Cyber Security
Device, network and application protection from theft and damage of data and services.
Related articles
OAuth2 and OpenID Connect for microservices and public applications (Part 2)
Categories: Containers Orchestration, Cyber Security | Tags: CNCF, JSON, LDAP, Micro Services, OAuth2, OpenID Connect
Using OAuth2 and OpenID Connect, it is important to understand how the authorization flow is taking place, who shall call the Authorization Server, how to store the tokens. Moreover, microservices and…
By David WORMS
Nov 20, 2020
OAuth2 and OpenID Connect, a gentle and working introduction (Part 1)
Categories: Containers Orchestration, Cyber Security | Tags: CNCF, Go Lang, JAMstack, LDAP, Kubernetes, OpenID Connect
Understanding OAuth2, OpenID and OpenID Connect (OIDC), how they relate, how the communications are established, and how to architecture your application with the given access, refresh and id tokens…
By David WORMS
Nov 17, 2020
Policy enforcing with Open Policy Agent
Categories: Cyber Security, Data Governance | Tags: Ranger, Authorization, REST, Kafka, Cloud, Kubernetes, SSL/TLS
Open Policy Agent is an open-source multi-purpose policy engine. Its main goal is to unify policy enforcement across the cloud native stack. The project was created by Styra and it is currently…
Jan 22, 2020
Kerberos and Spnego authentication on Windows with Firefox
Categories: Cyber Security | Tags: Firefox, FreeIPA, HTTP, Kerberos
In Greek mythology, Kerberos, also called Cerberus, guards the gates of the Underworld to prevent the dead from leaving. He is commonly described as a three-headed dog, a serpent’s tail, mane of…
By David WORMS
Nov 4, 2019
Apache Knox made easy!
Categories: Big Data, Cyber Security, Adaltas Summit 2018 | Tags: Ranger, Kerberos, LDAP, Active Directory, REST, Knox
Apache Knox is the secure entry point of a Hadoop cluster, but can it also be the entry point for my REST applications? Apache Knox overview Apache Knox is an application gateway for interacting in a…
Feb 4, 2019
Managing User Identities on Big Data Clusters
Categories: Cyber Security, Data Governance | Tags: Ansible, FreeIPA, Kerberos, LDAP, Active Directory, IAM
Securing a Big Data Cluster involves integrating or deploying specific services to store users. Some users are cluster-specific when others are available across all clusters. It is not always easy to…
By David WORMS
Nov 8, 2018
Guide to Keybase encrypted directories
Categories: Cyber Security, Hack | Tags: Authorization, Cryptography, Encryption, File system, Keybase, PGP
This is a guide to using Keybase’s encrypted directories to store and share files. Keybase is a group, file and chat application who’s goal is to bring public key crypto based on PGP to everyone in…
Jun 18, 2018
Apache Metron in the Real World
Categories: Cyber Security, DataWorks Summit 2018 | Tags: Algorithm, HDFS, NiFi, Solr, Storm, Elasticsearch, pcap, RDBMS, Kafka, Metron, Spark, Data Science, SQL
Apache Metron is a storage and analytic platform specialized in cyber security. This talk was about demonstrating the usages and capabilities of Apache Metron in the real world. The presentation was…
May 29, 2018
Remote connection with SSH
Categories: Cyber Security | Tags: Automation, HTTP, SSH
While teaching Big Data and Hadoop, a student asks me about SSH and how to use. I’ll discuss about the protocol and the tools to benefit from it. Lately, I automate the deployment of Hadoop clusters…
By David WORMS
Oct 2, 2013
Kerberos and delegation tokens security with WebHDFS
Categories: Cyber Security | Tags: HDFS, Big Data, HTTP, Kerberos
WebHDFS is an HTTP Rest server bundle with the latest version of Hadoop. What interests me on this article is to dig into security with the Kerberos and delegation tokens functionalities. I will cover…
By David WORMS
Jul 25, 2013