AWS Iden)ty And Access Management (IAM) Manohar Rapolu
|
|
- Jasper Dalton
- 5 years ago
- Views:
Transcription
1 AWS Iden)ty And Access Management (IAM) Manohar Rapolu Topics Introduc5on Principals Authen5ca5on Authoriza5on Other Key Feature -> Mul5 Factor Authen5ca5on -> Rota5ng Keys -> Resolving Mul5ple Permissions Introduc)on IAM is one of the AWS service that allows you to control how users and applica5ons are allowed to manipulate your AWS infrastructure. IAM uses tradi5onal iden5ty concepts such as users, groups, and access control policies to control who can use your AWS account, what services and resources they can use, and how they can use them. IAM is not an iden5ty store/authoriza5on system for your applica5ons. IAM is not opera5ng system iden5ty management. 1
2 In brief, the below table can give you a brief idea on which role is played by different Authen5ca5on systems in your AWS environment. IAM is controlled like most other AWS Cloud services: Through the AWS Management Console With the CLI Via the AWS SDKs Eventually you may start wri5ng your own tools and complex processes by manipula5ng IAM directly through the REST API via one of several SDKs. Principals It is an IAM en5ty that is allowed to interact with AWS resources. A principal can be permanent or temporary, and it can represent a human or an applica5on. There are three types of principals: root users, IAM users, and roles/temporary security tokens. Roles and temporary security tokens enable a number of use cases: Amazon EC2 Roles Gran5ng permissions to applica5ons running on an Amazon EC2 instance. Cross-Account Access Gran5ng permissions to users from other AWS accounts, whether you control those accounts or not. Federa6on Gran5ng permissions to users authen5cated by a trusted external system. Authen)ca)on There are three ways that IAM authen6cates a principal: User Name/Password Access Key Access Key/Session Token 2
3 Authoriza)on AXer IAM has authen5cated a principal, it must then manage the access of that principal to protect your AWS infrastructure. The process of specifying exactly what ac5ons a principal can and cannot perform is called authoriza6on. Authoriza5on is handled in IAM by defining specific privileges in policies and associa5ng those policies with principals. Policies : A policy is a JSON document that fully defines a set of permissions to access and manipulate AWS resources. Policy documents contain one or more permissions, with each permission defining: Effect,Service, Resource "arn:aws:service:region:account-id:[resourcetype:]resource is the format in which the resource should be defined. And we can specify the required ac5ons and condi5ons which will limit the user to perform certain opera5ons only. Sample policy that allows a principal to list the objects in a specific bucket and to retrieve those objects, but only if the call comes from a specific IP address. Associa5ng Policies with principals - A policy can be associated directly with an IAM user in one of two ways: User Policy Managed Policies 3
4 The other common method for associa5ng policies with users is with the IAM groups feature. And there are two ways a policy can be associated with an IAM group: Group Policy Managed Policies Other Key Features Mul$ Factor Authen$ca$on: It adds an extra layer of security to your infrastructure by adding a second method of authen5ca5on beyond just a password or access key. With MFA, authen5ca5on also requires entering a One-Time Password (OTP) from a small device. The MFA device can be either a small hardware device you carry with you or a virtual device via an app on your smart phone (for example, the AWS Virtual MFA app). Rota$ng Keys : The security risk of any creden5al increases with the age of the creden5al. To this end, it is a security best prac5ce to rotate access keys associated with your IAM users. IAM facilitates this process by allowing two ac5ve access keys at a 5me. Steps for rota5ng keys: 1. Create a new access key for the user. 2. Reconfigure all applica5ons to use the new access key. 3. Disable the original access key (disabling instead of dele5ng at this stage is cri5cal, as it allows rollback to the original key if there are issues with the rota5on). 4. Verify the opera5on of all applica5ons. 5. Delete the original access key. Resolving Mul$ple Permissions Occasionally, mul5ple permissions will be applicable when determining whether a principal has the privilege to perform some ac5on. These permissions may come from mul5ple policies associated with a principal or resource policies afached to the AWS resource in ques5on. 4
