SlideShare a Scribd company logo
1 of 18
Download to read offline
Building Multi-tenant Highly Secured
Applications on .NET for any Cloud -
Demystified
26-Jun-2013
www.techcello.com
(A Division of Asteor Software Inc)
© Techcello www.techcello.com
Housekeeping Instructions
 All phones are set to mute. If you have any questions, please type them in the Chat window
located beside the presentation panel.
 We have already received several questions from the registrants, which will be answered by the
speakers during the Q & A session.
 We will continue to collect more questions during the session as we receive and will try to answer
them during today’s session.
 In case if you do not receive answers to your question today, you will certainly receive answers via
email shortly.
 Thanks for your participation and enjoy the session!
© Techcello www.techcello.com
Techcello Introduction
 Cloud Ready, SaaS/Multi-
Tenant Application
Development Framework
 Provides end-end SaaS
Lifecycle Management
Solution
 Redefines the way enterprise
softwares are built and
managed
 Saves anywhere between 30-
50% of time and cost
© Techcello www.techcello.com
Speaker Profiles
 14+ years of experience in architecting cloud and SaaS solutions
for both ISVs and Enterprises
 Chief architect in designing and constructing CelloSaaS
framework
 Plays consultative role with customers in implementing technical
solutions
Jothi Rengarajan
Senior Technical Architect
TechCello
James McGovern
Chief Architect
Hewlett-Packard
 One of the top 10 enterprise technologists in the world
 Has authored more than 6 books on computing and dozens of
published articles
 Twenty years experience in developing, managing and deploying
large scale technology systems, business processes, and
strategies
© Techcello www.techcello.com
Protection of information. It deals with the prevention and detection of unauthorized
actions and ensuring confidentiality, integrity of data.
 Tenant data isolation
 RBAC – Prevent unauthorized action
 Data security
 Web related top threats as per OWASP
 Security Audit trail
Security in Multi-Tenancy
© Techcello www.techcello.com
Tenant Data Isolation
 Database
Routing Based
On Tenant
 Application
Layer Auto
Tenant Filter
 Tenant Based
View Filter
© Techcello www.techcello.com
Authentication
• Kinds of authentication tokens and source
• Username Password
• Multi factor authentication
• Claims based Authentication
• User identification information
• Encrypted cookie
• Session
Identity store
• Custom Store
• Password encryption/ hashing
• Password change policy externalization
• Active Directory Integration
• Identity Federation
Role Based Access Control (RBAC)
© Techcello www.techcello.com
Federation servers
• Oracle Identity Federation Server
• ADFS
• Azure Access control service
Role Based Access Control (RBAC)
© Techcello www.techcello.com
Role Based Access Control (RBAC)
Authorization
• Use privileges to define roles
• Privilege based control for actions
• Privilege based access for data
• Role mapped to privileges and user mapped to roles
• Code demands necessary privileges
• Roles should be defined by business users
• Configuration based privilege control
© Techcello www.techcello.com
OWASP – TOP 10 Threats 2013
 A1 Injection
 A2 Broken Authentication and Session Management (was formerly A3)
 A3 Cross-Site Scripting (XSS) (was formerly A2)
 A4 Insecure Direct Object References
 A5 Security Misconfiguration (was formerly A6)
 A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and
former A9 Insufficient Transport Layer Protection)
 A7 Missing Function Level Access Control (renamed/broadened from former A8 Failure to
Restrict URL Access)
