A smart contract, also knоwn as a crypto contract (a code соntrасt on the blockchain), іѕ code thаt directly соntrоlѕ thе transfer оf dіgіtаl сurrеnсіеѕ or аѕѕеtѕ bеtwееn parties undеr сеrtаіn соndіtіоnѕ.
A smart contract nоt оnlу dеfіnеѕ the rulеѕ and penalties around аn аgrееmеnt іn thе same wау thаt a trаdіtіоnаl соntrасt dоеѕ, but іt саn also аutоmаtісаllу еnfоrсе thоѕе оblіgаtіоnѕ. It does this by tаkіng іn іnfоrmаtіоn аѕ input, аѕѕіgnіng vаluе to that іnрut thrоugh thе rulеѕ ѕеt out in the соntrасt, еxесutіng the асtіоnѕ rеԛuіrеd by those contractual clauses – for example, dеtеrmіnіng whеthеr аn аѕѕеt should go tо оnе реrѕоn or rеturnеd tо thе оthеr person frоm whom thе аѕѕеt оrіgіnаtеd. These соntrасtѕ аrе ѕtоrеd оn blосkсhаіn technology, a dесеntrаlіzеd ledger thаt also underpins bіtсоіn аnd оthеr сrурtосurrеnсіеѕ.
Blockchain technology, or distributed ledger technology (DLT), as it is alternatively often called, is one of the hottest topics in the technology sector as of now. A blockchain is a specific type of distributed ledger that stores data in blocks that are linked together via a cryptographic signature function.
This, in short, works by always using the signature of the last block plus the data of the current block to sign the current block. Given enough computing power behind creating the hash signatures for new blocks, a process that is known as mining (PoW), the resulting public ledger is virtually unmodifiable for malicious actors, commending itself for applications that rely on mutual trust where trust cannot be easily applied.
Blockchain technology is gradually revolutionizing the way business is being transacted on in the digital realm. Blockchain technology exploits decentralisation and one-way cryptographic hashes to ensure the integrity of data and P2P transaction across the internet. Cryptocurrencies have been the main driver of Blockchain technologies and although the world may have slowed down in terms of its appetite for these currencies, the technology behind Bitcoin and EOS is finding relevance and applications in diverse areas. This because unlike other technologies that focus on solving specific problems or automating processes where security becomes an afterthought, Blockchain in many ways cooperates security by design in its architecture. It eliminates the need for third-party layering of security elements (TNO 2019). This article explores areas where Blockchain technology is finding novel applications. These include identity management, creative content copywriting, tokenization of products and data integrity management.
Information security aspects when moving operations from on-premise
So if you are reading this I will make some basic assumptions that you know about Microsoft Azure, Amazon Web Services and perhaps even Alibaba Cloud, these are renowned hyperscale cloud vendors. Last few years cloud computing have been among the IT industries hottest topics. The term refers to on-demand access to computing resources provisioned by another provider. 2019 has been dubbed the year of migrations by several vendors and a pronounced advantage of cloud computing is that they tend to be highly available and easily scalable. For fast-growing business, cloud-computing has revolutionized the way they can work. Organizations typically lease cloud-based resources from outside the organization. Of course, it is also possible (but not as common) to host cloud-based services internally.
While cloud computing can be very cost-efficient and offer fast scaling, it’s challenged by the fact that resources will most likely be hosted outside of the business’ data centre and therefore, outside of the direct control of that business, increasing the complexity to manage risk and handle governance.
So in my previous article on quantum computing, we talked about where we are today, and where we are headed in regards to breakthroughs in the technology as well as touching on some basics of “what is quantum computing“. In this article, I explore what quantum cryptography and cryptography is like in a post-quantum world.
So, a refresher: quantum computing is set to transform cryptography due to the revolutionary, non-deterministic way of operating.
How will they affect existing cryptography algorithms and which options do we know today for doing cryptography in a post-quantum world?
