Publicité
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan
Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan

Check these out next

24 Hours Of Exchange Server 2007 ( Part 15 Of 24)
24 Hours Of Exchange Server 2007 ( Part 15 Of 24)
Harold Wong
Microsoft Azure Training - [2] Introduction to the Cloud (Exam 70-533)
Microsoft Azure Training - [2] Introduction to the Cloud (Exam 70-533)
Shawn Ismail
Azure Service Bus Overview
Azure Service Bus Overview
BizTalk360
Webservice security considerations and measures
Webservice security considerations and measures
Maarten Smeets
Azure Container Service
Azure Container Service
DataArt
Azure service bus based on cloud computing
Azure service bus based on cloud computing
arun Prabha
Azure Service Bus
Azure Service Bus
BizTalk360
Meetup CNCF Torino - Amazon EKS March 29th 2019
Meetup CNCF Torino - Amazon EKS March 29th 2019
Massimo Ferre'
1 sur 20

Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan

2 Jul 2019
Télécharger pour lire hors ligne
Technologie

Learn more at http://www.athenz.io.

Yahoo Developer Network
Yahoo Developer Network
Publicité
Publicité
Publicité

Recommandé

Athenz with Istio - Single Access Control Model in Cloud Infrastructures, Tat...Athenz with Istio - Single Access Control Model in Cloud Infrastructures, Tat...
Athenz with Istio - Single Access Control Model in Cloud Infrastructures, Tat...Yahoo Developer Network554 vues31 diapositives
Cybera SummitCybera Summit
Cybera SummitEverett Toews515 vues69 diapositives
Azure network and infrastructureAzure network and infrastructure
Azure network and infrastructurePhi Huynh553 vues16 diapositives
JECRC iWeekend Cloud DayJECRC iWeekend Cloud Day
JECRC iWeekend Cloud Dayjecrciweekend325 vues22 diapositives
Advanced development with Windows AzureAdvanced development with Windows Azure
Advanced development with Windows AzureThomas Robbins436 vues12 diapositives
Azure Operational Insight PreviewAzure Operational Insight Preview
Azure Operational Insight PreviewIgor Puhalo615 vues17 diapositives

Contenu connexe

Présentations pour vous(20)

24 Hours Of Exchange Server 2007 ( Part 15 Of 24)24 Hours Of Exchange Server 2007 ( Part 15 Of 24)
24 Hours Of Exchange Server 2007 ( Part 15 Of 24)
Harold Wong598 vues
Microsoft Azure Training - [2] Introduction to the Cloud (Exam 70-533)Microsoft Azure Training - [2] Introduction to the Cloud (Exam 70-533)
Microsoft Azure Training - [2] Introduction to the Cloud (Exam 70-533)
Shawn Ismail1.6K vues
Azure Service Bus OverviewAzure Service Bus Overview
Azure Service Bus Overview
BizTalk3602.2K vues
Webservice security considerations and measuresWebservice security considerations and measures
Webservice security considerations and measures
Maarten Smeets330 vues
Azure Container ServiceAzure Container Service
Azure Container Service
DataArt508 vues
Azure service bus based on cloud computingAzure service bus based on cloud computing
Azure service bus based on cloud computing
arun Prabha746 vues
Azure Service BusAzure Service Bus
Azure Service Bus
BizTalk360696 vues
Meetup CNCF Torino - Amazon EKS March 29th 2019 Meetup CNCF Torino - Amazon EKS March 29th 2019
Meetup CNCF Torino - Amazon EKS March 29th 2019
Massimo Ferre'55 vues
Windows Azure Service BusWindows Azure Service Bus
Windows Azure Service Bus
Return on Intelligence1.1K vues
Windows AzureWindows Azure
Windows Azure
Nour Khouja533 vues
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
DevClub_lv3K vues
Azure IAAS architecture with High Availability for beginners and developers -...Azure IAAS architecture with High Availability for beginners and developers -...
Azure IAAS architecture with High Availability for beginners and developers -...
Malleswar Reddy514 vues
An Intro to AS4, the Successor of AS2An Intro to AS4, the Successor of AS2
An Intro to AS4, the Successor of AS2
BizTalk3605.6K vues
Cloud Bursting with A10 Lightning ADSCloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADS
Akshay Mathur832 vues
Microsoft DirectAccess Remote Access (VPN) with Windows 10 and Server 2012Microsoft DirectAccess Remote Access (VPN) with Windows 10 and Server 2012
Microsoft DirectAccess Remote Access (VPN) with Windows 10 and Server 2012
Kemp47.2K vues
Serverless Architecture - introduction + AWS demoServerless Architecture - introduction + AWS demo
Serverless Architecture - introduction + AWS demo
Jan van Zoggel284 vues
Azure Microservices in Practice - Radu Vunvulea ITCamp Community Timisoara 07...Azure Microservices in Practice - Radu Vunvulea ITCamp Community Timisoara 07...
Azure Microservices in Practice - Radu Vunvulea ITCamp Community Timisoara 07...
Radu Vunvulea336 vues
Using Azure Managed Identities for your App Services by Jan de Vries from 4Do...Using Azure Managed Identities for your App Services by Jan de Vries from 4Do...
Using Azure Managed Identities for your App Services by Jan de Vries from 4Do...
DevClub_lv2.7K vues
Windows Server 2008Windows Server 2008
Windows Server 2008
Luis Quiroz492 vues
Manage and Operate Azure Stack Hub Stamps at ScaleManage and Operate Azure Stack Hub Stamps at Scale
Manage and Operate Azure Stack Hub Stamps at Scale
Ravi C Kolandaiswamy63 vues