 A8 Cross-Site Request Forgery (CSRF) (was formerly A5)
 A9 Using Known Vulnerable Components (new but was part of former A6 – Security
Misconfiguration)
 A10 Unvalidated Redirects and Forwards
© Techcello www.techcello.com
Web application top threats
• Man in middle attack
• Use secure channel - https
• SQL Injection
• Use parameterized queries
• Malicious script injection and Cross Site Scripting
• Validate input if it is a safe HTML
• URL escape, Html escape and Javascript escape untrusted data
• Cross site request
• Challenge-Response such as CAPTCHA
• Synchronizer Token
• Origin header
OWASP – open web application security project
© Techcello www.techcello.com
Encryption
• Preferred Symmetric compared to asymmetric due to performance
• Use Strong Keys
• Change Keys Periodically
Key storage
• Store in Key Vault and store away from encrypted data
• Double encryption
• Dual key storage
Database encryption
• Watch for Performance implications
• Encrypt only necessary columns
Data Security – Data Storage
© Techcello www.techcello.com
Data Security – Sample Encryption Decryption Approach
© Techcello www.techcello.com
Web Server to Application
server
• Soap Web Service
• WS-Security
• message security
• transport security -https
• client authentication - username,
certificate, claims federation
• Rest
• Https
• Custom asymmetric encryption
• custom authentication
Data Security – Data Transit
End user browser to web
server
• Https
• Custom encryption
Application to Database
• Transport Security
© Techcello www.techcello.com
Event Audit
• Covers
• Who does the action?
• What action is performed?
• What is the context in which the operation is performed?
• What time is the action performed?
• Event audit information – subject, target, context, user, datetime
• Audit details stored in a separate datastore for better
performance
• Realtime audit details – audit cache server
Security Audit
© Techcello www.techcello.com
Transaction and Change Audit
• Transaction Audit
• Snapshot: Exact copy of the row stored in history tables
• More suitable if requests to access past data are more
• More data growth
• Change Audit
• Only the delta of the state change captured as part of change tables
• More suitable when changes need to be reported and past data are not required
much
• Used more for Security tracking purposes
• Easier to implement by using methods available out of the box in RDBMS such as
CDC for SQL server
• Asynchronous Mode : For better performance and if we wish that audit should not roll
back the transactions it is advisable to audit in a asynchronous thread.
Security Audit
How does it work?
Cloud Ready, Multi-Tenant Application Development Framework
Tenant
Provisioning
Licensing Metering Billing Data Backup
Administrative
Modules
User
Management
Role/Privilege
Mgmt.
Single Sign-on
Dynamic Data
Scope
Auditing
Security
Modules
Business
Rules
Workflow
Dynamic
Forms
Enterprise Engines
Events Notification Templates
Integration Modules
Query Chart Reports
Ad-hoc Builders
Code
Templates
Master Data
Mgmt.
Forms
Generation
Productivity Boosters
Application Multi-Tenancy & Tenant Data Isolation
Custom Fields Custom LoV
Settings
Template
Themes &
Logo
Pre & Post
Processors
Configurability
Modules
Cello Cloud Adapters
Cello Stack – At a Glance
© Techcello www.techcello.com
Contact Details
Jothi Rengarajan (jothi.r@techcello.com)
James McGovern (james.mcgovern@hp.com)
Reference URLs
Web : http://www.techcello.com
ROI Calculator : http://www.techcello.com/techcello-roi-calculator
Demo Videos : http://www.techcello.com/techcello-resources/techcello-
product-demo
SaaS e-Book: http://www.techcello.com/techcello-resources/techcello-
resources-white-papers
Thank You

