securing your cloud application using stratoslive
DESCRIPTION
Many organizations opt to move their applications to cloud considering the innumerous benefits it provides. However, serious thought must be given to the security aspect of the application and data before deciding to make this move For e.g. What happens if part of your critical customer information leaks out or your application becomes non-responsive due to a DOS attack ?...TRANSCRIPT
![Page 1: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/1.jpg)
Prabath Siriwardena – Software Architect, WSO2
Thilina Buddhika – Technical Lead & Product Manager, WSO2
![Page 2: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/2.jpg)
Cloud Computing
![Page 3: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/3.jpg)
Cloud Computing
![Page 4: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/4.jpg)
As a Service ?
![Page 5: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/5.jpg)
As a Service ?
Pay per use
Self service provisioning
Resource Sharing
Unlimited Resource
![Page 6: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/6.jpg)
• In public – IaaS, PaaS, SaaS available on the Internet – Use one of the cloud service providers – Information is stored and managed by provider under SLA
• In Private – Have a cloud, in-house – IaaS provides by hardware on your data centers – PaaS running on your IaaS – SaaS executing on your PaaS
• Or use both – Hybrid Cloud
![Page 7: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/7.jpg)
Enterprise IT in 2010
![Page 8: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/8.jpg)
Enterprise IT in 2015+
![Page 9: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/9.jpg)
What do you expect from a platform ?
![Page 10: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/10.jpg)
• Public Cloud – Fast time to market
– Makes it easier to write scalable code
• Private Cloud – Give each team their own instant infrastructure
– Govern centrally but code and deploy by team
– Automated governance, registry, identity
– Instant BAM
![Page 11: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/11.jpg)
![Page 12: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/12.jpg)
• Distributed / Dynamically Wired (works properly in the cloud) – Finds services across applications – Reuse services from other departments e.g. People information required by all of Finance,
Engineering and Sales
• Elastic (uses the cloud efficiently) – Scales up and down as needed – Some departments might want varying resources with varying bandwidth with varying
priority
• Multi-tenant (only costs when you use it) – Virtual isolated instances to facilitate isolation between departments etc. – e.g. Sales vs. Finance tenants. Finance want complete isolation for some sensitive services
• Self-service (in the hands of users) – De-centralized creation and management of tenants – No need to come to IT department to gain access – served via portal – no need to be on the
queue or waiting list
• Granularly Billed and Metered (pay for just what you use) – Allocate costs to exactly who uses them – Bill and cost various departments per use – Get rid of the situations where unused computing assets lying in one department while the
other departments are starving for the same
• Incrementally Deployed and Tested (supports seamless live upgrade) – Not disrupt other operations
![Page 13: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/13.jpg)
• A full middleware platform available as a service, with self service • Fast provisioning
• Based on OSGi • Modular, componentized, standard
• Multi-tenant, Elastic, Metered and Billed • Effective and powerful
• Available under the Apache License • Open Source, Open License, Open Development
![Page 14: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/14.jpg)
![Page 15: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/15.jpg)
WSO2 Carbon On Premise: • In Production at Fortune
1000 companies • Handling 1bn
transactions/day • The only modular open
source middleware stack • Everything you need to
build Enterprise Applications
• From Core Logic to Mobile Apps
WSO2 Stratos In Private Cloud: • A single managed platform • Elastic, Self-Service, Multi-
tenant • Accelerates your private
cloud beyond virtual machines to provide real Enterprise Cloud Services
• Use only what you need
WSO2 StratosLive As a Service in the Public Cloud: • We manage, run and
maintain your application platform
• Complete Pay as you Use • ESB-as-a-Service • Governance-as-a-Service • Identity-as-a-Service • With appropriate SLAs and
simple monthly billing
![Page 16: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/16.jpg)
![Page 17: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/17.jpg)
![Page 18: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/18.jpg)
![Page 19: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/19.jpg)
Enable sign into Stratos using Google Apps username/password.
For successful sign in using Google Apps,
If a tenant does not exist, it will be created with the same name as Google Apps domain. The IdP of this domain is Google Apps
![Page 20: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/20.jpg)
![Page 21: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/21.jpg)
![Page 22: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/22.jpg)
<login-config> <auth-method>BASIC</auth-method> <realm-name>Basic Auth</realm-name>
</login-config>
Automatically ties into Stratos Identity
![Page 23: Securing your Cloud Application using StratosLive](https://reader033.vdocuments.mx/reader033/viewer/2022060111/5564e12bd8b42ad3488b4c1c/html5/thumbnails/23.jpg)