Microservices and Secrets management - How to comply with security must-dos

-
Very nice and concise article with respect to secret management and what you need to consider when building microservices to meet with security requirements

Microservices and Secrets management - How to comply with security must-dos

The article highlights the following must-dos when considering a solution for secret management as part of your overall microservices deployment architecture

  • Secure storage of various type of secrets (API Token, Keys, Certificates, username & passwords)
  • Reliable API based access to secrets
  • Dynamic secret distribution for automated encryption and authentication of keys
  • Full Audit of access to secrets.
  • Multi-level role based access to secrets
  • Centralized revocation of secrets and redistribution


Comments

Post a Comment

Popular posts from this blog

ActiveMQ, easy to use open source message oriented middleware (MOM)

-
ActiveMQ is message oriented middleware (MOM), useful for receiving and processing asynchronous messages (queues or topics).
It is easily integrated with Java based applications (and others) via  the JMS API.
ActiveQ offers enterprise scale features which may be required when implementing complex distributred systems such as High availability with failover.Scalability and clustering through a distributed Network of Brokers.Pluggable persistence stores (JDBC, BDB, JDBM, file system).Distributed destinations and XA support.Caching.Connection pooling.Support for cross language clients such as .NET, C++.Support for scripting environments such as Perl, Python, and Ruby.Multiple Transport layers (TCP, UDP, multicast, NIO, SSL, Zeroconf, JXTA, JGroups).

Download at http://activemq.apache.org/
Read more

Basic Send Message to MQ with Java and IBM MQ JMS

-
package my.mq.samples;

import javax.jms.JMSException;
import javax.jms.Session;
import javax.jms.TextMessage;

import com.ibm.mq.jms.MQQueue;

import com.ibm.mq.jms.MQQueueConnection;
import com.ibm.mq.jms.MQQueueConnectionFactory;
import com.ibm.mq.jms.MQQueueSender;
import com.ibm.mq.jms.MQQueueSession;
import com.ibm.msg.client.wmq.WMQConstants;

public class MQSend {

public static void main(String[] args)
{
try {
MQQueueConnectionFactory cf = new MQQueueConnectionFactory();
cf.setHostName("localhost");
cf.setPort(1414);

cf.setIntProperty(WMQConstants.WMQ_CONNECTION_MODE, WMQConstants.WMQ_CM_CLIENT);

cf.setQueueManager("QM_GRIDSERVER");
cf.setChannel("SYSTEM.ADMIN.SVRCONN");

MQQueueConnection connection = (MQQueueConnection) cf.createQueueConnection();
//MQQueueConnection connection = (MQQueueConnection) cf.createQueueConnection("username","password");

MQQueueSession session = (MQQueueSession) connection.createQueueSession(false, Session.AUTO_ACKN…
Read more

MySQL Error Invalid Table or Database Name

-
We upgraded our MySQL server recently which ran several Joomla web sites

After the upgrade we discovered the following error in the mysql log files

090425 23:10:52 [ERROR] Invalid (old?) table or database name 'database-name'

It turns out MySQL does not like the use of - in database names.

One solution is to rename the MySQL database changing the - to an _

Then update the mysql dictionary

UPDATE mysql.db SET Db = 'database_name' WHERE Db = 'database\-name'; FLUSH PRIVILEGES;
Read more