More Related Content

What's hot

Deep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsDeep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsTomasz Kopacz
 
Reduce Risk with End to End Monitoring of Middleware-based Applications
Reduce Risk with End to End Monitoring of Middleware-based ApplicationsReduce Risk with End to End Monitoring of Middleware-based Applications
Reduce Risk with End to End Monitoring of Middleware-based ApplicationsSL Corporation
 
Architecting Cloud Applications - the essential checklist
Architecting Cloud Applications - the essential checklistArchitecting Cloud Applications - the essential checklist
Architecting Cloud Applications - the essential checklistObject Consulting
 
What do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureWhat do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureAsaf Nakash
 
Devteach 2016: A practical overview of actors in service fabric
Devteach 2016: A practical overview of actors in service fabricDevteach 2016: A practical overview of actors in service fabric
Devteach 2016: A practical overview of actors in service fabricBrisebois
 
Migrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureMigrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureIlyas F ☁☁☁
 
Summer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantSummer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantWSO2
 
Migrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureMigrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureChris Dufour
 
Azure servicefabric
Azure servicefabricAzure servicefabric
Azure servicefabricAbhishek Sur
 
Cloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsCloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsAsaf Nakash
 
Tokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup
 
Microservice and Service Fabric talk
Microservice and Service Fabric talkMicroservice and Service Fabric talk
Microservice and Service Fabric talkDaniel Kreuzhofer
 
Using Camunda on Kubernetes through Operators
Using Camunda on Kubernetes through OperatorsUsing Camunda on Kubernetes through Operators
Using Camunda on Kubernetes through Operatorscamunda services GmbH
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAsaf Nakash
 
Understanding the Cloud Stack
Understanding the Cloud StackUnderstanding the Cloud Stack
Understanding the Cloud StackRapidScale
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1MH Muhammad Ali
 
Introduction to stratos live
Introduction to stratos liveIntroduction to stratos live
Introduction to stratos liveWSO2
 
Introduction to PaaS
Introduction to PaaSIntroduction to PaaS
Introduction to PaaSChris Haddad
 
Openstack - Enterprise cloud management platform
Openstack - Enterprise cloud management platformOpenstack - Enterprise cloud management platform
Openstack - Enterprise cloud management platformNagaraj Shenoy
 

What's hot (20)

Deep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsDeep dive into service fabric after 2 years
Deep dive into service fabric after 2 years
 
Reduce Risk with End to End Monitoring of Middleware-based Applications
Reduce Risk with End to End Monitoring of Middleware-based ApplicationsReduce Risk with End to End Monitoring of Middleware-based Applications
Reduce Risk with End to End Monitoring of Middleware-based Applications
 
Architecting Cloud Applications - the essential checklist
Architecting Cloud Applications - the essential checklistArchitecting Cloud Applications - the essential checklist
Architecting Cloud Applications - the essential checklist
 
What do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureWhat do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft Azure
 
Devteach 2016: A practical overview of actors in service fabric
Devteach 2016: A practical overview of actors in service fabricDevteach 2016: A practical overview of actors in service fabric
Devteach 2016: A practical overview of actors in service fabric
 
Migrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureMigrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft Azure
 
Summer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantSummer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is important
 
Migrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureMigrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft Azure
 
Azure servicefabric
Azure servicefabricAzure servicefabric
Azure servicefabric
 
Cloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsCloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloads
 
Tokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service Fabric
 
Cloud design principles
Cloud design principlesCloud design principles
Cloud design principles
 
Microservice and Service Fabric talk
Microservice and Service Fabric talkMicroservice and Service Fabric talk
Microservice and Service Fabric talk
 
Using Camunda on Kubernetes through Operators
Using Camunda on Kubernetes through OperatorsUsing Camunda on Kubernetes through Operators
Using Camunda on Kubernetes through Operators
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
 
Understanding the Cloud Stack
Understanding the Cloud StackUnderstanding the Cloud Stack
Understanding the Cloud Stack
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1
 
Introduction to stratos live
Introduction to stratos liveIntroduction to stratos live
Introduction to stratos live
 
Introduction to PaaS
Introduction to PaaSIntroduction to PaaS
Introduction to PaaS
 
Openstack - Enterprise cloud management platform
Openstack - Enterprise cloud management platformOpenstack - Enterprise cloud management platform
Openstack - Enterprise cloud management platform
 

Viewers also liked

10 features to check out in your subscription management solution
10 features to check out in your subscription management solution10 features to check out in your subscription management solution
10 features to check out in your subscription management solutionTechcello
 
Leveraging azure and cello for multi tenancy
Leveraging azure and cello for multi tenancyLeveraging azure and cello for multi tenancy
Leveraging azure and cello for multi tenancyTechcello
 
A pattern language for microservices (#SFMicroservices)
A pattern language for microservices (#SFMicroservices)A pattern language for microservices (#SFMicroservices)
A pattern language for microservices (#SFMicroservices)Chris Richardson
 
Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Techcello
 
Developing event-driven microservices with event sourcing and CQRS (london Ja...
Developing event-driven microservices with event sourcing and CQRS (london Ja...Developing event-driven microservices with event sourcing and CQRS (london Ja...
Developing event-driven microservices with event sourcing and CQRS (london Ja...Chris Richardson
 
Developing microservices with aggregates (melbourne)
Developing microservices with aggregates (melbourne)Developing microservices with aggregates (melbourne)
Developing microservices with aggregates (melbourne)Chris Richardson
 
Webinar How to Achieve True Scalability in SaaS Applications
Webinar How to Achieve True Scalability in SaaS ApplicationsWebinar How to Achieve True Scalability in SaaS Applications
Webinar How to Achieve True Scalability in SaaS ApplicationsTechcello
 
SaaS Architecture Past and Present
SaaS Architecture Past and PresentSaaS Architecture Past and Present
SaaS Architecture Past and PresentTechcello
 
Developing event-driven microservices with event sourcing and CQRS (Shanghai)
Developing event-driven microservices with event sourcing and CQRS (Shanghai)Developing event-driven microservices with event sourcing and CQRS (Shanghai)
Developing event-driven microservices with event sourcing and CQRS (Shanghai)Chris Richardson
 
Building and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for PartnersBuilding and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for PartnersAmazon Web Services
 
Single vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonSingle vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonTechcello
 
A year with event sourcing and CQRS
A year with event sourcing and CQRSA year with event sourcing and CQRS
A year with event sourcing and CQRSSteve Pember
 
Developing applications with a microservice architecture (svcc)
Developing applications with a microservice architecture (svcc)Developing applications with a microservice architecture (svcc)
Developing applications with a microservice architecture (svcc)Chris Richardson
 
Microservices + Events + Docker = A Perfect Trio (dockercon)
Microservices + Events + Docker = A Perfect Trio (dockercon)Microservices + Events + Docker = A Perfect Trio (dockercon)
Microservices + Events + Docker = A Perfect Trio (dockercon)Chris Richardson
 
Microservice Architecture with CQRS and Event Sourcing
Microservice Architecture with CQRS and Event SourcingMicroservice Architecture with CQRS and Event Sourcing
Microservice Architecture with CQRS and Event SourcingBen Wilcock
 
CQRS and Event Sourcing, An Alternative Architecture for DDD
CQRS and Event Sourcing, An Alternative Architecture for DDDCQRS and Event Sourcing, An Alternative Architecture for DDD
CQRS and Event Sourcing, An Alternative Architecture for DDDDennis Doomen
 
Developing microservices with aggregates (SpringOne platform, #s1p)
Developing microservices with aggregates (SpringOne platform, #s1p)Developing microservices with aggregates (SpringOne platform, #s1p)
Developing microservices with aggregates (SpringOne platform, #s1p)Chris Richardson
 
Patterns for building resilient and scalable microservices platform on AWS
Patterns for building resilient and scalable microservices platform on AWSPatterns for building resilient and scalable microservices platform on AWS
Patterns for building resilient and scalable microservices platform on AWSBoyan Dimitrov
 
(ARC309) Getting to Microservices: Cloud Architecture Patterns
(ARC309) Getting to Microservices: Cloud Architecture Patterns(ARC309) Getting to Microservices: Cloud Architecture Patterns
(ARC309) Getting to Microservices: Cloud Architecture PatternsAmazon Web Services
 
Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...
Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...
Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...Chris Richardson
 

Viewers also liked (20)

10 features to check out in your subscription management solution
10 features to check out in your subscription management solution10 features to check out in your subscription management solution
10 features to check out in your subscription management solution
 
Leveraging azure and cello for multi tenancy
Leveraging azure and cello for multi tenancyLeveraging azure and cello for multi tenancy
Leveraging azure and cello for multi tenancy
 
A pattern language for microservices (#SFMicroservices)
A pattern language for microservices (#SFMicroservices)A pattern language for microservices (#SFMicroservices)
A pattern language for microservices (#SFMicroservices)
 
Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1
 
Developing event-driven microservices with event sourcing and CQRS (london Ja...
Developing event-driven microservices with event sourcing and CQRS (london Ja...Developing event-driven microservices with event sourcing and CQRS (london Ja...
Developing event-driven microservices with event sourcing and CQRS (london Ja...
 