5 It is important to know how conflicts between these permissions are resolved: 1. Ini5ally the request is denied by default. 2. All the appropriate policies are evaluated; if there is an explicit deny found in any policy, the request is denied and evalua5on stops. 3. If no explicit deny is found and an explicit allow is found in any policy, the request is allowed. 4. If there are no explicit allow or deny permissions found, then the default deny is maintained and the request is denied. The only excep5on to this rule is if an AssumeRole call includes a role and a policy, the policy cannot expand the privileges of the role (for example, the policy cannot override any permission that is denied by default in the role). Any Ques)ons? Thank you 5
IAM Recommended Practices
IAM Recommended Practices Tom Maddox Manager, Solution Architecture 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved What to expect from this session We will look at: Best practices
More informationTPP On The Cloud. Joe Slagel
TPP On The Cloud Joe Slagel Lecture topics Introduc5on to Cloud Compu5ng and Amazon Web Services Overview of TPP Cloud components Setup trial AWS and use of the new TPP Web Launcher for Amazon (TWA) Future
More informationNa#ve Applica#ons WG (NAPPS) May 5/14 Paul Madsen, Ping
Na#ve Applica#ons WG (NAPPS) May 5/14 Paul Madsen, Ping NAPPS value proposi#on OAuth & Connect enable na#ve applica#ons calling APIs Popularity of na#ve applica#on model has led to an explosion enterprise
More informationThe Fedlet: Real World Examples
The Fedlet: Real World Examples Sun Iden(ty Management User Group 12 March 2009 Agenda BIT Systems Overview Federal Agency Architecture Iden>ty Federa>on Fedlet Introduc>on Enhancing Fedlet Capabili>es
More informationAWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS
AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS suneys@amazon.com AWS Core Infrastructure and Services Traditional Infrastructure Amazon Web Services Security Security Firewalls ACLs
More informationAmazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India
(AWS) Overview: AWS is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy various types of application in the cloud.
More informationHow the Cloud is Changing Federated Iden4ty Requirements. Patrick Harding CTO, Ping March 1, 2010
How the Cloud is Changing Federated Iden4ty Requirements Patrick Harding CTO, Ping Iden3ty @pingcto March 1, 2010 http://www.flickr.com/photos/quinnanya/2690873096/ The Return of Timesharing http://www.flickr.com/photos/quinnanya/2690873096/
More informationSimple Security for Startups. Mark Bate, AWS Solutions Architect
BERLIN Simple Security for Startups Mark Bate, AWS Solutions Architect Agenda Our Security Compliance Your Security Account Management (the keys to the kingdom) Service Isolation Visibility and Auditing
More informationPainless Applica,on Security. Les Hazlewood Apache Shiro Project Chair CTO, Kataso5 Inc / CloudDirectory
Painless Applica,on Security Les Hazlewood Apache Shiro Project Chair CTO, Kataso5 Inc / CloudDirectory What is Apache Shiro? Applica>on security framework ASF TLP - hfp://shiro.apache.org Quick and Easy
More informationSecuring Hadoop. Keys Botzum, MapR Technologies Jan MapR Technologies - Confiden6al
Securing Hadoop Keys Botzum, MapR Technologies kbotzum@maprtech.com Jan 2014 MapR Technologies - Confiden6al 1 Why Secure Hadoop Historically security wasn t a high priority Reflec6on of the type of data
More informationDocument Databases: MongoDB
NDBI040: Big Data Management and NoSQL Databases hp://www.ksi.mff.cuni.cz/~svoboda/courses/171-ndbi040/ Lecture 9 Document Databases: MongoDB Marn Svoboda svoboda@ksi.mff.cuni.cz 28. 11. 2017 Charles University
