1. How to Secure Network Communication?
2. SSL(Secure Socket Layer)
3. Digital Certificate
Signature(Signed and Unsigned)
Digest(SHA-256, MD5)
4. Keys
Private, Public, and Session Key
5. Types of Encryption
Symmetric and Asymmetric
6. One-way and Two-way SSL
7. Keystore and Truststore
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
BriForum 2014 Boston
Dan Brinkmann presents on Identity Providers, SAML, and OAuth. An example of setting up Office 365 to use Active Directory Federation Services is also shown.
This slide deck gives an introduction to OAuth 2.0, starting with some concepts, explaining the flow plus a few hints. The reminder of the slides are about implementing an OAuth 2.0 server using the Apache Amber library (renamed to Apache Oltu lately). My impression is that many developers shy away as soon as they hear "security" and so I did not only want to talk about the concepts of OAuth 2.0 but also wanted to show how easily you can implement an OAuth 2.0 server ... hope it reduces the fear of contact a bit ... ;-)
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
It’s no secret that Identity Management is a key component to any modern identity solution. Organizations need to easily provision, de-provision and perform synchronization & reconciliation tasks across not just users, but devices and things as well. The future of Identity Management will require the unique flexibility of a service based approach with custom configurable administrative and self-service capabilities that can handle any kind of Identity. Find out more about how all forms of identity (business, consumer and device) can by centralized, normalized, coordinated and managed by policy - and automated to ensure a consistent experience that complies with regulations and policies. Discover how ForgeRock can help you deliver Identity Management the right way to your customers, partners and employees.
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
We take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or to launch an Amazon EC2 instance of a specific type.
APIs have become a strategic necessity for your business. They facilitate agility and innovation. However, the financial incentive associated with this agility is often tempered with the fear of undue exposure of the valuable information that these APIs expose. With data breaches now costing $400m or more, senior IT decision makers are right to be concerned about API security.
In this SlideShare, you'll learn:
-The top API security concerns
-How the IT industry is dealing with those concerns
-How Anypoint Platform ensures the three qualifications needed to keep APIs secure
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
How to create a User Defined Policy with IBM APIc (v10)Shiu-Fun Poon
IBM APIc ships a set of policy. However you can extend those capabilities by creating your own policy. This gives step by step on how that can be done, it also provides a template to help you jump start the process.
Because the SAML Protocol is so foundational to the cloud identity software as a service Gluu provides, we wanted to lay out the basics of SAML for those interested.
The following can be thought of as a basic guide to getting you conversational with the SAML protocol.
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...confluent
Apache Kafka is changing the way we build scalable and highly available software systems. Providing a simplified path to eventual consistency and event sourcing Kafka gives us the platform to make these patterns a reality for a much broader segment of applications and customers than was possible in the past. Cloud Events is an interoperable specification for eventing that is part of the CNCF. This session will combine open source and open standards to show you how you can build highly reliable application that scale linearly, provide interoperability and are easily extensible leveraging both push and pull semantics. Concrete real world examples will be shown of how Kafka makes event sourcing more approachable and how streams and events complement each other including the difference between business events and technical events.
BriForum 2014 Boston
Dan Brinkmann presents on Identity Providers, SAML, and OAuth. An example of setting up Office 365 to use Active Directory Federation Services is also shown.
This slide deck gives an introduction to OAuth 2.0, starting with some concepts, explaining the flow plus a few hints. The reminder of the slides are about implementing an OAuth 2.0 server using the Apache Amber library (renamed to Apache Oltu lately). My impression is that many developers shy away as soon as they hear "security" and so I did not only want to talk about the concepts of OAuth 2.0 but also wanted to show how easily you can implement an OAuth 2.0 server ... hope it reduces the fear of contact a bit ... ;-)
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
It’s no secret that Identity Management is a key component to any modern identity solution. Organizations need to easily provision, de-provision and perform synchronization & reconciliation tasks across not just users, but devices and things as well. The future of Identity Management will require the unique flexibility of a service based approach with custom configurable administrative and self-service capabilities that can handle any kind of Identity. Find out more about how all forms of identity (business, consumer and device) can by centralized, normalized, coordinated and managed by policy - and automated to ensure a consistent experience that complies with regulations and policies. Discover how ForgeRock can help you deliver Identity Management the right way to your customers, partners and employees.
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
We take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or to launch an Amazon EC2 instance of a specific type.
APIs have become a strategic necessity for your business. They facilitate agility and innovation. However, the financial incentive associated with this agility is often tempered with the fear of undue exposure of the valuable information that these APIs expose. With data breaches now costing $400m or more, senior IT decision makers are right to be concerned about API security.
