CJUG welcomes the Chicago Security Meetup to join force for this special double feature night on Modern Java InfoSec, with international speaker, Mercedes Wyss, presenting a topic on Identity Management, and CJUG’s very own Secretary of the CJUG Board, Matt Sicker, introducing us to Modern Cryptography.
Modern Identity Management (in the era of Serverless and Microservices)
SPEAKER: Mercedes Wyss (@itrjwyss)
If you believe that Identity Management (IdM) is just related with the Authentication and Authorization processes, this is a talk for you.
IdM is an umbrella term for all of the core logic around identity. That means manage provisioning (assigning identities to users), account management (maintaining those identities), identity governance (assigning them to groups and roles and adjusting permissions as needed), authentication, authorization, identity federation (ensuring users can use the same identification data to access resources on related domains). A login is more than a Single Sign On,
we can use Passwordless, Federated Identity (FB, GitHub), Multifactor Authentication, improving our users experience.
The main purpose of this talk is gain an in-depth knowledge of those terms, in addition explore some PaaS, that can help to achieve all that in our projects easier and faster.
Mercedes Wyss is a software engineer with more than eight years of experience in the backend, frontend and Android development using Python, Java and Kotlin. Currently, she is a CTO at Produactivity, a startup based in Guatemala.
She is focusing on increasing women’s participation in STEAM by running a JDuchess Chapter in Guatemala, which one she organizes a STEAM Women Day Conference and is the leader of a Google community (Devs+502). She also is a Mozilla Guatemala community member and Leader of WoMoz GT (Women Mozilla Guatemala), and Leader of Women in Data Guatemala. She was previously organizing meetings in Guatemala Java Users Group from 2012 to 2016.
She is an Oracle Groundbreaker Ambassador and an Auth0 Ambassador, she also has a Duke’s Choice Award in Educational Outreach.
Modern Cryptography in Java
SPEAKER: Matt Sicker (Twitter: @jvz)
Cryptography is a vast topic bursting with acronyms, misinformation, and frequent gotchas when either implementing or using cryptographic algorithms. Encryption algorithms in particular are historically quite prone to misuse, and the overly generic cryptography APIs provided by most programming languages or standard libraries have only exasperated the problem. In this talk, we’ll cover the basic concepts of cryptography and information security, take a tour of the cryptographic APIs provided by the standard Java class library, and provide a deeper look at the concept of authenticated encryption, the cryptographic design pattern used in securing network protocols like SSL/TLS, SSH, and IPsec.
Matt Sicker is a software engineer on the Jenkins Security Team with a fondness for mathematics, cryptography, functional programming, and F/OSS. He is the Secretary for the Apache Software Foundation; VP, Logging Services, on the Log4j project; and helps co-ordinate Apache’s participation in the Outreachy mentorship program. Outside computers, he nerds out about coffee, cooking, beer, and various social sciences.
** Invited the Chicago Security Meetup (led by IBMer Anatoly Bodner) to jointly host this meetup event:
Chicago, United States