methods, and have different product tastes, has required nonstop innovation. Until recently we've focused on building a unified, comprehensive retail system, quickly, that solves just our problems. But to truly fight against complexity--particularly the accidental complexity that slows down our development process--we have adopted a microservices architecture. And when it comes to DevOps, we’ve gone a step beyond the "You build it, you run it" motto--working in autonomous teams with DevOps treated as a "first-class entity.”
In this talk, Jan Löffler (Head of Platform Engineering) will share Zalando's experience implementing “Radical Agility” from a DevOps perspective. “Radical Agility” is the Zalando technology team’s multi-pronged approach to managing the complexity that results from building an architecture of massive size. Jan will focus on how microservices enable Zalando’s engineers to move faster and build systems that scale, at scale, and avoid dependencies. He will show how microservices, in conjunction with a cloud infrastructure, support teams as they try strive for autonomy. Finally, he will draw upon his experiences to show how this all works in practice, and discuss what is organizationally and architecturally necessary to make DevOps a top priority for all members of your tech organization.
SIA319 What's Windows Server 2008 R2 Going to Do for Your Active Directory?Louis Göhl
Windows Server 2008 R2 is here, with new tools and utilities for the directory service IT pro to help you manage and maximise the potential of your Active Directory. What's going to be your favourite new feature? Maybe it's the Best Practice Analyser that will scan your infrastructure and point out both compliant and noncompliant aspects of your environment together with suggestions for improvements. Do you want tools to simplify your day-to-day management of the AD? There's a new kid on the block, the Active Directory Administrative Center. Built on Windows PowerShell technology it provides a rich GUI allowing you to perform common Active Directory tasks through both data-driven and task-driven navigation. Not a GUI fan? Then R2 brings you more than 85 PowerShell Cmdlets to allow you to manage, diagnose, and automate AD tasks from the command-line or PowerShell scripts. Maybe your favourite will be the recycle bin allowing you to recover deleted objects while the directory is online or the ability to perform offline domain join allowing you to streamline your deployments. There are more choices, come to this high-energy, fast paced, demo rich presentation and get all the details
Securing Network Access with Open Source solutionsNick Owen
My presentation from Atlanta Linux Fest on how to allow users secure access to your network using open source technologies. Examples include how to add two-factor authentication to Apache, OpenVPN, Astaro, NX etc.
PVS-Studio: analyzing pull requests in Azure DevOps using self-hosted agentsAndrey Karpov
Static code analysis is most effective when changing a project, as errors are always more difficult to fix in the future than at an early stage. We continue expanding the options for using PVS-Studio in continuous development systems. This time, we'll show you how to configure pull request analysis using self-hosted agents in Microsoft Azure DevOps, using the example of the Minetest game.
A digital lab provides access to real devices and browsers through an automation interface with a guaranteed level of uptime, or service availability, to support Agile development of web and mobile apps. This article will help you to gather some knowledge about the various digital labs and device farm. Desired Capabilities help to configure the Appium server and provide the criteria which you wish to use for running your automation script. Try to utilize all the desired capabilities of various digital labs in your automation and enjoy the script
execution in the cloud.
Overseeing Ship's Surveys and Surveyors Globally Using IoT and Docker by Jay ...Docker, Inc.
Fugro is a multinational enterprise that collects and provides highly specialized interpretation of geological data for a number of industries, at land and at sea. The company recently launched OARS (Office Assisted Remote Services), an innovation which uses advanced technology to reduce, and potentially eliminate, the need for surveyors onboard sea-going vessels, optimizing project crewing, safety and efficiency. By keeping skilled staff onshore and using an Internet of Things platform model, Fugro’s OARS project provides faster interpretation of data and decisions, better access to information across regions Hear how Fugro and consulting partner Flux7 created a solution with Docker and Amazon Web Services at its center that provides a high degree of uptime, ensures data is secure and enables portability so that environments that can be quickly replicated in new global regions on demand. Learn how Docker is being used as a key component in Fugro’s continuous delivery cycle and see how Docker is also used to create redundancy that ensures high uptime for Fugro’s 24X7 requirements.
GOTO Copenhagen - Radical Agility with Autonomous Teams and Microservices in ...Jan Löffler
What we've built at Zalando is complex. Supporting – profitably – a publicly traded ecommerce company that does business in 15 diverse European markets, with more than 16 million active users who all speak different languages, use different payment methods, prefer different shipping methods, and have different product tastes, has required nonstop innovation. Until recently we've focused on building a unified, comprehensive retail system, quickly, that solves just our problems. But to truly fight against complexity--particularly the accidental complexity that slows down our development process--we have adopted a microservices architecture. And when it comes to DevOps, we’ve gone a step beyond the "You build it, you run it" motto--working in autonomous teams with DevOps treated as a "first-class entity.”
