Software dependencies can be viewed as graph that only get bigger as software evolved. This lead to multiple challenging situations related to security, quality, licensing and more. Today tools are great but more accurate tools such as FASTEN are under development. Join me to learn how the current dependency management tool are evolving to cope with the growing complexity of software development.
Security in Jakarta EE has long been under used and under specified. The existing set of specifications ranged from overly complex to non-existent. The result was almost nobody used standards for security. Java EE 8 changed that with JSR 375, the Java EE Security API. Its evolution Jakarta Security facilitates portable application security that integrates with container security. Allowing an application to provide authentication mechanisms like OAuth or OpenID Connect and that mechanism is treated just like built-in container mechanisms like FORM.
When running Eclipse Steady internally at SAP, serving thousands of distinct teams and conducting 250k+ scans per month, we spent a substantial amount of time mining source code repositories and curating a knowledge base of so called fix-commits (which are the commits that fix known vulnerabilities). Such information is the fuel of Eclipse Steady and it needs to be continuously harvested.
With the rise of micro-services, REST communication is more popular than ever. But the communication between the different parts must also be performed in a secure way.
First, we need to know if the user or system is allowed to call the JAX-RS endpoint. For this authentication part, self-contained tokens are the best option to not overload any of our services in the system. JWT which contains the authentication but also can contain the authorization info is ideal for this use-case.
Quite a few years ago, augmented reality entered our daily lives imposing digital perspectives on reality without actually ‘touching’ it. Devices like phones, tablets, televisions and cars only enrich information and our experiences for all kinds of reasons. But lately it shows that this was just the beginning of a major transition where those devices are not merely ‘dumb’ things that provide information; they’re able to actually ‘do’ things on their own. Interacting with consumers as well as with each other is making them part of our human reality.
According to the Eclipse’s IoT Developer Survey from the past years, Security, Interoperability and Connectivity are the key challenges for IoT. While these topics constantly rank in the top five, comprehensive open-source solutions are still rare.
This session will introduce the attendees to the roots and motivation of the Eclipse IoT-Testware. Building on this, the major concerns of future IoT will be examined, possible solutions proposed and underpinned with examples.
