Showing posts from April, 2012

Authorization for a Multi-Cloud System

This is a project design I am currently working on to consume SPIFFE(Secure Production Identity Framework For Everyone) bootstrapped trust and identification to provide authorization in a dynamically scaling, heterogeneous system, inspired by Mr. Prabath Siriwardena from WSO2 and under the supervision of Prof. Gihan Dias from University of Moratuwa. An enterprise system running across multiple clouds, as in the hybrid cloud, is an obvious example that will be benefitted from this. The objective is to open doors for the SPIFFE standard based systems to co-exist with rest of the systems with minimal effort, without compromising on security aspects while having an authorization solution based on SPIFFE.
What is SPIFFE? In brief, it is a trust bootstrapping and identification framework, submitted as a standard and accepted by CNCF(Cloud Native Computing Foundation)[1]. As of now, this standard has two main implementations as SPIRE and Istio[2], a platform that supports service mesh archit…

GSoC2012 with Apache Wookie

Today I got the news of the proposal I submitted to GSoC2012, is accepted. I consider it a great achievement and so excited to make the project a success. With the nature of the program it is no wonder anyone get excited about it. Firstly having the chance to work for a recognized company(In my case Apache) and the global reputation a gsocer can have is so motivational. Also getting started to work with a strange team, getting to know them, work remotely, add good experience to life and high professional value as I guess. It's amazing to work with the community. Also it is a great chance to broaden the horizons in technical skills while having guidance from an expert in the area, having hands on it.

Also I'm glad to share about my project, which is to implement 'W3C XML Digital Signatures for Widgets Specification in Apache Wookie. Computer Security has become the favorite field of me followed by Big data after my internship at WSO2 Lanka(pvt) Ltd, with experience I had …