Description: Geoffrey Hill has been in the IT industry since 1990, when he developed and sold a C++ application to measure risk in the commodities markets in New York City. Since then he has worked as a senior developer of quantitative finance applications in Nomura Finance (New York), Mitsukoshi Finance (Japan), Macquarie Finance (Australia) and NatWest Bank (UK). At DeepSec 2014 he talks about data validation gates based on cloud technology.
„Current methodology in nearly every organisation is to create data validation gates. But when an organisation implements a cloud-based strategy, these security-quality gates may inadvertently become bypassed or suppressed. This talk discusses a methodology to encapsulate the validation at the object level, thus allowing each object to have validated or sanitised data at any given point in time.
Two kinds of patterns will be discussed, a validated object pattern and a tokenised object pattern. Examples of use-cases will be detailed for the delegates.
Advantages and possible pitfalls of these patterns in security design will also be reviewed.
Examples will be given in several main programming languages.“
For More Information Please Visit:- https://www.deepsec.net/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.