Dan North discusses the need to embrace uncertainty of scope, technology, effort and structure, expecting the unexpectable and anticipating ignorance.
Elonka Dunin reviews the CIA Kryptos’ history, going over the parts that have been solved, and discussing efforts to crack the famous unsolved section, K4.
Ganesh Prasad discusses the essentials of the loosely-coupled identity management approach called LIMA,
Mike Andrews discusses architecting for failure even you when don’t know what might fail.
John Hughes explains how Quviq tests embedded ECU software for AUTOSAR compliance using QuickCheck.
Vitaly Osipov shares 7 product security lessons learned at Atlassian related to why security incidents happen, what we would like to do about them and what can be done.
John Davies discusses passwords, the need for multiple passwords and password managers, and how OAuth is providing SSO for multiple sites, including an OAuth demo app for the iPhone.
Pratap Chilukuri explains what OAuth is and how it works, exemplifying using the protocol with an example.
Robert Winch explains how to secure a multi-tenant application with Spring Security and how to enable OAuth 2.
Mark Ryland presents and demoes identity and access management concepts as used in the cloud and EC2 security groups and packet networking inside the Amazon AWS.
Khawaja Shams presents how NASA’s JPL uses cloud computing, and evaluates some of the existing cloud computing myths in the MythBusters style.
Kunal Bhasin discusses in-memory and Big Data computing techniques used for the detection of banking fraud in real time.