Developing microservices with aggregates (melbourne)
Developing microservices with aggregates (melbourne)Developing microservices with aggregates (melbourne)
Developing microservices with aggregates (melbourne)
 
Webinar How to Achieve True Scalability in SaaS Applications
Webinar How to Achieve True Scalability in SaaS ApplicationsWebinar How to Achieve True Scalability in SaaS Applications
Webinar How to Achieve True Scalability in SaaS Applications
 
SaaS Architecture Past and Present
SaaS Architecture Past and PresentSaaS Architecture Past and Present
SaaS Architecture Past and Present
 
Developing event-driven microservices with event sourcing and CQRS (Shanghai)
Developing event-driven microservices with event sourcing and CQRS (Shanghai)Developing event-driven microservices with event sourcing and CQRS (Shanghai)
Developing event-driven microservices with event sourcing and CQRS (Shanghai)
 
Building and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for PartnersBuilding and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for Partners
 
Single vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonSingle vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost Comparison
 
A year with event sourcing and CQRS
A year with event sourcing and CQRSA year with event sourcing and CQRS
A year with event sourcing and CQRS
 
Developing applications with a microservice architecture (svcc)
Developing applications with a microservice architecture (svcc)Developing applications with a microservice architecture (svcc)
Developing applications with a microservice architecture (svcc)
 
Microservices + Events + Docker = A Perfect Trio (dockercon)
Microservices + Events + Docker = A Perfect Trio (dockercon)Microservices + Events + Docker = A Perfect Trio (dockercon)
Microservices + Events + Docker = A Perfect Trio (dockercon)
 
Microservice Architecture with CQRS and Event Sourcing
Microservice Architecture with CQRS and Event SourcingMicroservice Architecture with CQRS and Event Sourcing
Microservice Architecture with CQRS and Event Sourcing
 
CQRS and Event Sourcing, An Alternative Architecture for DDD
CQRS and Event Sourcing, An Alternative Architecture for DDDCQRS and Event Sourcing, An Alternative Architecture for DDD
CQRS and Event Sourcing, An Alternative Architecture for DDD
 
Developing microservices with aggregates (SpringOne platform, #s1p)
Developing microservices with aggregates (SpringOne platform, #s1p)Developing microservices with aggregates (SpringOne platform, #s1p)
Developing microservices with aggregates (SpringOne platform, #s1p)
 
Patterns for building resilient and scalable microservices platform on AWS
Patterns for building resilient and scalable microservices platform on AWSPatterns for building resilient and scalable microservices platform on AWS
Patterns for building resilient and scalable microservices platform on AWS
 
(ARC309) Getting to Microservices: Cloud Architecture Patterns
(ARC309) Getting to Microservices: Cloud Architecture Patterns(ARC309) Getting to Microservices: Cloud Architecture Patterns
(ARC309) Getting to Microservices: Cloud Architecture Patterns
 
Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...
Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...
Handling Eventual Consistency in JVM Microservices with Event Sourcing (javao...
 

Similar to Building Multi-tenant, Configurable, High Quality Applications on .NET for any Cloud - Demystified

Techcello hp-arch workshop
Techcello hp-arch workshopTechcello hp-arch workshop
Techcello hp-arch workshopkanimozhin
 
Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...kanimozhin
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Techcello webinar ppt slideshare
Techcello webinar ppt slideshareTechcello webinar ppt slideshare
Techcello webinar ppt slidesharekanimozhin
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014Amazon Web Services
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
CSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps sessionCSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps sessionTom Laszewski
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudAlert Logic
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the CloudSecurity Innovation
 
Virtualization Vs. Containers
Virtualization Vs. ContainersVirtualization Vs. Containers
Virtualization Vs. Containersactualtechmedia
 