Similaire à Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan(20)

Hands On Lab: Windows Workloads on AWS - May 2017 AWS Online Tech TalksHands On Lab: Windows Workloads on AWS - May 2017 AWS Online Tech Talks
Hands On Lab: Windows Workloads on AWS - May 2017 AWS Online Tech Talks
Amazon Web Services268 vues
Hands on Lab: Windows Workloads - AWS Online Tech TalksHands on Lab: Windows Workloads - AWS Online Tech Talks
Hands on Lab: Windows Workloads - AWS Online Tech Talks
Amazon Web Services396 vues
Advanced Security Best Practices MasterclassAdvanced Security Best Practices Masterclass
Advanced Security Best Practices Masterclass
Amazon Web Services12.8K vues
Hands on Lab: Windows Workloads on AWS - June 2017 AWS Online Tech TalksHands on Lab: Windows Workloads on AWS - June 2017 AWS Online Tech Talks
Hands on Lab: Windows Workloads on AWS - June 2017 AWS Online Tech Talks
Amazon Web Services773 vues
[DevDay 2016] OpenStack and approaches for new users - Speaker: Chi Le – Head...[DevDay 2016] OpenStack and approaches for new users - Speaker: Chi Le – Head...
[DevDay 2016] OpenStack and approaches for new users - Speaker: Chi Le – Head...
DevDay.org777 vues
Getting Started with AWS IoTGetting Started with AWS IoT
Getting Started with AWS IoT
Amazon Web Services320 vues
From your First Migration to Mass migrations. From your First Migration to Mass migrations.
From your First Migration to Mass migrations.
Amazon Web Services396 vues
Intro & Security UpdateIntro & Security Update
Intro & Security Update
Amazon Web Services4.7K vues
Quick overview of Openstack architectureQuick overview of Openstack architecture
Quick overview of Openstack architecture
Toni Ramirez3.1K vues
Running Microsoft Workloads on AWSRunning Microsoft Workloads on AWS
Running Microsoft Workloads on AWS
Amazon Web Services2.2K vues
DDD Melbourne 2014 security in ASP.Net Web API 2DDD Melbourne 2014 security in ASP.Net Web API 2
DDD Melbourne 2014 security in ASP.Net Web API 2
Pratik Khasnabis1.3K vues
Hands on Lab: Windows Workloads - AWS Online Tech TalksHands on Lab: Windows Workloads - AWS Online Tech Talks
Hands on Lab: Windows Workloads - AWS Online Tech Talks
Amazon Web Services314 vues
Windows Workloads on AWS - July 2017 AWS Online Tech TalksWindows Workloads on AWS - July 2017 AWS Online Tech Talks
Windows Workloads on AWS - July 2017 AWS Online Tech Talks
Amazon Web Services400 vues
Adopting AWS in your organization - ITPalooza 2015Adopting AWS in your organization - ITPalooza 2015
Adopting AWS in your organization - ITPalooza 2015
CloudHesive99 vues
AWS Webcast - Explore the AWS Cloud for GovernmentAWS Webcast - Explore the AWS Cloud for Government
AWS Webcast - Explore the AWS Cloud for Government
Amazon Web Services1.7K vues
Getting Started with AWS IoTGetting Started with AWS IoT
Getting Started with AWS IoT
Amazon Web Services11.8K vues
Amazon AWS Shared Security Model Amazon AWS Shared Security Model
Amazon AWS Shared Security Model
James Mascarenhas1K vues
Blue Chip Tek AWS Connect and Protect Presentation #2Blue Chip Tek AWS Connect and Protect Presentation #2
Blue Chip Tek AWS Connect and Protect Presentation #2
Kimberly Macias219 vues
Tổng quan về AWS cực hayTổng quan về AWS cực hay
Tổng quan về AWS cực hay
Hoa PN Thaycacac381 vues
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksDeep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Amazon Web Services5.9K vues
Publicité