In this talk, Jan Löffler (Head of Platform Engineering) will share Zalando's experience implementing “Radical Agility” from a DevOps perspective. “Radical Agility” is the Zalando technology team’s multi-pronged approach to managing the complexity that results from building an architecture of massive size. Jan will focus on how microservices enable Zalando’s engineers to move faster and build systems that scale, at scale, and avoid dependencies. He will show how microservices, in conjunction with a cloud infrastructure, support teams as they try strive for autonomy. Finally, he will draw upon his experiences to show how this all works in practice, and discuss what is organizationally and architecturally necessary to make DevOps a top priority for all members of your tech organization.
SIA319 What's Windows Server 2008 R2 Going to Do for Your Active Directory?Louis Göhl
Windows Server 2008 R2 is here, with new tools and utilities for the directory service IT pro to help you manage and maximise the potential of your Active Directory. What's going to be your favourite new feature? Maybe it's the Best Practice Analyser that will scan your infrastructure and point out both compliant and noncompliant aspects of your environment together with suggestions for improvements. Do you want tools to simplify your day-to-day management of the AD? There's a new kid on the block, the Active Directory Administrative Center. Built on Windows PowerShell technology it provides a rich GUI allowing you to perform common Active Directory tasks through both data-driven and task-driven navigation. Not a GUI fan? Then R2 brings you more than 85 PowerShell Cmdlets to allow you to manage, diagnose, and automate AD tasks from the command-line or PowerShell scripts. Maybe your favourite will be the recycle bin allowing you to recover deleted objects while the directory is online or the ability to perform offline domain join allowing you to streamline your deployments. There are more choices, come to this high-energy, fast paced, demo rich presentation and get all the details
Securing Network Access with Open Source solutionsNick Owen
My presentation from Atlanta Linux Fest on how to allow users secure access to your network using open source technologies. Examples include how to add two-factor authentication to Apache, OpenVPN, Astaro, NX etc.
PVS-Studio: analyzing pull requests in Azure DevOps using self-hosted agentsAndrey Karpov
Static code analysis is most effective when changing a project, as errors are always more difficult to fix in the future than at an early stage. We continue expanding the options for using PVS-Studio in continuous development systems. This time, we'll show you how to configure pull request analysis using self-hosted agents in Microsoft Azure DevOps, using the example of the Minetest game.
A digital lab provides access to real devices and browsers through an automation interface with a guaranteed level of uptime, or service availability, to support Agile development of web and mobile apps. This article will help you to gather some knowledge about the various digital labs and device farm. Desired Capabilities help to configure the Appium server and provide the criteria which you wish to use for running your automation script. Try to utilize all the desired capabilities of various digital labs in your automation and enjoy the script
execution in the cloud.
Overseeing Ship's Surveys and Surveyors Globally Using IoT and Docker by Jay ...Docker, Inc.
Fugro is a multinational enterprise that collects and provides highly specialized interpretation of geological data for a number of industries, at land and at sea. The company recently launched OARS (Office Assisted Remote Services), an innovation which uses advanced technology to reduce, and potentially eliminate, the need for surveyors onboard sea-going vessels, optimizing project crewing, safety and efficiency. By keeping skilled staff onshore and using an Internet of Things platform model, Fugro’s OARS project provides faster interpretation of data and decisions, better access to information across regions Hear how Fugro and consulting partner Flux7 created a solution with Docker and Amazon Web Services at its center that provides a high degree of uptime, ensures data is secure and enables portability so that environments that can be quickly replicated in new global regions on demand. Learn how Docker is being used as a key component in Fugro’s continuous delivery cycle and see how Docker is also used to create redundancy that ensures high uptime for Fugro’s 24X7 requirements.
Infrastructure-As-Code means that infrastructure should be treated as code – a really powerful concept. Server configuration, packages installed, relationships with other servers, etc. should be modeled with code to be automated and have a predictable outcome, removing manual steps prone to errors. That doesn’t sound bad, does it?
The goal is to automate all the infrastructure tasks programmatically. In an ideal world you should be able to start new servers, configure them, and, more importantly, be able to repeat it over and over again, in a reproducible way, automatically, by using tools and APIs.
Have you ever had to upgrade a server without knowing whether the upgrade was going to succeed or not for your application? Are the security updates going to affect your application? There are so many system factors that can indirectly cause a failure in your application, such as different kernel versions, distributions, or packages.
Slides I published explaining OpenStack at the OpenSource conference in Milan 2016. Explain also how business processes are involved and explain OpenStack components
OpenStack Explained: Learn OpenStack architecture and the secret of a success...Giuseppe Paterno'
OpenStack can help your business in cutting costs and have a faster time to market. A lot of people are looking at OpenStack as an alternative to VMware and most of the vendors are trying to let you think that visualization is cloud. While Cloud implies a virtualized environment, virtualization is not a cloud.