More informationAWS Security Overview. Bill Shinn Principal Security Solutions Architect
AWS Security Overview Bill Shinn Principal Security Solutions Architect Accelerating Security with AWS AWS Overview / Risk Management / Compliance Overview Identity / Privilege Isolation Roles for EC2
More informationDetecting Credential Compromise in AWS
Detecting Credential Compromise in AWS William Bengtson Senior Security Engineer, Netflix Credential compromise is an important concern for anyone operating in the cloud. The concerns become more widespread
More informationLeviathan redux. John L. Manferdelli Intel Science and Technology Center for Secure Compu;ng UC, Berkeley
Leviathan redux John L. Manferdelli Intel Science and Technology Center for Secure Compu;ng UC, Berkeley Joint work with Tom Roeder (Google), Fred Schneider (Cornell) And Kevin Walsh of Mt Holyoke College
More informationAre You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus
Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus 1 60 Second AWS Security Review 2 AWS Terminology Identity and Access Management (IAM) - AWS Security Service to manage
More informationKaseya Fundamentals Workshop DAY TWO. Developed by Kaseya University. Powered by IT Scholars
Kaseya Fundamentals Workshop DAY TWO Developed by Kaseya University Powered by IT Scholars Kaseya Version 6.5 Last updated March, 2014 Day One Review IT- Scholars Virtual LABS System Management Organiza@on
More informationCloudHealth. AWS and Azure On-Boarding
CloudHealth AWS and Azure On-Boarding Contents 1. Enabling AWS Accounts... 3 1.1 Setup Usage & Billing Reports... 3 1.2 Setting Up a Read-Only IAM Role... 3 1.3 CloudTrail Setup... 5 1.4 Cost and Usage
More informationCloud Catastrophes. and how to avoid them
Cloud Catastrophes and how to avoid them Who? Mike Haworth Nope Works for: Insomnia Security Bio: Extensive biographical information Extensive biographical information Extensive biographical information
More informationUnderstanding Perimeter Security
Understanding Perimeter Security In Amazon Web Services Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com Changing Your Perspective How do I securing my business applications in AWS? Moving
More informationHackproof Your Cloud Responding to 2016 Threats
Hackproof Your Cloud Responding to 2016 Threats Aaron Klein, CloudCheckr Tuesday, June 30 th 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Changing Your Perspective Moving
More informationCreating an AWS Account: Beyond the Basics
Creating an AWS Account: Beyond the Basics Best practices to build a strong foundation for enterprise cloud adoption Updated August 2016 Aaron Wilson Table of Contents Introduction... 3 Before You Begin...
More informationNetSecOps: Policy-Driven, Knowledge-Centric, Holis<c Network Security Opera<ons
NetSecOps: Policy-Driven, Knowledge-Centric, Holis
More informationAt Course Completion Prepares you as per certification requirements for AWS Developer Associate.
[AWS-DAW]: AWS Cloud Developer Associate Workshop Length Delivery Method : 4 days : Instructor-led (Classroom) At Course Completion Prepares you as per certification requirements for AWS Developer Associate.
More informationQualys CloudView v1.x
Qualys CloudView v1.x Version 1.6 September 18, 2018 Here s what s new in Qualys CloudView 1.6! Download Datalist in CSV Format Connector Creation: External ID now Editable Customize Dashboards and Widgets
More informationAdministrator Guide Administrator Guide
AutobotAI account setup process with AWS account linking In order to provide AWS account access to autobotai skill, It has to be configured in https://autobot.live portal. Currently only one account can
More informationlab Creating a Low Cost Sync Database for JavaScript Applications with AWS V1.00 AWS Certified Developer Associate lab title Course title
lab lab title Creating a Low Cost Sync Database for JavaScript Applications with AWS V1.00 Course title AWS Certified Developer Associate Table of Contents Contents Table of Contents... 1 About the Lab...