Plus de Yahoo Developer Network(20)

Developing Mobile Apps for Performance - Swapnil Patel, Verizon MediaDeveloping Mobile Apps for Performance - Swapnil Patel, Verizon Media
Developing Mobile Apps for Performance - Swapnil Patel, Verizon Media
Yahoo Developer Network832 vues
Athenz & SPIFFE, Tatsuya Yano, Yahoo JapanAthenz & SPIFFE, Tatsuya Yano, Yahoo Japan
Athenz & SPIFFE, Tatsuya Yano, Yahoo Japan
Yahoo Developer Network604 vues
CICD at Oath using ScrewdriverCICD at Oath using Screwdriver
CICD at Oath using Screwdriver
Yahoo Developer Network882 vues
Big Data Serving with Vespa - Jon Bratseth, Distinguished Architect, OathBig Data Serving with Vespa - Jon Bratseth, Distinguished Architect, Oath
Big Data Serving with Vespa - Jon Bratseth, Distinguished Architect, Oath
Yahoo Developer Network780 vues
How @TwitterHadoop Chose Google Cloud, Joep Rottinghuis, Lohit VijayaRenuHow @TwitterHadoop Chose Google Cloud, Joep Rottinghuis, Lohit VijayaRenu
How @TwitterHadoop Chose Google Cloud, Joep Rottinghuis, Lohit VijayaRenu
Yahoo Developer Network469 vues
The Future of Hadoop in an AI World, Milind Bhandarkar, CEO, AmpoolThe Future of Hadoop in an AI World, Milind Bhandarkar, CEO, Ampool
The Future of Hadoop in an AI World, Milind Bhandarkar, CEO, Ampool
Yahoo Developer Network481 vues
Apache YARN Federation and Tez at Microsoft, Anupam Upadhyay, Adrian Nicoara,...Apache YARN Federation and Tez at Microsoft, Anupam Upadhyay, Adrian Nicoara,...
Apache YARN Federation and Tez at Microsoft, Anupam Upadhyay, Adrian Nicoara,...
Yahoo Developer Network427 vues
Containerized Services on Apache Hadoop YARN: Past, Present, and Future, Shan...Containerized Services on Apache Hadoop YARN: Past, Present, and Future, Shan...
Containerized Services on Apache Hadoop YARN: Past, Present, and Future, Shan...
Yahoo Developer Network304 vues
HDFS Scalability and Security, Daryn Sharp, Senior Engineer, OathHDFS Scalability and Security, Daryn Sharp, Senior Engineer, Oath
HDFS Scalability and Security, Daryn Sharp, Senior Engineer, Oath
Yahoo Developer Network179 vues
Hadoop {Submarine} Project: Running deep learning workloads on YARN, Wangda T...Hadoop {Submarine} Project: Running deep learning workloads on YARN, Wangda T...
Hadoop {Submarine} Project: Running deep learning workloads on YARN, Wangda T...
Yahoo Developer Network1.6K vues
Moving the Oath Grid to Docker, Eric Badger, OathMoving the Oath Grid to Docker, Eric Badger, Oath
Moving the Oath Grid to Docker, Eric Badger, Oath
Yahoo Developer Network291 vues
Architecting Petabyte Scale AI ApplicationsArchitecting Petabyte Scale AI Applications
Architecting Petabyte Scale AI Applications
Yahoo Developer Network524 vues
Introduction to Vespa – The Open Source Big Data Serving Engine, Jon Bratseth...Introduction to Vespa – The Open Source Big Data Serving Engine, Jon Bratseth...
Introduction to Vespa – The Open Source Big Data Serving Engine, Jon Bratseth...
Yahoo Developer Network1.7K vues
Jun 2017 HUG: YARN Scheduling – A Step BeyondJun 2017 HUG: YARN Scheduling – A Step Beyond
Jun 2017 HUG: YARN Scheduling – A Step Beyond
Yahoo Developer Network1.1K vues
Jun 2017 HUG: Large-Scale Machine Learning: Use Cases and Technologies Jun 2017 HUG: Large-Scale Machine Learning: Use Cases and Technologies
Jun 2017 HUG: Large-Scale Machine Learning: Use Cases and Technologies
Yahoo Developer Network1K vues
February 2017 HUG: Slow, Stuck, or Runaway Apps? Learn How to Quickly Fix Pro...February 2017 HUG: Slow, Stuck, or Runaway Apps? Learn How to Quickly Fix Pro...
February 2017 HUG: Slow, Stuck, or Runaway Apps? Learn How to Quickly Fix Pro...
Yahoo Developer Network721 vues
February 2017 HUG: Exactly-once end-to-end processing with Apache ApexFebruary 2017 HUG: Exactly-once end-to-end processing with Apache Apex
February 2017 HUG: Exactly-once end-to-end processing with Apache Apex
Yahoo Developer Network1K vues
February 2017 HUG: Data Sketches: A required toolkit for Big Data AnalyticsFebruary 2017 HUG: Data Sketches: A required toolkit for Big Data Analytics
February 2017 HUG: Data Sketches: A required toolkit for Big Data Analytics
Yahoo Developer Network1.3K vues
October 2016 HUG: Pulsar,  a highly scalable, low latency pub-sub messaging s...October 2016 HUG: Pulsar,  a highly scalable, low latency pub-sub messaging s...
October 2016 HUG: Pulsar,  a highly scalable, low latency pub-sub messaging s...
Yahoo Developer Network1.8K vues
October 2016 HUG: Architecture of an Open Source RDBMS powered by HBase and ...October 2016 HUG: Architecture of an Open Source RDBMS powered by HBase and ...
October 2016 HUG: Architecture of an Open Source RDBMS powered by HBase and ...
Yahoo Developer Network1.2K vues

