Kategorie: security
-
Novel ways of providing identity to automated cross-cloud processes – Workload Identity Federation and SPIFFE
Growing cybercriminal activities let to a boom of access rights solutions for user access to data and systems. Recently they have been even more augmented by provisioning of hardware FIDO2 based tokens (available also as open source, such as Nitrokey) to ensure the identity of a user and then being able to provide the right…
-
Provenance for Data, AI Model and Software Artifacts – Combining OIDC and short-lived private keys
Provenance (Wikipedia) is an important concept in information technology: It essentially says that a digital artefact, such as a dataset, an AI model or software, meets the expectations of the artifact consumer. Expectations can be of different nature, for instance, it can describe how it was generated, that it has been subject to certain automated…