SlideShare una empresa de Scribd logo

Deep dive into Java security architecture

Descargar como PPTX, PDF
Prabath Siriwardena
Prabath Siriwardena

The document discusses Java security and how to configure a security manager and policy in Java. It explains that a security manager creates a sandbox for Java applications and uses a security policy to define permissions. The policy grants or denies permissions to code based on code location, trust via signing, and the user running the code. It provides examples of policy syntax and common permissions.

TecnologíaNoticias y política
1 de 35
Prabath Siriwardena Twitter : @prabath
• Provide the Java platform as a secure, ready-built platform on which to run Java-enabled applications in a secure fashion. • Provide security tools and services implemented in the Java programming language that enable a wider range of security- sensitive applications, for example, in the enterprise world.
• Variables are initialized before they are used. • Method calls match the types of object references. • Rules for accessing private data and methods are not violated. • Local variable accesses fall within the runtime stack. • The runtime stack does not overflow.
• To create a sandbox environment for a given Java application Java Security Manager must be engaged. • System.setSecurityManager(new SecurityManager()); • java –Djava.security.SecurityManager MainClass
• If no policy is explicitly specified Java Security Manager uses its default security policy. • The location of the default security policy is picked from JAVA_HOME/lib/security/java.security file. #The default is to have a single system-wide policy file, # and a policy file in the user's home directory. policy.url.1=file:${java.home}/lib/security/java.policy policy.url.2=file:${user.home}/.java.policy
• By default everything is denied! • Explicitly grants permissions for the code in execution. • Permission = Resource (Target) + Action grant { permission java.io.FilePermission “mytext.txt", "read,write”; };
• Java Security Manager reads the security policy. • java –Djava.security.SecurityManager – Djava.security.policy=mypolicy.policy MainClass • java –Djava.security.SecurityManager – Djava.security.policy==mypolicy.policy MainClass • System.setProperty(“java.security.policy”,”mypolicy.policy”); System.setSecurityManager(new SecurityManager());
Syntax : permission className targetName actionList
Target: File Name Action List: read, write, execute, delete
Target: Address:Port_Or_PortRange Action List: accept, connect, listen, resolve
Target: Property Name Action List: read, write
Target: createClassLoader getClassLoader setContextClassLoader enableContextClassLoaderOverride createSecurityManager setSecurityManager exitVM getenv.variableName shutdownHooks setFactory setIO modifyThread stopThread modifyThreadGroup getProtectionDomain readFileDescriptor writeFileDescriptor loadLibrary.libraryName accessClassInPackage.packageName defineClassInPackage.packageName accessDeclaredMembers.className queuePrintJob getStackTrace setDefaultUncaughtExceptionHandler preferences usePolicy
Target: showWindowWithoutWarningBanner accessClipboard accessEventQueue createRobot fullScreenExclusive listenToAllAWTEvents readDisplayPixels replaceKeyboardFocusManager watchMousePointer setWindowAlwaysOnTop setAppletStub
Target: setDefaultAuthenticator specifyStreamHandler requestPasswordAuthentication setProxySelector getProxySelector setCookieHandler getCookieHandler setResponseCache getResponseCache
Target: suppressAccessChecks
Target: enableSubclassImplementation enableSubstitution
Target: createAccessControlContext getDomainCombiner getPolicy setPolicy getProperty.keyName setProperty.keyName insertProvider.providerName removeProvider.providerName setSystemScope setIdentityPublicKey setIdentityInfo addIdentityCertificate removeIdentityCertificate printIdentity clearProviderProperties.providerName putProviderProperty.providerName removeProviderProperty.providerName getSignerPrivateKey setSignerKeyPair
Target: (none) Action List: (none)
Target: doAs doAsPrivileged getSubject getSubjectFromDomainCombiner setReadOnly modifyPrincipals modifyPublicCredentials modifyPrivateCredentials refreshCredential destroyCredential createLoginContext.contextName getLoginConfiguration setLoginConfiguration refreshLoginConfiguration
Target: play record Action List: (none)
Target: control Action List: (none)
Target: setLog Action List: (none)
• Based on the location of the code • Based on the trust (code has to be signed) • Based on the user who runs the code
• Based on the location of the code grant codeBase "file:${my.code.base}/-" { permission java.security.AllPermission; }; grant codeBase "file://java-security/org.wso2.java.security/-" { permission java.security.AllPermission; }; grant codeBase "file:${java.ext.dirs}/*" { permission java.security.AllPermission; }; grant codeBase "file:${java.home}/lib/ext/area.jar" { permission java.io.PropertyPermission "user.home”,"read"; permission java.io.FilePermission "${user.home}${/}test${/}*", "write"; };
• Based on the user who runs the code grant principal com.sun.security.auth.UnixPrincipal "prabath" { permission java.security.AllPermission; }; grant principal javax.security.auth.x500.X500Principal "cn=Alice" { permission java.io.FilePermission "/home/Alice", "read, write"; };
• Based on the trust (code has to be signed) grant signedBy "wso2carbon" { permission java.security.AllPermission; }; keystore "file:///java-security/org.wso2.java.security/wso2carbon.jks"; keystorePasswordURL "file:///org.wso2.java.security/wso2carbon.pwd";
• Combinations grant signedBy "wso2carbon" , codeBase "file://java-security/org.wso2.java.security/-" , principal com.sun.security.auth.UnixPrincipal "prabath" { permission java.security.AllPermission; }; keystore "file:///java-security/org.wso2.java.security/wso2carbon.jks"; keystorePasswordURL "file:///org.wso2.java.security/wso2carbon.pwd";
• Allow to read all the system properties except java.home ? • Tom can access the getBeer() method only if he is older then 21 year?
Deep dive into Java security architecture