In this SlideShare, you'll learn:
-The top API security concerns
-How the IT industry is dealing with those concerns
-How Anypoint Platform ensures the three qualifications needed to keep APIs secure
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
How to create a User Defined Policy with IBM APIc (v10)Shiu-Fun Poon
IBM APIc ships a set of policy. However you can extend those capabilities by creating your own policy. This gives step by step on how that can be done, it also provides a template to help you jump start the process.
Because the SAML Protocol is so foundational to the cloud identity software as a service Gluu provides, we wanted to lay out the basics of SAML for those interested.
The following can be thought of as a basic guide to getting you conversational with the SAML protocol.
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...confluent
Apache Kafka is changing the way we build scalable and highly available software systems. Providing a simplified path to eventual consistency and event sourcing Kafka gives us the platform to make these patterns a reality for a much broader segment of applications and customers than was possible in the past. Cloud Events is an interoperable specification for eventing that is part of the CNCF. This session will combine open source and open standards to show you how you can build highly reliable application that scale linearly, provide interoperability and are easily extensible leveraging both push and pull semantics. Concrete real world examples will be shown of how Kafka makes event sourcing more approachable and how streams and events complement each other including the difference between business events and technical events.
Training Slides: 302 - Securing Your Cluster With SSLContinuent
Watch this 41min training session on how to secure your Tungsten Cluster with SSL, looking at internal cluster communications as well as how to deploy SSL for the Tungsten Connector. It all starts off with some background information on what SSL is all about.
TOPICS COVERED
- What is SSL?
- Deploying SSL for Cluster communications
- Deploying SSL for Tungsten Connector
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Chris Gates
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
Patterns to Bring Enterprise and Social Identity to the Cloud CA API Management
In this session, we will look at strategies to incorporate identity into cloud applications. Enterprise
identity or social login can both be a part of your go-to-cloud strategy, but you must plan for this
upfront, rather than try to retrofit identity and access control at a later date.
Overview of SSL & TLS Client-Server InteractionsKatie Knowles
Overview of SSL & TLS client-sever interactions and perfect forward security with Diffie-Hellman exchange.
Originally created for the dc562 2016 Cryptoparty.
Securing the Web without site-specific passwordsFrancois Marier
Identity systems on the Web are a bit of a mess. Surely in 2013, we would have something else than usernames and passwords for logging into websites. A solution that doesn't require trusting a central authority.
It turns out that solving the general identity problem is very hard. Some of these solutions require complicated redirections, an overwhelming amount of jargon and lots of verbose XML. The technology has been around for a long time, but implementing it properly (and safely) is often incredibly difficult.
This talk will explore the challenges of the existing Web identity solutions and introduce the choices that we made during the development of Persona, a new cross-browser federated identity solution from Mozilla.
It will cover:
- a discussion of the complexities and privacy-related concerns that existing identity solutions have
- how crypto is used in Persona to provide both authentication and privacy
- the Persona federation approach: fully distributed with fallbacks
- demos and actual code from sites that have implemented Persona
- the basics of the Persona API so that attendees can go out and easily support this technology on their own sites
Trying to convince users to pick unique (and strong) passwords for each website is a losing battle. What we're proposing is a standard, built into browsers, that leverages the new security features that email providers are now offering. A simple federated solution to eliminate site-specific passwords.
OTN tour 2015 Experience in implementing SSL between oracle db and oracle cli...Andrejs Vorobjovs
Experience in implementing SSL between Oracle DB and Oracle Clients" - presentation will explain how to configure implement SSL between Oracle DB/Client
Certificate pinning in android applicationsArash Ramez
How to do cryptography right in android
Part #4 / How to mitigate MITM attacks in SSL/TLS channels using server certification validation
watch it on youtube:
https://www.youtube.com/playlist?list=PLT2xIm2X7W7gZ0mtoAA8JrfFrvOKr1Qlp
Sesión del Global Azure Bootcamp 2017. Azure Key Vault nos permite asegurar los servicios alojados, las claves y contraseñas en un almacenamiento especial y protegido. En esta sesión exploraremos las capacidades de Azure Key Vault y veremos como es necesario su uso en la Star Trek para garantizar la seguridad.
In this Meetup, Speaker walked us through the below AWS Route 53 Concepts:
- What is DNS
- How does DNS work?
- DNS Record types
- Routing Policies
- MuleSoft vanity domain mapping
- Load distribution of MuleSoft APIs
- Failover Scenario - Disaster Recovery
Digital Transformation With MuleSoft : That Wins Customerspqrs1234
What is Digital Transformation?