Dernier(20)

3.1.+Course+Overview.pdf3.1.+Course+Overview.pdf
3.1.+Course+Overview.pdf
Jess Rodriguez0 vue
How to build machine learning apps.pdfHow to build machine learning apps.pdf
How to build machine learning apps.pdf
StephenAmell40 vue
CRYPTO-BIKE Pitch deck.pdfCRYPTO-BIKE Pitch deck.pdf
CRYPTO-BIKE Pitch deck.pdf
CryptoBikeMailer0 vue
5G New Radio Architecture.pdf5G New Radio Architecture.pdf
5G New Radio Architecture.pdf
Karthick Rajagopal0 vue
DeFi: Meaning and Application in the World of CryptoDeFi: Meaning and Application in the World of Crypto
DeFi: Meaning and Application in the World of Crypto
Chima Ezuo0 vue
Ch3 Small ams Aero.pptxCh3 Small ams Aero.pptx
Ch3 Small ams Aero.pptx
bvmohan10 vue
Carrier Aggregation in LTE Advanced.pdfCarrier Aggregation in LTE Advanced.pdf
Carrier Aggregation in LTE Advanced.pdf
SherifHassan890 vue
wire-all-the-things-lambda-days-2023.pdfwire-all-the-things-lambda-days-2023.pdf
wire-all-the-things-lambda-days-2023.pdf
Eric Torreborre0 vue
Ion Sources and BeamsIon Sources and Beams
Ion Sources and Beams
DrAlirezaGanjovi0 vue
Arduino Nano V3 CH340 Arduino Nano V3 CH340
Arduino Nano V3 CH340
pragyasharma3618080 vue
synthesisofevidenceresource.pdfsynthesisofevidenceresource.pdf
synthesisofevidenceresource.pdf
abdelkhaleqelhaddad50 vue
Technology-Startup-Presentation-Template.pptxTechnology-Startup-Presentation-Template.pptx
Technology-Startup-Presentation-Template.pptx
j s adarsh kumar0 vue
BlockChain.pptxBlockChain.pptx
BlockChain.pptx
Tilani Gunawardena PhD(UNIBAS), BSc(Pera), FHEA(UK), AMIESL0 vue
PHP-04-Forms.pptPHP-04-Forms.ppt
PHP-04-Forms.ppt
NatureLifearabhi0 vue
Data and Analytics at Holland & Barrett: Building a '3-Michelin-star' Data Pl...Data and Analytics at Holland & Barrett: Building a '3-Michelin-star' Data Pl...
Data and Analytics at Holland & Barrett: Building a '3-Michelin-star' Data Pl...
Dobo Radichkov0 vue
[AgileDevOps West 2023] We're in it together and other perspectives on effect...[AgileDevOps West 2023] We're in it together and other perspectives on effect...
[AgileDevOps West 2023] We're in it together and other perspectives on effect...
Jason Yip0 vue
Action Transformer.pdfAction Transformer.pdf
Action Transformer.pdf
AnastasiaSteele100 vue
Unleashing Innovation: CreativeWebo - Your Top Software Development Company i...Unleashing Innovation: CreativeWebo - Your Top Software Development Company i...
Unleashing Innovation: CreativeWebo - Your Top Software Development Company i...
Sagar Salvi0 vue
Ch 2 -ARMAMENT CONTROL & GPS systems design.pptxCh 2 -ARMAMENT CONTROL & GPS systems design.pptx
Ch 2 -ARMAMENT CONTROL & GPS systems design.pptx
bvmohan10 vue
Electron Transport .pptxElectron Transport .pptx
Electron Transport .pptx
RadioactiveMainakMon0 vue
Publicité