Recomendados

How to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid themHow to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid them
Masoud Kalali
 
A5-Security misconfiguration-OWASP 2013
A5-Security misconfiguration-OWASP 2013 A5-Security misconfiguration-OWASP 2013
A5-Security misconfiguration-OWASP 2013
Sorina Chirilă
 
Elementos de panel de control del sistema operativo
Elementos de panel de control del sistema operativoElementos de panel de control del sistema operativo
Elementos de panel de control del sistema operativo
july miranda
 
What is java? Components of java
What is java? Components of java What is java? Components of java
What is java? Components of java
lalitaaaaaa
 
Malware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence MoroccoMalware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence Morocco
Touhami Kasbaoui
 
History Of JAVA
History Of JAVAHistory Of JAVA
History Of JAVA
ARSLANAHMED107
 
Linux
Linux Linux
Linux
Patruni Chidananda Sastry
 
Microsoft windows operating system
Microsoft windows operating systemMicrosoft windows operating system
Microsoft windows operating system
TEENAVEENCHHEE
 

Recomendados

How to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid themHow to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid them
Masoud Kalali
 
A5-Security misconfiguration-OWASP 2013
A5-Security misconfiguration-OWASP 2013 A5-Security misconfiguration-OWASP 2013
A5-Security misconfiguration-OWASP 2013
Sorina Chirilă
 
Elementos de panel de control del sistema operativo
Elementos de panel de control del sistema operativoElementos de panel de control del sistema operativo
Elementos de panel de control del sistema operativo
july miranda
 
What is java? Components of java
What is java? Components of java What is java? Components of java
What is java? Components of java
lalitaaaaaa
 
Malware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence MoroccoMalware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence Morocco
Touhami Kasbaoui
 
History Of JAVA
History Of JAVAHistory Of JAVA
History Of JAVA
ARSLANAHMED107
 
Linux
Linux Linux
Linux
Patruni Chidananda Sastry
 
Microsoft windows operating system
Microsoft windows operating systemMicrosoft windows operating system
Microsoft windows operating system
TEENAVEENCHHEE
 