More informationLINUX, WINDOWS(MCSE),
Virtualization Foundation Evolution of Virtualization Virtualization Basics Virtualization Types (Type1 & Type2) Virtualization Demo (VMware ESXi, Citrix Xenserver, Hyper-V, KVM) Cloud Computing Foundation
More informationSoftware as a Service (SaaS) Quick Start
Software as a Service (SaaS) Quick Start ** For Amazon Web Services Marketplace Sellers and Licensors only** v 1.1 Last updated March 1, 2018 The purpose of this document is to accelerate integrations
More informationSECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS
WHITE PAPER SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS The Challenges Of Securing AWS Access and How To Address Them In The Modern Enterprise Executive Summary When operating in Amazon Web Services
More informationPermissions. Lecture 18
Permissions Lecture 18 Topics related Android permissions Defining & using applica:on permissions Component permissions Permissions Android protects resources & data with permissions Example: who has the
More informationExam Questions AWS-Certified- Developer-Associate
Exam Questions AWS-Certified- Developer-Associate Amazon AWS Certified Developer Associate https://www.2passeasy.com/dumps/aws-certified- Developer-Associate/ 1. When using Amazon SQS how much data can
More informationEXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS E-BOOK
EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS 03 EXECUTIVE OVERVIEW 05 INTRODUCTION 07 MORE CLOUD DEPLOYMENTS MEANS MORE ACCESS 09 IDENTITY FEDERATION IN
More informationCentrify Identity Services for AWS
F R E Q U E N T L Y A S K E D Q U E S T I O N S Centrify Identity Services for AWS Service Description and Capabilities What is included with Centrify Identity Services for AWS? Centrify Identity Services
More informationHalkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN
Halkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN http://www.halkynconsulting.co.uk info@halkynconsulting.co.uk Password Security By T Wake CISSP CISM CEH 20/06/2011 Contents
More informationQuick start guide for Infscape UrBackup Appliance on Amazon Web Services
Quick start guide for Infscape UrBackup Appliance on Amazon Web Services Purpose of this document This document will give detailed step-by-step instructions on how to get Infscape UrBackup Appliance running
More informationLook Who s Hiring! AWS Solution Architect AWS Cloud TAM
Look Who s Hiring! AWS Solution Architect https://www.amazon.jobs/en/jobs/362237 AWS Cloud TAM https://www.amazon.jobs/en/jobs/347275 AWS Principal Cloud Architect (Professional Services) http://www.reqcloud.com/jobs/701617/?k=wxb6e7km32j+es2yp0jy3ikrsexr
More informationKey Nego(a(on Protocol & Trust Router
Key Nego(a(on Protocol & Trust Router dra6- howle:- radsec- knp ABFAB, IETF 80 31 March, Prague. Introduc(on The ABFAB architecture does not require any par(cular AAA strategy for connec(ng RPs to IdPs.
More informationSecurity on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Overview AWS Regions Availability Zones Shared Responsibility Security Features Best Practices
More informationAmazon WorkDocs. Administration Guide
Amazon WorkDocs Administration Guide Amazon WorkDocs: Administration Guide Copyright 2018 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not
More informationSet Up a Compliant Archive. November 2016
Set Up a Compliant Archive November 2016 2016, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents AWS s current
More informationApplica'on-level protocols, AAA, Management, Security
LP-WAN BOF Applica'on-level protocols, AAA, Management, Security Rafa Mar'n Lopez (rafa@um.es) Dan García Carrillo (dan.garcia@um.es) LP-WAN network access control Only authen'cated and authorized nodes
More informationEnroll Now to Take online Course Contact: Demo video By Chandra sir
Enroll Now to Take online Course www.vlrtraining.in/register-for-aws Contact:9059868766 9985269518 Demo video By Chandra sir www.youtube.com/watch?v=8pu1who2j_k Chandra sir Class 01 https://www.youtube.com/watch?v=fccgwstm-cc