Interop ITX: Moving applications: From Legacy to Cloud-to-Cloud
Interop ITX: Moving applications: From Legacy to Cloud-to-CloudInterop ITX: Moving applications: From Legacy to Cloud-to-Cloud
Interop ITX: Moving applications: From Legacy to Cloud-to-CloudSusan Wu
 
8 Elements of Multi-Cloud Security
8 Elements of Multi-Cloud Security8 Elements of Multi-Cloud Security
8 Elements of Multi-Cloud SecurityRightScale
 
Continuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and DockerContinuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and DockerAmazon Web Services
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHansFarroCastillo1
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeCloudHesive
 
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Cisco DevNet
 
SecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdfSecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdfSrinivasMahankali3
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 

Similar to Building Multi-tenant, Configurable, High Quality Applications on .NET for any Cloud - Demystified (20)

Techcello hp-arch workshop
Techcello hp-arch workshopTechcello hp-arch workshop
Techcello hp-arch workshop
 
Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applications
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
Techcello webinar ppt slideshare
Techcello webinar ppt slideshareTechcello webinar ppt slideshare
Techcello webinar ppt slideshare
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
CSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps sessionCSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps session
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure Cloud
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the Cloud
 
Virtualization Vs. Containers
Virtualization Vs. ContainersVirtualization Vs. Containers
Virtualization Vs. Containers
 
Interop ITX: Moving applications: From Legacy to Cloud-to-Cloud
Interop ITX: Moving applications: From Legacy to Cloud-to-CloudInterop ITX: Moving applications: From Legacy to Cloud-to-Cloud
Interop ITX: Moving applications: From Legacy to Cloud-to-Cloud
 
8 Elements of Multi-Cloud Security
8 Elements of Multi-Cloud Security8 Elements of Multi-Cloud Security
8 Elements of Multi-Cloud Security
 
Continuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and DockerContinuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and Docker
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptx
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our Time
 
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation
 
SecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdfSecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdf
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
 

More from Techcello

Whitepaper - Building a scalable & Profitable Saas Business
Whitepaper - Building a scalable & Profitable Saas BusinessWhitepaper - Building a scalable & Profitable Saas Business
Whitepaper - Building a scalable & Profitable Saas BusinessTechcello
 
9 Quotable Quotes About Multi Tenancy
9 Quotable Quotes About Multi Tenancy9 Quotable Quotes About Multi Tenancy
9 Quotable Quotes About Multi TenancyTechcello
 
Benchmark Maturity of your SaaS Solution
Benchmark Maturity of your SaaS SolutionBenchmark Maturity of your SaaS Solution
Benchmark Maturity of your SaaS SolutionTechcello
 
Saas Challenges and Solutions
Saas Challenges and SolutionsSaas Challenges and Solutions
Saas Challenges and SolutionsTechcello
 
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...Techcello
 
Cello saas scalability architecture
Cello saas scalability architectureCello saas scalability architecture
Cello saas scalability architectureTechcello
 
Cello Saas Brochure
Cello Saas BrochureCello Saas Brochure
Cello Saas BrochureTechcello
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glanceTechcello
 
Benefits of cello framework
Benefits of cello frameworkBenefits of cello framework
Benefits of cello frameworkTechcello
 
CelloSaaS Getting Started
CelloSaaS Getting StartedCelloSaaS Getting Started
CelloSaaS Getting StartedTechcello
 
Cloud ready Multi-tenant SaaS Application Platform
Cloud ready Multi-tenant SaaS Application PlatformCloud ready Multi-tenant SaaS Application Platform
Cloud ready Multi-tenant SaaS Application PlatformTechcello
 

More from Techcello (11)

Whitepaper - Building a scalable & Profitable Saas Business
Whitepaper - Building a scalable & Profitable Saas BusinessWhitepaper - Building a scalable & Profitable Saas Business
Whitepaper - Building a scalable & Profitable Saas Business
 
