Securing Swift and Kitura
Securing Swift and Kitura web framework

If you are a developer that understands the efficiency and safety benefits of blurring the lines between client-side and server-side development, I’m excited to tell you about my upcoming session. My presentation will center on Swift, an exciting new contender in the open source world and the world of cloud. Swift is a new language by Apple that was initially targeted for clients but the community (and IBM!) is enthusiastically adopting it for Linux and server-side. This adoption brings with it various safety features, from those that are built in the language to a safer methodology of shared code and data structures between clients and servers.

What makes the transition of Swift from client side to server side remarkable is that Swift was initially intended for a closed Operating Systems (iOS and macOS) as well as a closed ecosystem. But since it became open sourced, it not only needs to support that legacy ecosystem, but also simultaneously needs to adapt to the new world of openness and interoperability.

In my talk, I will explore some of the security challenges around the transition of Swift from a closed ecosystem to an open one. I will describe what IBM and the Swift community are doing about some of these challenges and how the Swift Server API working group was born. This is the beginning of a long journey for the Swift community and I hope I can get you excited to join us.

A shout out also to our Swift booth in the exhibition hall. I look forward to meeting you at my session or at our booth!

Gelareh Taban at OSCON


Web server defense: Swift edition  *Session*

  • Date: Tuesday, May 10, 2017
    Time: 2:35pm3:15pm

    Location: Meeting Room 10 A/B
    Level: Intermediate

The Swift language was born on the client side, but since it was open-sourced in late 2015, it has gained wide momentum in the server community. However, security and the threat vectors that are introduced are among the challenges that exist in bringing Swift to the server side. Understanding these threats and designing proper protection mechanisms is crucial before end-to-end Swift applications can be written and deployed.

Gelareh Taban will explain how security can be built into a Swift server application, using an end-to-end Swift app to demonstrate how a client can communicate with a web service securely and access service resources with proper authentication and authorization. Gelareh discusses best practices in using the new Swift security frameworks as well as the Swift language itself, illustrating how building upon the safety features of the language can prevent many common vulnerabilities that plague servers thus reducing their attack surface.

Join The Discussion

Your email address will not be published. Required fields are marked *