More informationGet started with the IBM Alert Notification service. Author: Ray Stoner Senior Managing Consultant IBM Cloud Client Technical Engagement Lab Services
Get started with the IBM Alert Notification service Author: Ray Stoner Senior Managing Consultant IBM Cloud Client Technical Engagement Lab Services Contents 1. Introduction... 3 1.1. ANS features and
More informationIdentity and Access Management Level 200
Identity and Access Management Level 200 Flavio Pereira November 2018 1 Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationTraining on Amazon AWS Cloud Computing. Course Content
Training on Amazon AWS Cloud Computing Course Content 15 Amazon Web Services (AWS) Cloud Computing 1) Introduction to cloud computing Introduction to Cloud Computing Why Cloud Computing? Benefits of Cloud
More informationINFO/CS 4302 Web Informa6on Systems
INFO/CS 4302 Web Informa6on Systems FT 2012 Week 7: RESTful Webservice APIs - Bernhard Haslhofer - 2 3 4 Source: hmp://www.blogperfume.com/new- 27- circular- social- media- icons- in- 3- sizes/ 5 Plan
More informationAmazon Web Services Hands On S3 January, 2012
Amazon Web Services Hands On S3 January, 2012 Copyright 2011-2012, Amazon Web Services, All Rights Reserved Page 1-8 Table of Contents Overview... 3 Create S3 Bucket... 3 Upload Content and Set Permissions...
More informationNetwork Security & Access Control in AWS
Network Security & Access Control in AWS Ian Massingham, Technical Evangelist @IanMmmm 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Account Security Day One Governance Account
More informationAmazon AWS-Solutions-Architect-Professional Exam
Volume: 392 Questions Question: 1 By default, Amazon Cognito maintains the last-written version of the data. You can override this behavior and resolve data conflicts programmatically. In addition, push
More informationRED HAT ENTERPRISE VIRTUALIZATION 3.0
RED HAT ENTERPRISE VIRTUALIZATION 3.0 YOUR STRATEGIC VIRTUALIZATION ALTERNATIVE John Rinehart, Product Marke3ng Manager Mark St. Laurent, Senior Solu3on Architect Email: msl@redhat.com March 28, 2012 AGENDA
More informationGetting Started with Cloudamize Manage
Getting Started with Cloudamize Manage This guide helps you getting started with Cloudamize Manage. Sign Up Access the Sign Up page for the Cloudamize Manage by: 1. Click the Login button on www.cloudamize.com
More informationS2E is proud to partner with Intercede helping organizations to create and use trusted digital identities.
S2E is proud to partner with Intercede helping organizations to create and use trusted digital identities. 3 Who are Intercede? So%ware company specializing in iden5ty and creden5al management Focus on
More informationAWS Security. Staying on Top of the Cloud
AWS Security Staying on Top of the Cloud Intro Kurtis Miller, a Principal Security Consultant for Previously: Global Security Engineering Manager for Senior Security Consultant for First Security Engineer
More informationSecurity does not live on UI level T
Security does not live on UI level T-1105220 LECTURE 28032013 Jarmo Parkkinen What would google do? Google 2 step sign in surface Normal website user name + password Verifica9on code SMS or voice 6 digits
More informationDatabase Machine Administration v/s Database Administration: Similarities and Differences
Database Machine Administration v/s Database Administration: Similarities and Differences IOUG Exadata Virtual Conference Vivek Puri Manager Database Administration & Engineered Systems The Sherwin-Williams
More informationOptiSol FinTech Platforms
OptiSol FinTech Platforms Payment Solutions Cloud enabled Web & Mobile Platform for Fund Transfer OPTISOL BUSINESS SOLUTIONS PRIVATE LIMITED #87/4, Arcot Road, Vadapalani, Chennai 600026, Tamil Nadu. India
More informationCPM. Quick Start Guide V2.4.0
CPM Quick Start Guide V2.4.0 1 Content 1 Introduction... 3 Launching the instance... 3 CloudFormation... 3 CPM Server Instance Connectivity... 3 2 CPM Server Instance Configuration... 4 CPM Server Configuration...