9 Quotable Quotes About Multi Tenancy
9 Quotable Quotes About Multi Tenancy9 Quotable Quotes About Multi Tenancy
9 Quotable Quotes About Multi Tenancy
 
Benchmark Maturity of your SaaS Solution
Benchmark Maturity of your SaaS SolutionBenchmark Maturity of your SaaS Solution
Benchmark Maturity of your SaaS Solution
 
Saas Challenges and Solutions
Saas Challenges and SolutionsSaas Challenges and Solutions
Saas Challenges and Solutions
 
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
 
Cello saas scalability architecture
Cello saas scalability architectureCello saas scalability architecture
Cello saas scalability architecture
 
Cello Saas Brochure
Cello Saas BrochureCello Saas Brochure
Cello Saas Brochure
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glance
 
Benefits of cello framework
Benefits of cello frameworkBenefits of cello framework
Benefits of cello framework
 
CelloSaaS Getting Started
CelloSaaS Getting StartedCelloSaaS Getting Started
CelloSaaS Getting Started
 
Cloud ready Multi-tenant SaaS Application Platform
Cloud ready Multi-tenant SaaS Application PlatformCloud ready Multi-tenant SaaS Application Platform
Cloud ready Multi-tenant SaaS Application Platform
 

Recently uploaded

COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIUdaiappa Ramachandran
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 

Recently uploaded (20)

COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 

Building Multi-tenant, Configurable, High Quality Applications on .NET for any Cloud - Demystified