OpenVAS
OpenVASOpenVAS
OpenVAS
svm
 
Packages in java
Packages in javaPackages in java
Packages in java
Abhishek Khune
 
Linux systems - Linux Commands and Shell Scripting
Linux systems - Linux Commands and Shell ScriptingLinux systems - Linux Commands and Shell Scripting
Linux systems - Linux Commands and Shell Scripting
Emertxe Information Technologies Pvt Ltd
 
Static keyword ppt
Static keyword pptStatic keyword ppt
Static keyword ppt
Vinod Kumar
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Less01 architecture
Less01 architectureLess01 architecture
Less01 architecture
Amit Bhalla
 
Oracle Flex ASM - What’s New and Best Practices by Jim Williams
Oracle Flex ASM - What’s New and Best Practices by Jim WilliamsOracle Flex ASM - What’s New and Best Practices by Jim Williams
Oracle Flex ASM - What’s New and Best Practices by Jim Williams
Markus Michalewicz
 
F5 BIG-IP: Secure Application and Data Security Services
F5 BIG-IP: Secure Application and Data Security Services F5 BIG-IP: Secure Application and Data Security Services
F5 BIG-IP: Secure Application and Data Security Services
Amazon Web Services
 
Javascript tutorial
Javascript tutorialJavascript tutorial
Javascript tutorial
Doeun KOCH
 
Solaris Operating System
Solaris Operating SystemSolaris Operating System
Solaris Operating System
Joshua Guillano
 
iOS Application Penetration Testing for Beginners
iOS Application Penetration Testing for BeginnersiOS Application Penetration Testing for Beginners
iOS Application Penetration Testing for Beginners
RyanISI
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10
NowSecure
 
Burp Suite Extension Development
Burp Suite Extension DevelopmentBurp Suite Extension Development
Burp Suite Extension Development
NSConclave
 
DB2 Security Model
DB2 Security ModelDB2 Security Model
DB2 Security Model
uniqueYGB
 
Solaris Operating System - Oracle
Solaris Operating System - Oracle Solaris Operating System - Oracle
Solaris Operating System - Oracle
Malan Amarasinghe
 
Secure software development presentation
Secure software development presentationSecure software development presentation
Secure software development presentation
Mahdi Dolati
 
Risiken von Open Source Software
Risiken von Open Source SoftwareRisiken von Open Source Software
Risiken von Open Source Software
Matthias Stürmer
 
Mobile Application Penetration Testing
Mobile Application Penetration TestingMobile Application Penetration Testing
Mobile Application Penetration Testing
BGA Cyber Security
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
begmohsin
 
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdfmastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
ManiacH1
 
Java security
Java securityJava security
Java security
Ankush Kumar
 
Spring Security
Spring SecuritySpring Security
Spring Security
Boy Tech
 

Más contenido relacionado

La actualidad más candente

Less01 architecture
Less01 architectureLess01 architecture
Less01 architecture
Amit Bhalla
 
Risiken von Open Source Software
Risiken von Open Source SoftwareRisiken von Open Source Software
Risiken von Open Source Software
Matthias Stürmer
 
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdfmastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
ManiacH1
 

La actualidad más candente (20)

OpenVAS
OpenVASOpenVAS
OpenVAS
 
Packages in java
Packages in javaPackages in java
Packages in java
 
Linux systems - Linux Commands and Shell Scripting
Linux systems - Linux Commands and Shell ScriptingLinux systems - Linux Commands and Shell Scripting
Linux systems - Linux Commands and Shell Scripting
 
Static keyword ppt
Static keyword pptStatic keyword ppt
Static keyword ppt
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
Less01 architecture
Less01 architectureLess01 architecture
Less01 architecture
 