More informationSecure Architecture Principles
Secure Architecture Principles Isola3on and Least Privilege Access Control Concepts Opera3ng Systems Browser Isola3on and Least Privilege Original slides were created by Prof. John Mitchel Secure Architecture
More informationNetScaler Automa.on USING PUPPET TO TALK NITRO
NetScaler Automa.on USING PUPPET TO TALK NITRO About Esther 15+ years of Technical Consulting Senior Consultant at PepperByte MSc Computer Science Design Implement Troubleshooting Small Large infrastructures
More informationAn introduc/on to Sir0i
Authen4ca4on and Authorisa4on for Research and Collabora4on An introduc/on to Sir0i Addressing Federated Security Incident Response Hannah Short CERN hannah.short@cern.ch TF-CSIRT May, 2016 Agenda Federated
More informationCLOUD AND AWS TECHNICAL ESSENTIALS PLUS
1 P a g e CLOUD AND AWS TECHNICAL ESSENTIALS PLUS Contents Description... 2 Course Objectives... 2 Cloud computing essentials:... 2 Pre-Cloud and Need for Cloud:... 2 Cloud Computing and in-depth discussion...
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationHardening AWS Environments. Automating Incident Response. AWS Compromises
Hardening AWS Environments and Automating Incident Response for AWS Compromises Hardening AWS Environments and Automating Incident Response for AWS Compromises Andrew Krug and Alex McCormack Agenda: Preparing
More informationMonitoring Serverless Architectures in AWS
Monitoring Serverless Architectures in AWS The introduction of serverless architectures is a positive development from a security perspective. Splitting up services into single-purpose functions with well-defined
More informationCase Study: Amazon AWS. CSE Cloud Compu0ng Prof. Douglas Thain University of Notre Dame
Case Study: Amazon AWS CSE 40822 Cloud Compu0ng Prof. Douglas Thain University of Notre Dame Cau3on to the Reader: Herein are examples of prices consulted in spring 2016, to give a sense of the magnitude
More informationHandel-CodePipeline Documentation
Handel-CodePipeline Documentation Release 0.0.6 David Woodruff Dec 11, 2017 Getting Started 1 Introduction 3 2 Installation 5 3 Tutorial 7 4 Using Handel-CodePipeline 11 5 Handel-CodePipeline File 13
More informationJason Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, So5ris Ioannidis, Angelos Keromy5s, Stefano Zanero.
Jason Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, So5ris Ioannidis, Angelos Keromy5s, Stefano Zanero polakis@ics.forth.gr Annual Computer Security Applica5ons Conference (ACSAC) 2012 Introduc5on
More informationIntegration Services 2014
Integration Services 2014 Raitis Grinbergs and Dan Wyand EPiServer Commerce Development The Choice for Leaders in Digital Current Integration PIM DAM Catalog XML Media CMS Media Commerce Goals Improve
More informationCIT 668: System Architecture. Amazon Web Services
CIT 668: System Architecture Amazon Web Services Topics 1. AWS Global Infrastructure 2. Foundation Services 1. Compute 2. Storage 3. Database 4. Network 3. AWS Economics Amazon Services Architecture Regions
More informationAWS Serverless Application Repository. Developer Guide
AWS Serverless Application Repository Developer Guide AWS Serverless Application Repository: Developer Guide Copyright 2018 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's
More informationShine and Security. Our app is playful and encourages sharing, but we take keeping this information secure very seriously.
Shine and Security Shine and Security Shine users entrust us with keeping track of the everyday actions they take to help them better themselves, their community and our planet. Putting our users first
More informationOpera&ng Systems: Principles and Prac&ce. Tom Anderson
Opera&ng Systems: Principles and Prac&ce Tom Anderson How This Course Fits in the UW CSE Curriculum CSE 333: Systems Programming Project experience in C/C++ How to use the opera&ng system interface CSE
More informationDigital Trust Ecosystem
Digital Trust Ecosystem IoT Risks and Solutions Chris Edwards CTO - Intercede What s the Problem? Billions of devices Millions of services Mixed closed / open trust networks Devices transferring between
More informationWelcome to the SIHO itransact portal.