This ebook will go through the concept of Cloud and help you understand the architecture of OpenStack and its benefits. It also explores DevOps and reveal the "secret ingredient" to have a successful cloud project.
This ebook was created to raise funds for the Nepalese population after the Earthquake in 2015.
OpenStack security is a huge topic. In these slides I presented at the OpenStack Day, I analyzed cloud security the network to the application layer, going through specific layers, some in common between OpenStack itself and the applications.
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiGiuseppe Paterno'
No matter if you are a lonely system administrator or the CTO of the largest carrier in the World, getting to know what’s out there is a jungle. Is VMware still the lead? I’ve heard about OpenStack, how mature is that? And what this “Ganeti” I’ve never heard of?
Well, here I am. Guess what, you’re not the only one asking these questions. I traveled most of Europe hearing world’s most famous enterprises, banks and telcos and also in contact with many vendors’ labs, from San Francisco to Munich.
In this presentation I just wish to give a quick overview of the state-of-the-art in the IaaS and virtualization world. This is not a sales or marketing presentation: no vaporware, just pure and real experience from the field.
Enjoy the slides and stay tuned on my twitter channel on @gpaterno
La gestione delle identità per il controllo delle frodi bancarieGiuseppe Paterno'
Che differenza c'e' tra una banca retail e un private banking in ambito frodi? Assistiamo a diversi fenomeni nel private banking come l'uso di device mobili (tablet, smartphone, ...) e l'aumento delle frodi dovute al fattore umano. Il mio intervento a Forum Banca 2013 descrive i rischi del private banking e come sono stati risolti. Presentazione in collaborazione con Banca Esperia, gruppo Mediobanca.
Cloud can provide great flexibility to IT, ensuring business continuity and optimizing costs. But what are the implications for IT security? Even big names such as IEEE, Apple and Samsung are among the victims of identity theft in the Cloud. If you choose to adopt virtual data center (IaaS) or on-line applications (SaaS), you shift the paradigm of security as it was conceived up to now. The presentation will examine the security implications of a Cloud infrastructure and possible remedies with practical examples.
Il problema dei furti di identita' nelle infrastrutture Cloud e possibili rimediGiuseppe Paterno'
E' noto che il Cloud consente di dare una maggiore flessibilità all'IT, garantendo una continuità del business e ottimizzando i costi. Ma quali sono le implicazioni sulla sicurezza aziendale? La cronaca recente ha evidenziato che anche nomi importanti quali IEEE, Apple e Samsung sono tra le vittime piu' famose dei furti di identita' nel Cloud. Se si adottano datacenter virtuali (IaaS) o applicazioni on-line (SaaS), si sposta il paradigma della sicurezza così' come concepita finora.
La presentazione analizzerà le implicazioni di sicurezza di una infrastruttura Cloud e i possibili rimedi, con esempi pratici.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
2. What is a "Pad"
A "Pad" is an on-line web-based collaborative
real-time editor, allowing authors to
simultaneously edit a text document, and see all
of the participants' edits in real-time, with the
ability to display each author's text in their own
color.
Anyone can create a new collaborative
document, known as a "pad". Each pad has its
own URL and anyone who knows this URL can
edit the pad and participate in the associated
chats. Password-protected pads are also
possible. Each participant is identified by a color
and a name.
The software auto-saves the document at regular,
short intervals, but participants can permanently
save specific versions (checkpoints) at any
time. A "time machine" feature allows anyone to
explore the history of the pad, going back in the
past release. The major "milestones" can also be
tagged (or "stared").
A great feature of some pads is that document
can be imported and exported in plain text,
HTML, Open Document, Microsoft Word, or PDF
format.
Secure real-time collaboration with and Etherpad
3. Working with "Pads"
Working with pads is business going social: social networks get us used to be always
updated and connected to our community anytime and anywhere. A pad follow that
mindset and enables you with a simple tool to collaborate with your colleagues and
partners while ensuring the right level of privacy online.
Consider a pad like a clear whiteboard, open a new one and simply start writing an
idea or a challenge. Invite your team, your partners, your external collaborators -no
matter where they are- to share your ideas at the same time.
Let the pad grow with the contribution and the experience of trusted people, every
projects has the right team that are ready to contribute. Review and compare the text
with preview versions, until you'll find the answer and achieve your goal.
Then export it, in your favourite format and share it. For example, write project
documentations with your team through a pad and deliver it in a professional way
using your favorite tool such as Microsoft Word.
