InfoQ Homepage Security Content on InfoQ
-
/articles/serverless-security/en/smallimage/logo-serverless-1519232528150.jpeg)
Serverless Security: What's Left to Protect?
This article aims to provide a broad understanding of security in the Serverless world. We'll consider the ways in which Serverless improves security, the areas where it changes security, and the security concerns it hurts.
-
/articles/gdpr-for-software-devs/en/smallimage/logo-gdpr-1512733845052.jpeg)
What Should Software Engineers Know about GDPR?
EU General Data Protection Regulation (GDPR) is moving out of the transition period next summer to become enforceable GDPR strongly emphasizes risk-based thinking; you take every step to mitigate privacy risks until the risks become something you can tolerate. As a software developer, this will affect you. This is what you need to know.
-
/articles/cryptocurrency-online-games/en/smallimage/logo-mobile-1511905955433.jpeg)
Cryptocurrency and Online Multiplayer Games
The era of cryptocurrency opens new possibilities for game publishers and developers. However, it is not yet a fully-developed market and there are many things that should be taken into account before entering it. This article reviews the main pros and cons of entering this new and highly volatile field.
-
/articles/user-anonymity-twitter/en/smallimage/logo-ieee-1507791722409.jpg)
User Anonymity on Twitter
This article explores how it is possible to measure how many Twitter users adopted anonymous pseudonyms, the correlation between content sensitivity and user anonymity, and whether it would be possible to build automated classifiers that would detect sensitive Twitter accounts.
-
/articles/building-continuous-security-containers-deployment/en/smallimage/logo-small-1506666541458.jpg)
A 4-Step Guide to Building Continuous Security into Container Deployment
Containers face security risks at every stage, from building to shipping to the run-time production phases. Securing them requires a layered strategy throughout the stack and the deployment process.
-
/articles/cloud-data-auditing/en/smallimage/logo-ieee.jpeg)
Cloud Data Auditing Techniques with a Focus on Privacy and Security
The authors provide a guide to the current literature regarding comprehensive auditing methodologies. They not only identify and categorize the different approaches to cloud data integrity and privacy but also compare and analyze their relative merits. For example, their research lists the strengths and weaknesses of earlier work on cloud auditing, which allows researchers to design new methods.
-
/articles/smart-home-permission-models/en/smallimage/logo.jpg)
Security Implications of Permission Models in Smart-Home Application Frameworks
This article presents an analysis of a popular smart-home programming framework, SmartThings, which reveals that many smart-home apps are automatically overprivileged, leaving users at risk for remote attacks that can cause physical, financial, and psychological harm.
-
/articles/iot-programmable-world-roadmap/en/smallimage/article-logo.jpg)
A Roadmap to the Programmable World
The emergence of millions of remotely programmable devices in our surroundings will pose significant challenges for software developers. This article proposes a roadmap from today’s cloud-centric, data-centric Internet of Things systems to the Programmable World highlights those challenges that haven’t received enough attention yet.
-
/articles/jovanovic-norix-iot-blockchain/en/smallimage/crypto.jpg)
Philipp Jovanovic on NORX, IoT Security and Blockchain
In this interview, originally published on InfoQ France, Mathieu Bolla talks to Philipp Jovanovic, a Cryptographer at EPFL, about NORX, IoT Security and keeping yourself safe on-line, and Blockchain.
-
/articles/cloud-application-principles/en/smallimage/GettyImages-538362390-2.jpg)
Taking an Application-Oriented Approach to Cloud Adoption
Taking an infrastructure-centric approach to cloud adoption can lead to unrealized benefits. Architect Amit Kumar outlines eleven principles to consider when introducing cloud services into your architecture.
-
/articles/serverless-takes-devops-next-level/en/smallimage/GettyImages-545558628-copy.jpg)
Serverless Takes DevOps to the Next Level
Serverless doesn’t only supplement DevOps, but it goes beyond the current thinking on how IT organisations can achieve greater business agility. It’s geared towards the rapid delivery of business value and continuous improvement and learning, and as such has clear potential to drive substantial cultural change, even in organisations that have adopted DevOps culture and practices already.
-
/articles/security-cloud-cheslock/en/smallimage/LOGO-b.jpeg)
A Security Approach for a Cloudy World: An Interview with Pete Cheslock
Does your approach to application and data center security change when adopting cloud services? To learn more about this topic, InfoQ reached out to Pete Cheslock, head of operations and support teams at Threat Stack.