  • 1. Building Multi-tenant Highly Secured Applications on .NET for any Cloud - Demystified 26-Jun-2013 www.techcello.com (A Division of Asteor Software Inc)
  • 2. © Techcello www.techcello.com Housekeeping Instructions  All phones are set to mute. If you have any questions, please type them in the Chat window located beside the presentation panel.  We have already received several questions from the registrants, which will be answered by the speakers during the Q & A session.  We will continue to collect more questions during the session as we receive and will try to answer them during today’s session.  In case if you do not receive answers to your question today, you will certainly receive answers via email shortly.  Thanks for your participation and enjoy the session!
  • 3. © Techcello www.techcello.com Techcello Introduction  Cloud Ready, SaaS/Multi- Tenant Application Development Framework  Provides end-end SaaS Lifecycle Management Solution  Redefines the way enterprise softwares are built and managed  Saves anywhere between 30- 50% of time and cost
  • 4. © Techcello www.techcello.com Speaker Profiles  14+ years of experience in architecting cloud and SaaS solutions for both ISVs and Enterprises  Chief architect in designing and constructing CelloSaaS framework  Plays consultative role with customers in implementing technical solutions Jothi Rengarajan Senior Technical Architect TechCello James McGovern Chief Architect Hewlett-Packard  One of the top 10 enterprise technologists in the world  Has authored more than 6 books on computing and dozens of published articles  Twenty years experience in developing, managing and deploying large scale technology systems, business processes, and strategies
  • 5. © Techcello www.techcello.com Protection of information. It deals with the prevention and detection of unauthorized actions and ensuring confidentiality, integrity of data.  Tenant data isolation  RBAC – Prevent unauthorized action  Data security  Web related top threats as per OWASP  Security Audit trail Security in Multi-Tenancy
  • 6. © Techcello www.techcello.com Tenant Data Isolation  Database Routing Based On Tenant  Application Layer Auto Tenant Filter  Tenant Based View Filter
  • 7. © Techcello www.techcello.com Authentication • Kinds of authentication tokens and source • Username Password • Multi factor authentication • Claims based Authentication • User identification information • Encrypted cookie • Session Identity store • Custom Store • Password encryption/ hashing • Password change policy externalization • Active Directory Integration • Identity Federation Role Based Access Control (RBAC)
  • 8. © Techcello www.techcello.com Federation servers • Oracle Identity Federation Server • ADFS • Azure Access control service Role Based Access Control (RBAC)
  • 9. © Techcello www.techcello.com Role Based Access Control (RBAC) Authorization • Use privileges to define roles • Privilege based control for actions • Privilege based access for data • Role mapped to privileges and user mapped to roles • Code demands necessary privileges • Roles should be defined by business users • Configuration based privilege control
  • 10. © Techcello www.techcello.com OWASP – TOP 10 Threats 2013  A1 Injection  A2 Broken Authentication and Session Management (was formerly A3)  A3 Cross-Site Scripting (XSS) (was formerly A2)  A4 Insecure Direct Object References  A5 Security Misconfiguration (was formerly A6)  A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection)  A7 Missing Function Level Access Control (renamed/broadened from former A8 Failure to Restrict URL Access)  A8 Cross-Site Request Forgery (CSRF) (was formerly A5)  A9 Using Known Vulnerable Components (new but was part of former A6 – Security Misconfiguration)  A10 Unvalidated Redirects and Forwards
  • 11. © Techcello www.techcello.com Web application top threats • Man in middle attack • Use secure channel - https • SQL Injection • Use parameterized queries • Malicious script injection and Cross Site Scripting • Validate input if it is a safe HTML • URL escape, Html escape and Javascript escape untrusted data • Cross site request • Challenge-Response such as CAPTCHA • Synchronizer Token • Origin header OWASP – open web application security project
  • 12. © Techcello www.techcello.com Encryption • Preferred Symmetric compared to asymmetric due to performance • Use Strong Keys • Change Keys Periodically Key storage • Store in Key Vault and store away from encrypted data • Double encryption • Dual key storage Database encryption • Watch for Performance implications • Encrypt only necessary columns Data Security – Data Storage
  • 13. © Techcello www.techcello.com Data Security – Sample Encryption Decryption Approach
  • 14. © Techcello www.techcello.com Web Server to Application server • Soap Web Service • WS-Security • message security • transport security -https • client authentication - username, certificate, claims federation • Rest • Https • Custom asymmetric encryption • custom authentication Data Security – Data Transit End user browser to web server • Https • Custom encryption Application to Database • Transport Security
  • 15. © Techcello www.techcello.com Event Audit • Covers • Who does the action? • What action is performed? • What is the context in which the operation is performed? • What time is the action performed? • Event audit information – subject, target, context, user, datetime • Audit details stored in a separate datastore for better performance • Realtime audit details – audit cache server Security Audit
  • 16. © Techcello www.techcello.com Transaction and Change Audit • Transaction Audit • Snapshot: Exact copy of the row stored in history tables • More suitable if requests to access past data are more • More data growth • Change Audit • Only the delta of the state change captured as part of change tables • More suitable when changes need to be reported and past data are not required much • Used more for Security tracking purposes • Easier to implement by using methods available out of the box in RDBMS such as CDC for SQL server • Asynchronous Mode : For better performance and if we wish that audit should not roll back the transactions it is advisable to audit in a asynchronous thread. Security Audit
  • 17. How does it work? Cloud Ready, Multi-Tenant Application Development Framework Tenant Provisioning Licensing Metering Billing Data Backup Administrative Modules User Management Role/Privilege Mgmt. Single Sign-on Dynamic Data Scope Auditing Security Modules Business Rules Workflow Dynamic Forms Enterprise Engines Events Notification Templates Integration Modules Query Chart Reports Ad-hoc Builders Code Templates Master Data Mgmt. Forms Generation Productivity Boosters Application Multi-Tenancy & Tenant Data Isolation Custom Fields Custom LoV Settings Template Themes & Logo Pre & Post Processors Configurability Modules Cello Cloud Adapters Cello Stack – At a Glance
  • 18. © Techcello www.techcello.com Contact Details Jothi Rengarajan (jothi.r@techcello.com) James McGovern (james.mcgovern@hp.com) Reference URLs Web : http://www.techcello.com ROI Calculator : http://www.techcello.com/techcello-roi-calculator Demo Videos : http://www.techcello.com/techcello-resources/techcello- product-demo SaaS e-Book: http://www.techcello.com/techcello-resources/techcello- resources-white-papers Thank You