Oracle Flex ASM - What’s New and Best Practices by Jim Williams
Oracle Flex ASM - What’s New and Best Practices by Jim WilliamsOracle Flex ASM - What’s New and Best Practices by Jim Williams
Oracle Flex ASM - What’s New and Best Practices by Jim Williams
 
F5 BIG-IP: Secure Application and Data Security Services
F5 BIG-IP: Secure Application and Data Security Services F5 BIG-IP: Secure Application and Data Security Services
F5 BIG-IP: Secure Application and Data Security Services
 
Javascript tutorial
Javascript tutorialJavascript tutorial
Javascript tutorial
 
Solaris Operating System
Solaris Operating SystemSolaris Operating System
Solaris Operating System
 
iOS Application Penetration Testing for Beginners
iOS Application Penetration Testing for BeginnersiOS Application Penetration Testing for Beginners
iOS Application Penetration Testing for Beginners
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10
 
Burp Suite Extension Development
Burp Suite Extension DevelopmentBurp Suite Extension Development
Burp Suite Extension Development
 
DB2 Security Model
DB2 Security ModelDB2 Security Model
DB2 Security Model
 
Solaris Operating System - Oracle
Solaris Operating System - Oracle Solaris Operating System - Oracle
Solaris Operating System - Oracle
 
Secure software development presentation
Secure software development presentationSecure software development presentation
Secure software development presentation
 
Risiken von Open Source Software
Risiken von Open Source SoftwareRisiken von Open Source Software
Risiken von Open Source Software
 
Mobile Application Penetration Testing
Mobile Application Penetration TestingMobile Application Penetration Testing
Mobile Application Penetration Testing
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
 
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdfmastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
 

Destacado

"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman
Rinaldi Rampen
 
Connected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & ChallengesConnected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & Challenges
Prabath Siriwardena
 

Destacado (20)

Java security
Java securityJava security
Java security
 
Spring Security
Spring SecuritySpring Security
Spring Security
 
Security via Java
Security via JavaSecurity via Java
Security via Java
 
Java Security Manager Reloaded - jOpenSpace Lightning Talk
Java Security Manager Reloaded - jOpenSpace Lightning TalkJava Security Manager Reloaded - jOpenSpace Lightning Talk
Java Security Manager Reloaded - jOpenSpace Lightning Talk
 
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
 
Java Security Manager Reloaded - Devoxx 2014
Java Security Manager Reloaded - Devoxx 2014Java Security Manager Reloaded - Devoxx 2014
Java Security Manager Reloaded - Devoxx 2014
 
JBoss Negotiation in AS7
JBoss Negotiation in AS7JBoss Negotiation in AS7
JBoss Negotiation in AS7
 
Jar signing
Jar signingJar signing
Jar signing
 
Java Secure Coding Practices
Java Secure Coding PracticesJava Secure Coding Practices
Java Secure Coding Practices
 
"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman
 
Securing the Insecure
Securing the InsecureSecuring the Insecure
Securing the Insecure
 
Evolution of Internet Identity
Evolution of Internet IdentityEvolution of Internet Identity
Evolution of Internet Identity
 
Securing Insecure
Securing InsecureSecuring Insecure
Securing Insecure
 
Next-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and CloudNext-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and Cloud
 
Building an API Security Ecosystem
Building an API Security EcosystemBuilding an API Security Ecosystem
Building an API Security Ecosystem
 
Connected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & ChallengesConnected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & Challenges
 
The Evolution of Internet Identity
The Evolution of Internet IdentityThe Evolution of Internet Identity
The Evolution of Internet Identity
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
 
Connected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity BusConnected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity Bus
 
WSO2Con USA 2014 - Identity Server Tutorial
WSO2Con USA 2014 - Identity Server TutorialWSO2Con USA 2014 - Identity Server Tutorial
WSO2Con USA 2014 - Identity Server Tutorial
 

Similar a Deep dive into Java security architecture

Tollas Ferenc - Java security
Tollas Ferenc - Java securityTollas Ferenc - Java security
Tollas Ferenc - Java security
veszpremimeetup
 