Secure real-time collaboration with and Etherpad
4. Secure real-time
collaboration
Innovate, experiment, engage your customers in an easy and
secure way. With a shared pad in a protected enviroment, it's easy focus
on core facts and forget about your information being accessed from
unauthorized users. All you have to do is following the speed of business.
Secure cooperation with employees and partners is now possible on the
cloud with the protection of SecurePass.
Access to a pad is as easy as sharing the web adress of your pad, SecurePass
will ensure that access to information is allowed only to authorized users.
By integrating a pad with SecurePass you will be able to:
‣identify your employees and partners in a proper way
‣limit access to your company and/or your partners (with Apache module)
‣cooperate from anywhere, also through tablets and smartphones, without
fear of loosing precious company information
Secure real-time collaboration with and Etherpad
6. Etherpad
Etherpad is probably the most famous
pad server implementation: it was born
in 2008 by some Google employees.
Etherpad itself is implemented in
JavaScript, through the Node,js
application environment.
Etherpad was the first web application
of its kind to achieve true real-time
performance,
The home page is on: http://etherpad.org
Secure real-time collaboration with and Etherpad
7. Apache HTTPd
Apache will be handling all data comunication from the external world, playing an important role for securing
communication. In particular, the Apache web server will be performing the following roles:
SSL termination
Reverse proxy to the Etherpad web server on Node.js
Authenticating the user using the SecurePass Web Single Sing-On feature
Limitation of the SecurePass domains/realm for using the pad only within your company or allowing external partners
Translating the user identity into something that Etherpad is able to understand
We will not go in details on how to create a virtual server with the SSL feature.
The configuration has been tested with CentOS 6.
Secure real-time collaboration with and Etherpad
8. Apache configuration
for SecurePass
Follow the instructions on this website:
http://support.secure-pass.net/wiki/index.php/Apache
and ensure you have these values set:
CASCookiePath /var/cache/mod_auth_cas/
CASValidateServer Off
CASLoginURL https://login.secure-pass.net/cas/login
CASValidateURL https://login.secure-pass.net/cas/serviceValidate
CASAllowWildcardCert On
In CentOS you have to create the path
/var/cache/mod_auth_cas/
Secure real-time collaboration with and Etherpad
9. Apache Reverse Proxy
The following statement has to be copied
in the Apache virtual host and will reverse
proxy all the requests to the Etherpad
service, with the exception of the
administrative interface of Etherpad.
ProxyVia On
ProxyRequests Off
ProxyPass /admin !
ProxyPass / http://127.0.0.1:9001/ retry=0
ProxyPassReverse / http://127.0.0.1:9001/
ProxyPreserveHost on
<Proxy *>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Proxy>
Secure real-time collaboration with and Etherpad
10. Install SecurePass
Apache module
This module will introduce the feature of limiting the access
to the Etherpad to your company or the partners/companies
you wish to cooperate with.
Please download from the following site:
https://github.com/AlessandroLorenzi/mod_authz_securepass
and follow the instructions in the INSTALL file
Secure real-time collaboration with and Etherpad
11. Configure authentication
in Apache
The following statement has to be copied in the <Location />
Apache virtual host and will enable: AuthType CAS
Require sprealm mycompany.com partner.net
1. Authentication with SecurePass RewriteEngine On
2. Limit the access to the realms listed in "Require RewriteCond %{REMOTE_USER} (.+)
sprealm" directive (modify as appropriate) RewriteRule . - [E=RU:%1]
RequestHeader add X-Forwarded-User %{RU}e
3. Pass the REMOTE_USER variable as the
X-Forwarded-User header Header Set Cache-Control "max-age=0, no-store"
</Location>
Secure real-time collaboration with and Etherpad
12. Install and Integration
Etherpad
To install Etherpad in your system, please Install the plugin sotauth to be able to
follow the instructions in the web site: identify the user via the X-Forwarded-
user HTTP header:
https://help.ubuntu.com/community/ https://github.com/wtsi-hgi/ep_sotauth
Etherpad-liteInstallation
Note that in the website there is also an
upstart configuration file that will work In the Etherpad configuration file
also on CentOS 6. "settings.json" enable
"requireAuthentication" and
In our installation we also used MySQL to "requireAuthorization"
have a more production-ready database.
Secure real-time collaboration with and Etherpad
13. Conclusions
A lot of organisations are now
adopting a collaboration tool
to improve efficiency: the easy
model of Etherpad with the
trusted protection of
SecurePass let the cloud be the
right tool to save your time and
money.
Once the secure pad tool has
been implemented and become a
part of everyday business,
your business could rely on a new
fast way to engage with partners,
customers and your team.
Secure real-time collaboration with and Etherpad
14. Your daily
secure
business
online
Sponsored by
www.secure-pass.net www.moresi.com