Current Trends in Digital Transformation
Designing API Strategy
How Mulesoft helps in Digital Transformation?
Case Study
Session on API auto scaling, monitoring and Log managementpqrs1234
API Autoscaling
When to configure
How to configure
Points to be noted while configuring
Anypoint Monitoring Overview
Advantages and uses
Built-in dashboards
Custom dashboards
Reports
Alerts
Functional Monitoring
Log Management
Log Search
Log Points
Log Download
Power of salesforce LWC with Mulesoft using platform eventspqrs1234
During this event, Speaker walked us through a live demo on the below topics:
- How to create connected apps in Salesforce?
- How to authenticate Mulesoft via OAuth JWT?
- Salesforce LWC
- Salesforce Platform events
- Secure communication between Mulesoft and Salesforce via Connected Apps
What is API?
Define API Complete Life Cycle
What are the components of the Anypoint platform?
What is Auto-discovery?
Types of policies
How to apply policies in an application?
Basic endpoint
Proxy endpoint
What is proxy API and how to create it?
Salesforce composite api mule soft connectorpqrs1234
Pain Points with Traditional Approach
What is Salesforce Composite API?
What an sObject is, Batch is and Composite Request is?
How to create nested records of the same type?
How to create multiple, unrelated records of the same type?
Limitations of the Salesforce composite connectors
Comparison between Batch, Composite Request and sObject Tree
Live Demo
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
Safalta Digital marketing institute in Noida, provide complete applications that encompass a huge range of virtual advertising and marketing additives, which includes search engine optimization, virtual communication advertising, pay-per-click on marketing, content material advertising, internet analytics, and greater. These university courses are designed for students who possess a comprehensive understanding of virtual marketing strategies and attributes.Safalta Digital Marketing Institute in Noida is a first choice for young individuals or students who are looking to start their careers in the field of digital advertising. The institute gives specialized courses designed and certification.
for beginners, providing thorough training in areas such as SEO, digital communication marketing, and PPC training in Noida. After finishing the program, students receive the certifications recognised by top different universitie, setting a strong foundation for a successful career in digital marketing.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
1. Coimbatore MuleSoft Meetup Group
What is SSL/TLS, What is One-Way
SSL & Two-Way SSL?
- Secure Network Communication
Msg: Meet me at X place
Time: 12 PM
Alice Bob
Msg: Meet me at X place
Time: 12 PM
2. Organizers
2
About Organizer:
• 10 years of Technical Experience.
• 6+ years of Experience in the Integration Domain.
• Certified MuleSoft Developer and Architect.
• Mule Meetup Speaker.
• Coimbatore Mule Meetup Leader
Ashish Pardhi
Solution Architect, Apisero
3. Organizers
3
About Organizer:
• 10+ years of Industry Experience.
• 2+ years of Experience in Mulesoft
• Certified Technical Instructor at Mulesoft
• Integration Architect at NJC Labs.
• Coimbatore Mule Meetup Leader.
Anoop Ramachandran
Integration Architect,
NJC LABS
4. Organizers
4
About Organizer:
• 3.7 years of Total experience in MuleSoft.
• Certified MuleSoft Developer.
• Solution Consultant at Apisero.
• Coimbatore Mule Meetup Leader.
Balkis Sajeena
Solution Consultant, Apisero
5. • Both the speaker and host are organizing this meet up in individual capacity, only.
We are not representing our companies here.
• This presentation is strictly for learning purpose only. Organizer/Presenter do not hold any
responsibility that same solution will work for your business requirements also.
• This presentation is not meant for any promotional activities.
Safe Harbor Statement
5
6. A recording of this meetup will be uploaded to events page within 24 hours.
Questions can be submitted/asked at any time in the Chat/Questions & Answers Tab.
Make it more Interactive!!!
Give us feedback! Rate this meetup session by filling feedback form at the end of the day.
We Love Feedbacks!!! Its Bread & Butter for Meetup.
Housekeeping
6
7. 1. How to Secure
Network
Communication?
2. SSL(Secure
Socket Layer)
3. Digital Certificate
• Signature(Signed and Unsigned)
• Digest(SHA-256, MD5)
4. Keys
• Private, Public and
Session Key
5. Types of Encryption
• Symmetric and Asymmetric
6. One-way and
Two-way SSL
7. Keystore and
Truststore
Agenda
7
8. Digital certificates serve as the backbone of internet security.
● Secure Sockets Layer (SSL) certificates, sometimes called digital certificates, are used to
establish an encrypted connection between a browser or user's computer and a server or
website.
● The SSL connection protects sensitive data, such as credit card information, exchanged
during each visit, which is called a session, from being intercepted from non-authorized
parties.