Provider and Vendor Access Portal One stop access for your guide to utilizing SIHO s new itransact platform. Welcome to the SIHO itransact portal. Primary access codes will be given to key contacts at
More informationAWS Security Best Practices
AWS Security Best Practices August 2016 We welcome your feedback. Please share your thoughts at this link. 2016, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
More informationRISK-BASED APPROACH TO DEPLOYMENT OF OMNICHANNEL BIOMETRICS IN SBERBANK
SESSION ID: IDY-W02 RISK-BASED APPROACH TO DEPLOYMENT OF OMNICHANNEL BIOMETRICS IN SBERBANK Anton Mitrofanov Authen:ca:on PlaBorm Chief Product Owner Sberbank Leyla Goncharenko Risk-based authen:ca:on
More informationJava Card Pla*orm Evolu/on
Java Card Pla*orm Evolu/on Florian Tournier, Director, Product Management, Internet Of Things Cloud Service Saqib Ahmad Consul/ng Member of Technical Staff, Java Card Engineering, Internet Of Things Cloud
More informationAmazon Web Services Training. Training Topics:
Amazon Web Services Training Training Topics: SECTION1: INTRODUCTION TO CLOUD COMPUTING A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction to Cloud Computing
More informationPRAGMATIC SECURITY AUTOMATION FOR CLOUD
SESSION ID: CSV-R04 PRAGMATIC SECURITY AUTOMATION FOR CLOUD Rich Mogull Analyst/VP of Product Securosis/DisruptOPS rmogull@disruptops.com @rmogull Cloud is Fundamentally Different Abstraction Automation
More informationOpera&ng Systems ECE344
Opera&ng Systems ECE344 Lecture 8: Paging Ding Yuan Lecture Overview Today we ll cover more paging mechanisms: Op&miza&ons Managing page tables (space) Efficient transla&ons (TLBs) (&me) Demand paged virtual
More informationFounda'ons of So,ware Engineering. Lecture 11 Intro to QA, Tes2ng Claire Le Goues
Founda'ons of So,ware Engineering Lecture 11 Intro to QA, Tes2ng Claire Le Goues 1 Learning goals Define so;ware analysis. Reason about QA ac2vi2es with respect to coverage and coverage/adequacy criteria,
More informationSignalFx Platform: Security and Compliance MARZENA FULLER. Chief Security Officer
SignalFx Platform: Security and Compliance MARZENA FULLER Chief Security Officer SignalFx Platform: Security and Compliance INTRODUCTION COMPLIANCE PROGRAM GENERAL DATA PROTECTION DATA SECURITY Data types
More informationUnderstanding Cryptography and Audi?ng Public Key Infrastructures
Understanding Cryptography and Audi?ng Public Key Infrastructures Rami Elkinawy, Senior Audit Manager, ebay Professional Strategies S31 CRISC CGEIT CISM CISA THE HISTORY OF CRYPTOGRAPHY CRISC CGEIT CISM
More informationAmazon Search Services. Christoph Schmitter
Amazon Search Services Christoph Schmitter csc@amazon.de What we'll cover Overview of Amazon Search Services Understand the difference between Cloudsearch and Amazon ElasticSearch Service Q&A Amazon Search
More informationAmazon Web Services (AWS) Training Course Content
Amazon Web Services (AWS) Training Course Content SECTION 1: CLOUD COMPUTING INTRODUCTION History of Cloud Computing Concept of Client Server Computing Distributed Computing and it s Challenges What is
More informationMonitoring AWS VPCs with Flow Logs
Monitoring AWS VPCs with Flow Logs Introduction VPC Flow Logs capture and record data about the IP traffic going to, coming from, and moving across your VPC. These records are used to drive the Stealthwatch
More informationSecurity Overview of the BGI Online Platform
