Sunday, August 30, 2020

Security in Web Application

In the world of information security, the terms Identification, Authentication, and Authorization play a significant role.


Identification

Identification is the process of claiming or presenting an identity. The main objective of identification is to bind a user to appropriate controls, based on the identity.

An identity can be any of the following:

  • Username
  • Process ID
  • Smart Card
  • Biometric Scan, etc


Authentication

Authentication is the process of verifying the identity of a user. To prove identity, a user must provide appropriate information (credentials). The information provided by a user to prove identity is highly confidential, and known only to the user and/or system.

There are several methods of authentication:

  • Using something you know- password, personal identification number (PIN), etc.
  • Using something you own- smart card, RSA token, etc.
  • Using physical characteristics- biometrics.

Authorization

After identification and authentication is completed, a user is granted authorization if the identity is proven.

Note: Authorization is not possible without identification and authentication.

Authorization is the process of defining the various resources a user needs, and the type of access to those resources.

In big organizations, users are divided into roles and groups to manage access.



Web Authentication - Methods

The common web authentication methods are:

  • Cookie-based
  • Token-based
  • Third-party access (OAuth, API-token)
  • OpenID
  • SAML

        



        

                                                                                                                                         
      



Wednesday, February 5, 2020

Kubernetes. What and How?

Introduction

In this part of the workshop you are going to get Minikube running on your local computer.
We are using Minikube because that is the easiest way to demonstrate how kubernetes works and what we can do with it. Minikube is a tool that runs a single-node Kubernetes cluster in a virtual machine on your personal computer.
To be able to run minikube you also need to install Docker and kubectl.

Tasks

1. Install Minikube

Read the instructions on how to install Minikube here, on macOS the short version is:
$ brew install minikube
$ minikube start

Verify Minikube installation

You can verify that Minikube is up and running on your computer by running the following command:
$ minikube status

2. Install kubectl

In order to manipulate the Kubernetes cluster you need to install the official CLI client called kubectl.
Details about the installation can be found here
$ brew install kubectl
$ kubectl version --client

3. Install Docker

Docker can be downloaded here Verify the installation running:
$ docker ps

4. Verify all up and running

Verify that all the following commands returns correctly
$ kubectl version
$ docker version
$ minikube version

Interview Prep: Java full stack

 SOLID principle :  https://www.educative.io/answers/what-are-the-solid-principles-in-java Design Pattern:  Creational:  https://medium.com...