Java Platform Security Architecture
Java Platform Security ArchitectureJava Platform Security Architecture
Java Platform Security Architecture
Ramesh Nagappan
 
Developing With JAAS
Developing With JAASDeveloping With JAAS
Developing With JAAS
rahmed_sct
 
Code review for secure web applications
Code review for secure web applicationsCode review for secure web applications
Code review for secure web applications
silviad74
 

Similar a Deep dive into Java security architecture (20)

Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
 
Tollas Ferenc - Java security
Tollas Ferenc - Java securityTollas Ferenc - Java security
Tollas Ferenc - Java security
 
Java Platform Security Architecture
Java Platform Security ArchitectureJava Platform Security Architecture
Java Platform Security Architecture
 
CRESTCon Asia 2018 - Config Password Encryption Gone Wrong
CRESTCon Asia 2018 - Config Password Encryption Gone WrongCRESTCon Asia 2018 - Config Password Encryption Gone Wrong
CRESTCon Asia 2018 - Config Password Encryption Gone Wrong
 
Advance java session 19
Advance java session 19Advance java session 19
Advance java session 19
 
Javantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin ToshevJavantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin Toshev
 
Chapter three Java_security.ppt
Chapter three Java_security.pptChapter three Java_security.ppt
Chapter three Java_security.ppt
 
Security
SecuritySecurity
Security
 
2015 09-18-jug summer camp
2015 09-18-jug summer camp2015 09-18-jug summer camp
2015 09-18-jug summer camp
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....
 
Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019
 
Developing With JAAS
Developing With JAASDeveloping With JAAS
Developing With JAAS
 
Security Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformSecurity Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java Platform
 
15 darwino script & command line
15 darwino script & command line15 darwino script & command line
15 darwino script & command line
 
oop unit1.pptx
oop unit1.pptxoop unit1.pptx
oop unit1.pptx
 
Unit8 security (2) java
Unit8 security (2) javaUnit8 security (2) java
Unit8 security (2) java
 
CS8392 OOP
CS8392 OOPCS8392 OOP
CS8392 OOP
 
Struts2 - 101
Struts2 - 101Struts2 - 101
Struts2 - 101
 
Class loaders
Class loadersClass loaders
Class loaders
 
Code review for secure web applications
Code review for secure web applicationsCode review for secure web applications
Code review for secure web applications
 

Más de Prabath Siriwardena

Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
Prabath Siriwardena
 

Más de Prabath Siriwardena (20)

Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security Landscape
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFE
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Identity is Eating the World!
Identity is Eating the World!Identity is Eating the World!
Identity is Eating the World!
 
Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security Landscape
 
OAuth 2.0 Threat Landscape
OAuth 2.0 Threat LandscapeOAuth 2.0 Threat Landscape
OAuth 2.0 Threat Landscape
 
GDPR for Identity Architects
GDPR for Identity ArchitectsGDPR for Identity Architects
GDPR for Identity Architects
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access Management
 
OAuth 2.0 Threat Landscapes
OAuth 2.0 Threat LandscapesOAuth 2.0 Threat Landscapes
OAuth 2.0 Threat Landscapes
 
OAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App DevelopersOAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App Developers
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Open Standards in Identity Management
Open Standards in Identity ManagementOpen Standards in Identity Management
Open Standards in Identity Management
 
Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and Practices
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
 
Advanced API Security
Advanced API SecurityAdvanced API Security
Advanced API Security
 
Preparing for Tomorrow
Preparing for TomorrowPreparing for Tomorrow
Preparing for Tomorrow
 
XML Signature
XML SignatureXML Signature
XML Signature
 
XML Encryption
XML EncryptionXML Encryption
XML Encryption
 
WS-Trust
WS-TrustWS-Trust
WS-Trust
 

Último

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Último (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Deep dive into Java security architecture