Secret management is a difficult problem in a distributed and scalable environment. Chef-vault is a Chef tool built on top of encrypted data bags that eliminates the need to share the decryption key with all users and nodes of an infrastructure.
At the Velocity Conference in Amsterdam, Alex Shoof explained how to manage secrets in a scalable and distributed environment. Shoof proposed a system based on five fundamental principles for secret management.
Facebook and Twitter have released SDKs for Apple tvOS to provide support for onboarding, user verification, and analytics.
Google has announced at I/O 2015 the Google Identity Platform, a collection of tools and APIs for managing identities and dealing with authentication and authorization across Android, iOS and web applications.
Firebase has this week announced major updates to its user authentication, including automatic session persistence, and rich authentication tokens for use in Security Rules.
Katana 3, now close to GA, comes with new security components providing OpenIDConnect and WSFederation support.
As part of launching an Enterprise Mobility Suite, Microsoft announced that Azure Active Directory Premium was set to hit General Availability. Microsoft Azure Active Directory Premium extends the free identity management and single sign-on service with additional group-management capabilities, rebranding options, security analytics, and more.
Amazon announced a number of new services at the recent re:invent conference in Las Vegas: Amazon WorkSpaces - Desktop Computing in the Cloud, Identity and Access Management using SAML, Amazon AppStream - Delivering Streaming Applications from the Cloud, Amazon Kinesis - Streaming Big Data, CloudTrail - Capturing AWS API Activity, Postgres support in RDS and new EC2 instance types
Apigee Edge now supports Node.js and has open sourced Volos, a project containing a set of API management modules.
The recently released Visual Studio 2013 includes new project templates with several improvements which enables developers to build projects and applications faster.
OAuth.io is an API and a service interfacing with more than 80 OAuth providers. This article contains an interview with Mehdi Medjaoui, Co-founder of OAuth.io, providing details on security, licensing and future developments.
Clef is like a retina scan for your smart phone, which gives a whole new meaning to Retina Display. You can use Clef as an Open ID to log in from your smart phone only once to access many different web sites when online. Rather than typing in your user ID and password for each web site.
Most applications these days require user management, authentication, and authorization from the beginning and even a minor mistake can be disastrous. To help developers focus more on what the application actually does, Stormpath is offering turnkey user management and authentication services. Using these services, applications can authenticate users via a single API call.
Microsoft recently announced preview of Multi-Factor Authentication in Windows Azure. This can be enabled for Windows Azure Management portal, Microsoft Online Services such as Office 365, as well as custom applications.