For as long as it has been in development inside the science labs of the universities, corporations and government agencies, quantum computing has been considered the next frontier in cybersecurity. Quantum computers are machines that do not work with classical electrical on and off-states but instead rely on quantum states that can be in several states at once, a circumstance known as „superposition(1)“. While they are still in their very infancy, their capabilities have been mystified over and over and it’s probably fair to say that quantum computing is one of the most misunderstood technological advancements of our day and age.
Within the ongoing arms race in the perimeter of information security, artificial intelligence and machine learning are two of the most promising innovations.
While AI in common „personal assistants“, like those developed by Amazon, Alibaba and Google has recently reached levels at which it can convincingly make phone calls on behalf of their users, the capabilities of AI in the hands of defenders, as well as attackers, will likely evolve from buzzword to technology of significant importance over the next years.
On the defensive side, artificial intelligence powered intrusion detection will deliver the ability to pick up on anomalies within an organizations network or perimeters and raise alerts or even countermeasures much quicker than would be possible for any human security team. AI technologies supreme and literally superhumanly quick pattern recognition capabilities enable it to consistently collect intelligence regarding new threats, attempted attacks, acceptable user behaviour and constantly evolve its knowledge. This does allow AI-powered intrusion detection mechanism to find the proverbial needle in the haystack (and react to it) much faster and more concise than classical signature-based intrusion detection systems or a human security analyst.
This does have a flip-side, of course: The same AI capabilities could be used to learn about specific defences and normal user behaviour pattern in an organization and mask the malicious behaviour so it will not be recognized by classical intrusion detection systems or human onlookers.
In today’s interconnected cloud-first, mobile world, securing your online apps and services is vital. However, building secure solutions which deliver value in today’s complex and regulated environment can be a challenge. With information essentially becoming the currency of the digital age, the creation of multiple compliance regulations has forced organizations to implement technical security measures to protect their online systems and customers. Meeting these compliance requirements can be challenging, especially if you are leveraging the benefits of the cloud. Not only do you need to build and configure your apps and services securely, but you also need to ensure your chosen cloud provider meets any necessary compliance requirements.
Compliance in the Cloud Compliance Is a Shared Responsibility
On Azure, Microsoft is responsible for meeting the compliance requirements for its platform while you are responsible for any compliance measures which relate to your cloud service.
With more certifications than any other cloud service provider, Azure meets a broad set of international as well as industry-specific compliance standards. These include the GDPR, ISO 27001, HIPAA, SOC, among others. Microsoft also conducts regular comprehensive audits to ensure it maintains these standards and adheres to the security controls needed.
However, as stated, ensuring your services that are running on Azure meet compliance requirements is your responsibility. Thankfully Microsoft Azure provides a few tools which can help you secure your cloud services and meet the necessary compliance standards.
Now we’ll look at configuring SAML integration between VMware Identity Manager and Salesforce for Workspace ONE.
Definition: Security Assertion Markup Language (SAML). It is an open standard which enables SSO for many different services and platforms. Authenticating with SAML allows a user to log in once per session.
Here are the defining components of SAML:
Service provider (i.e. an application.)
Identity provider (who is authenticated, and what authentication methods are used.)
End user who is accessing over SAML.
User starts the SAML Application
Service Provider (SP) sends a request to the Identity Provider (IdP) for authentication
If the user is not authenticated, the IdP requests authentication from the user. (I.e. username and password)
The IdP then sends response to the SP with a token for that user.
So if you were used to installing the ACC (AirWatch Cloud Connector) or the Linux appliance vIDM (VMware Identity Manager Connector), you should know that these two products have now been tied into one and have been branded VMware Enterprise Systems Connector.
Which I think is great, as editing a Linux appliance and bash, sudo, cat, vi. Yeah, it was fun.
I’ll walk you through the installation of the VMware Enterprise Systems Connector and enterprise integration.