When running Eclipse Steady internally at SAP, serving thousands of distinct teams and conducting 250k+ scans per month, we spent a substantial amount of time mining source code repositories and curating a knowledge base of so called fix-commits (which are the commits that fix known vulnerabilities). Such information is the fuel of Eclipse Steady and it needs to be continuously harvested.
With the rise of micro-services, REST communication is more popular than ever. But the communication between the different parts must also be performed in a secure way.
First, we need to know if the user or system is allowed to call the JAX-RS endpoint. For this authentication part, self-contained tokens are the best option to not overload any of our services in the system. JWT which contains the authentication but also can contain the authorization info is ideal for this use-case.
Quite a few years ago, augmented reality entered our daily lives imposing digital perspectives on reality without actually ‘touching’ it. Devices like phones, tablets, televisions and cars only enrich information and our experiences for all kinds of reasons. But lately it shows that this was just the beginning of a major transition where those devices are not merely ‘dumb’ things that provide information; they’re able to actually ‘do’ things on their own. Interacting with consumers as well as with each other is making them part of our human reality.
According to the Eclipse’s IoT Developer Survey from the past years, Security, Interoperability and Connectivity are the key challenges for IoT. While these topics constantly rank in the top five, comprehensive open-source solutions are still rare.
This session will introduce the attendees to the roots and motivation of the Eclipse IoT-Testware. Building on this, the major concerns of future IoT will be examined, possible solutions proposed and underpinned with examples.