WHITEPAPER 2015 BGI Online All rights reserved Version: Draft v3, April 2015 Security Overview of the BGI Online Platform Data security is, in general, a very important aspect in computing. We put extra
More informationehealth in the implementa,on of the cross border direc,ve: role of the ehealth Network 26th February 2012
ehealth in the implementa,on of the cross border direc,ve: role of the ehealth Network 26th February 2012 Agenda EU in health Ehealth in the EU ehealth Network ehealth High- Level Governance Ini,a,ve Goals
More informationCrea%ng a SARNET Alliance by applying the Service Provider Group Framework and by using the Ciena/GENI testbed
Crea%ng a SARNET Alliance by applying the Service Provider Group Framework and by using the Ciena/GENI testbed April 29 th 2015 Leon Gommans: leon.gommans@klm.com Content - Introduc@on - Security Autonomous
More informationCon$nuous Audi$ng and Risk Management in Cloud Compu$ng
Con$nuous Audi$ng and Risk Management in Cloud Compu$ng Marcus Spies Chair of Knowledge Management LMU University of Munich Scien$fic / Technical Director of EU Integrated Research Project MUSING Cloud
More informationDCLI User's Guide. Data Center Command-Line Interface 2.9.1
Data Center Command-Line Interface 2.9.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit
More informationMobile Testing. Open Source Solu,ons
Mobile Testing Open Source Solu,ons Top Q Who are we? General Established in 2005, the leading test- automa6on solu6ons company in Israel More than 100 customers in major ver6cal markets, including Networking
More informationHashiCorp Vault on the AWS Cloud
HashiCorp Vault on the AWS Cloud Quick Start Reference Deployment November 2016 Last update: April 2017 (revisions) Cameron Stokes, HashiCorp, Inc. Tony Vattathil and Brandon Chavis, Amazon Web Services
More informationAWS Landing Zone. AWS User Guide. November 2018
AWS Landing Zone AWS User Guide November 2018 Copyright (c) 2018 by Amazon.com, Inc. or its affiliates. AWS Landing Zone User Guide is licensed under the terms of the Amazon Software License available
More informationCSE Opera*ng System Principles
CSE 30341 Opera*ng System Principles Overview/Introduc7on Syllabus Instructor: Chris*an Poellabauer (cpoellab@nd.edu) Course Mee*ngs TR 9:30 10:45 DeBartolo 101 TAs: Jian Yang, Josh Siva, Qiyu Zhi, Louis
More informationINTRO TO AWS: SECURITY
INTRO TO AWS: SECURITY Rob Whitmore Solutions Architect 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Security is the foundation Familiar security model Validated by security experts
More informationInfrastructure in Transition; Securing Your Cloud Environment
SESSION ID: SEM-M04A Infrastructure in Transition; Securing Your Cloud Environment Sam Bisbee CSO Threat Stack @sbisbee Today s discussion Applies to all public cloud providers and is industry agnostic
More informationAWS Remote Access VPC Bundle
AWS Remote Access VPC Bundle Deployment Guide Last updated: April 11, 2017 Aviatrix Systems, Inc. 411 High Street Palo Alto CA 94301 USA http://www.aviatrix.com Tel: +1 844.262.3100 Page 1 of 12 TABLE
More informationIntroducing Amazon Elastic File System (EFS)
Introducing Amazon Elastic File System (EFS) Danilo Poccia, Technical Evangelist, AWS @danilop 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Goals and expectations for this session
More informationBuilding a Big IaaS Cloud. David /
Building a Big IaaS Cloud David Nalley @ke4qqq ke4qqq@apache.org / david@gnsa.us #whoami Recovering Sysadmin F/LOSS contributor Committer on Apache CloudStack Assumptions You have a need for an IaaS compute
More information