Athenz - The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan

  1. Athenz: The Open-Source Solution to Provide Access Control in Dynamic Infrastructures Tatsuya Yano / Yahoo Japan Corporation
  2. Athenz: Open Source System Created by Yahoo Inc. • Service Authentication – Provide secure identity in the form x.509 certificate to every workload / service in modern environments • Authorization – Provides fine-grained Role Based Access Control (RBAC)
  3. 3 Service Authentication
  4. Authentication • User Authentication – AD / LDAP / Okta / etc • Service Authentication – Instances within a service with a unique identity to enable secure communication • IP / Networks ACLs / iptable • Mutual TLS with x.509 certificates
  5. Why does this matter? • Many persistent large scale infrastructure problems are rooted in identity and policy – Network ACL complexity – Federated “Single” Sign On (SSO) systems – Headless/Automation users – Shared secrets
  6. Certificate Based Authentication • Every instance / service in your cloud has its own identity • Stronger security by Mutual TLS Authentication • Short Lived Certificates
  7. Copper Argos • Generalized model for authorized service providers to launch other service identities in an authorized way through a callback- based verification model. Providers OpenStack Kubernetes Screwdriver Amazon EC2 AWS ECS AWS Lambda
  8. Bootstrapping Athenz Identity
  9. 9 Authorization
  10. Athenz Data Model
  11. Single source of truth • Most infrastructures in Cloud computing environments (e.g. Kubernetes, OpenStack, AWS, etc) have their own system of access control. • Athenz provides interface to integrate with each infrastructure to run multi environments with a single access control model. Cloud computing environments OpenStack Kubernetes Screwdriver Amazon EC2 AWS ECS AWS Lambda
  12. Authorization - Centralized Access Control
  13. Authorization - Decentralized Access Control
  14. Demo 14
  15. Advantages of Athenz • To provide service identity X.509 certificates for services running in common providers like Kubernetes, OpenStack or AWS that can be used for mutual TLS authentication. • To have precise and frequently configurable access controls with single source of truth.
  16. Future plans • To support SPIFFE ID in SAN field of x509 certificate • To integrate with Istio envoy for authorization
  17. Resources • Athenz Website : http://www.athenz.io • Athenz Github: https://github.com/yahoo/athenz • Athenz Slack Channel: https://athenz.slack.com/ • Athenz Discussion Groups: – Google Group: Athenz-Users • Questions or Comments: – Tatsuya Yano: tatyano@yahoo-corp.jp
  18. Join US http://www.athenz.io
  19. Q & A 19
Publicité