What is an SSL Certificate?
8
9. Encryption: The data which is transferred
between two or more Clients and Server
should be encrypted.
Authentication: The data to be
transferred must be to the correct
person or user.
Data Integrity: The data over transmission
should not be tampered or changed.
SSL works on three basic principles
9
10. Encryption
10
Msg: Meet me at X place
Time: 12 PM
Alice Bob
Msg: Meet me at X place
Time: 12 PM
I know
Alice’s
Public Key
I am
encrypting
with my
Private Key
Symmetric - Same Key
Asymmetric - Different Set of Keys
11. Data Integrity – Digital Signature
11
Msg: Meet me at X place
Time: 12 PM
Alice Bob
Msg: Meet me at X place
Time: 12 PM
Original Msg
-------------------------------------------------------------
Encrypt(Digest(Original Msg), Alice’s Priv Key)
Digest(Original Msg)
------------------------------------------------------------------------------------------------
Decrypt(Encrypt(Digest(Original Msg), Alice’s Priv Key), Alice’s Pub Key)
abc1234xyz
------------------
abc1234xyz
I have
received
correct
Message
Signature
of Alice
12. 12
Msg: Meet me at X place
Time: 12 PM
Alice
Bob
Msg: Lets Meet at My Home
Time: 12 PM
Hunter
Data Integrity
Intercepted Msg
-------------------------------------------------------------
Encrypt(Digest(Intercepted Msg), Hunter’s Priv Key)
Digest(Intercepted Msg)
------------------------------------------------------------------------------------------------
Decrypt(Encrypt(Digest(Intercepted Msg), Hunter’s Priv Key), Alice’s Pub Key)
abc1234xyz
------------------
~!$#%&^*()#
I have to
reject
this
Message
13. Digital Certificate
13
I am Mulesoft.com
Alice
Bob
Original Msg
-------------------------------------------------------------
Encrypt(Digest(Original Msg), CA’s Priv Key)
Digest(Original Msg)
------------------------------------------------------------------------------------------------
Decrypt(Encrypt(Digest(Original Msg), CA’s Priv Key), CA’s Pub Key)
abc1234xyz
------------------
abc1234xyz
Right Sender
confirmed
with help
CA’s Pub
Key
I am Mulesoft.com
14. Keystore and Truststore – JCEKS, PKCS12, JKS
14
Alice Bob
Alice’s
Truststore
Bob’s
Truststore
Alice’s
Keystore
Bob’s
Keystore
Alias Privat
e Key
Pub
Cert
Alias Privat
e Key
Pub
Cert
Alias Pub
Cert
Alias Pub
Cert
17. • Basically, the browser works on One-Way SSL authentication mechanism,
Where the Client verifies/validates the server certificate with the list of CA's
certification authority.
• There are three keys are used to set up the SSL connection:
– Public key
– Private key
– Session key
SSL(Secure Sockets Layer) HANDSHAKE
17
18. • One-Way SSL
– In this method only client going to verifies, server certificates with the List of CA's
certification authority.
Two different ways to make SSL connection
18
• Two-Way SSL
– In this method, both client and server verify, each other certificates with the list of CA's
certification authority.
19. One-Way SSL authentication
19
Client request for secured connection
Client sends Session Key + Public Key
Server returns public certificate + public key
Server decrypts the session key & starts the session
20. Two-Way SSL authentication
20
Client request for secured connection
Client sends public cert + Session Key + Public Key
Server returns public certificate + public key
Server decrypts the session key & starts the session
23. Get ready to WIN a Special Gift from MuleSoft Community
Quiz Time
24. ❖ You should not be a meetup leader.
❖ In last 30 days you shouldn’t own any trivia quiz in any
meetup.
Important Instructions for the
attendees to play Trivia quiz
25. 1. Log in to www.kahoot.it via your
mobile phone
2. Click on “Play” on top right hand side
of the web page
3. Enter the game pin that is displayed
on the quiz master’s screen
4. Give your complete name as the
nickname
5. You will be getting your questions on
your laptop screen with option.
6. For every questions you will get 20
26. 26
Share:
○ Tweet your pictures using the hashtag #CoimbatoreMuleSoftMeetup
○ Invite your network to join: https://meetups.mulesoft.com/coimbatore/
Feedback:
○ Fill out the survey feedback and suggest topics for upcoming events
○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program
What’s next?
27. 27
Anypoint Platform CLI On Sat, July 17, 11.00 AM (IST) by Jivan Nalavade
Lead Engineer, Apisero
https://meetups.mulesoft.com/events/details/mulesoft-coimbatore-presents-anypoint-platform-cli/
Next Meetups