Skip to main content

Posts

Showing posts from May, 2017

[Post Event] ITCamp Conference 2017 - Cluj-Napoca

What a week! ITCamp Conference took place in Cluj-Napoca Speakers all around the globe joined forces with ITCamp Community team and delivered high quality sessions. As in the last years, topics that are covered by ITCamp Conference were from all technologies - JavaScript to Containers, Azure to Raspberry, OOP to Machine Learning.
The speaker list is pretty long and I invite you to check it out. ITCamp Conference had Google employee's, Principal Program Managers from Microsoft and of course a lot of architects and deep technical people from the field.
Being part of such an event it is a delight. Having live high quality sessions in Cluj-Napoca it is a unique opportunity, offered by ITCamp Community each year.
In figures, ITCamp Community looks very interesting - more than 40 speakers, that deliver 40+ sessions during the two days of the conference to more than 500 attendees.

What a great conference! What a week! Great sessions, great speakers, wonderful people - all of them in one…

[Past Event] DevTalks Cluj-Napoca 2017

This week I was invited at DevTalks to talk about cloud infrastructure and how we can isolated a cloud network from public internet.
DevTalks, as a conference is at the 3rd edition. This year there were 6 track in parallel covering the megatrends of 2017.  It was a good conference, with great speakers and interesting sessions.
Below you can find content related to my session.

Title:
Network isolated inside a cloud environment
Abstract: 
It is possible to create a private network inside a cloud environment that is fully isolated from the external world? If you want to find out the response to this question that you should join the session.
Additional to this we will talk about how we can migrate existing infrastructure to cloud (partially or fully) persisting the same security level as you had before.
Slides:

Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj Romania from Radu Vunvulea
Pictures:



Azure Cosmos DB | The perfect place for device topology for world wide solutions

In the world of IoT, devices are distributed all around the world. The current systems that are now on the market are offering scalable and distributed systems for communication between devices and our backends.

Context
It is not something out of ordinary if we have an IoT solution distributed to 3 or 5 places around the globe. But behind this performant systems we need a storage solution flexible enough for different schemas but in the same time to be powerful enough to scale at whatever size we want.

Relational database are used often to store data where we have a stable schema. Having different devices across the globe request to have different schemas and data formats. Storing data in non-relational databases is more natural and simple. A key-value, graph or document database is many time more suitable for our needs in IoT scenarios then a relational database.

Current solutions
There are plenty solutions on the market, that are fast, powerful and easy to use. I expect that you heard…

Azure Key Vault | How Secrets and Keys are stored

I'm pretty sure that most of you heard about Azure Key Vault. If not I recommend to take a look over this page that describes in details how Azure Key Vault helps us as a safeguard for our application secrets and cryptographic keys (like certificates).

Scope
The main scope of this post is to take a look on how our secrets are stored. This is important because there are keys that cannot be recovered once generated or stored and we might end up without keys in the case we lose them.

What is HSM?
HSM is an acronym for Hardware Security Module. It is a physical device that can manage digital keys by providing cryptographic capabilities. HSM is playing the role of a safeguard by offering cryptographic capabilities directly by the hardware.

Is the tuple <keys, secrets> stored inside HSM?

No, there is no need to store this information in HSM. Secrets are stored outside the HSM, but they are encrypted using a key chain that terminates inside the HSM.
An analogy related to key chains an…