JAAS Reference Guide - 0 views
JSSE Reference Guide for the JDK 5.0 - 0 views
Joyent Triton™ - 0 views
-
"Joyent Triton™ is designed from the ground up to radically simplify container deployments in production, at scale, while delivering enterprise-grade security, software-defined networking, and bare-metal performance. Deploy Triton Elastic Container Infrastructure in your datacenter or leverage the Triton Elastic Container Infrastructure Service in the Joyent Public Cloud."
AWS | Amazon EC2 Container Service | Container Management - 0 views
-
"Amazon EC2 Container Service (ECS) is a highly scalable, high performance container management service that supports Docker containers and allows you to easily run applications on a managed cluster of Amazon EC2 instances. Amazon ECS eliminates the need for you to install, operate, and scale your own cluster management infrastructure. With simple API calls, you can launch and stop container-enabled applications, query the complete state of your cluster, and access many familiar features like security groups, Elastic Load Balancing, EBS volumes, and IAM roles. You can use Amazon ECS to schedule the placement of containers across your cluster based on your resource needs and availability requirements. You can also integrate your own scheduler or third-party schedulers to meet business or application specific requirements."
Documentation | Pusher - 0 views
authorization - SAML2 vs. OAuth - What are some reasonable relationships? - Information... - 0 views
-
Bridging the SAML and OAuth 2.0 frameworks is a well understood problem. The following stack of IETF specs provides a standard solution: If you look at the core OAuth 2.0 spec (RFC 6749) and its token endpoint definition - this is basically an OAuth server endpoint which returns an access token in exchange for a "grant" -- an open-ended concept of something deemed appropriate to grant the client app the issue of an access token. In the typical OAuth scenario this is an authorisation code signifying that the user has been previously authenticated and given their consent. But the grant could also be something else. There is a further IETF spec called draft-ietf-oauth-assertions-16 that builds on the core RFC 6749 standard which says that the grant can also be an assertion (a signed proof of something) and defines the necessary token request parameters for that. Finally, there is draft-ietf-oauth-saml2-bearer-20, which specifies how this assertion can be a SAML 2.0 Bearer Assertion. This standard mechanism for converting a SAML assertion into an OAuth 2.0 access token is essentially all that is needed to bridge the two frameworks. To ensure removal of users is properly reflected by the authorisation systems there are two approaches, which can be combined: Make the OAuth 2.0 access tokens short lived. This will force the client to repeat the authorisation process when the token expires, and if the user no longer exists authentication will fail and no grant (SAML assertion) will be issued. Provide an API for revoking issued OAuth 2.0 access tokens, see RFC 7009 for details.
-
Es un problemón conocido y con blancos sin estandarizar el juntar SAML 2.0 en cuanto a AuhN y Oauth2 para autorización. Éste post es el mas sintético que encontré con un agregado de valor muy alto: Deja entrever que aunque no sea estándar, el mecanismo es posible, y se basa en convertir una aserción SAML2 en un token de acceso OAuth2. uno puede transliterar ésta propocisión así: "convertir una aserción CLAVE FISCAL en un token de acceso OAuth2". La pregunta es: ¿Que será una aserción CLAVE FISCAL?
Core Blog - 1 views
Docker private registry authentication - OpenDNS Engineering - 3 views
-
Security is part of everyday life. We lock our doors, protect our banking information with passwords that are usually so complicated that we tend to forget them. Using common sense to secure systems is just good practice. It's really easy to assume that because a system is internal, there is no need to enable authentication ...
Tsuru - 0 views
-
"Tsuru is an extensible and open source Platform as a Service software. Deploy Fast and secure. The entire process is really simple with no special tools needed, just a simple git push. Scale Scaling in Tsuru is completely painless. Just add a unit and Tsuru will take care of everything else. Extend Tsuru is built to be extensible. Through services you can provide anything your application needs."
Changes in Password Best Practices - Schneier on Security - 0 views
-
"NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases. Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise. Let people use password managers. This is how we deal with all the passwords we need."
Kubernetes: Kubernetes 1.10: Stabilizing Storage, Security, and Networking - 0 views
Crypto-Gram: October 15, 2017 - Schneier on Security - 0 views
-
NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: * Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases. * Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise. * Let people use password managers. This is how we deal with all the passwords we need.
‹ Previous
21 - 40 of 80
Next ›
Last »
Showing 20▼ items per page