Showing posts from 2018

JVM Garbage Collection and Optimizations

Overview When troubleshooting systems for performance-related issues, memory optimizations are a place that needs a deep analysis of what each system stores in the memory, how long those are stored, and access patterns. This post is to keep a note on the background information and valuable points to note in such an effort, specific to Java-based implementations as a deep understanding of the JVM behaviors is very beneficial in the process.

Java language provides much convenience to the developers by taking care of the memory management to a great extent letting the focus be on the rest of the logic. Still having a good understanding of how Java does this underneath, rationalize several best practices we follow in Java implementations and help design the programs better and think seriously on some aspects that can later lead to memory leaks and system stability in the long run. Java Garbage Collector has a big role in this been responsible for freeing up memory by removing memory gar…

Authorization for a Multi-Cloud System

This is a project design I am currently working on to consume SPIFFE(Secure Production Identity Framework For Everyone) bootstrapped trust and identification to provide authorization in a dynamically scaling, heterogeneous system, inspired by Mr. Prabath Siriwardena from WSO2 and under the supervision of Prof. Gihan Dias from University of Moratuwa. An enterprise system running across multiple clouds, as in the hybrid cloud, is an obvious example that will be benefitted from this. The objective is to open doors for the SPIFFE standard based systems to co-exist with rest of the systems with minimal effort, without compromising on security aspects while having an authorization solution based on SPIFFE.
What is SPIFFE? In brief, it is a trust bootstrapping and identification framework, submitted as a standard and accepted by CNCF(Cloud Native Computing Foundation)[1]. As of now, this standard has two main implementations as SPIRE and Istio[2], a platform that supports service mesh archit…

How to Pick Best Stocks in Share Market

When thinking about investments, 3 things come to my mind, in the Sri Lankan context. Buy real state in a suburb or a town that is fast growingPut in a Fixed Deposit in a bankInvest in the stock market As the current FD rates are in the declining phase, it did not really come as a good option for me at the moment of writing this. Hence I thought to investigate a bit on investing in the share market as it doesn't really need a larger amount of money as to by property as in option 1.
Below is an insightful speech by the richest person in Sri Lanka, who is known as a business magnate, 'Mr. Dhammika Perera', explaining how he started with share market (while the overall speech highlights many important facts, he specifically talks about share market from 6minutes and 26 seconds. Speech is in Sinhalese).

One thing he said, captured me that do not enter a business if you do not know about it. He also emphasized that it's the knowledge we should seek, not money, which surpris…

Beyond PSD2 for a Better Open Banking Expereince

PSD2 is acting as a catalyst in the digital transformation happening in the Banking industry. While meeting the compliance requirements of PSD2, financial institutes are excited to make use of the new business models and opportunities opened by this laid foundation. More the customers and partners we can reach, more the business activities and more the revenue. Making the banking functions more accessible and reactive will be a key enabler to provide a seamless experience to these parties, including internal banking staff whom directly affects the business efficiency.
IAM plays a critical role in improving business accessibility without compromising the system boundaries. PSD2 mandates strong customer authentication(SCA), setting the bar high for user authenticity, while keeping few exemptions, not to bother payment services user(PSU) with SCA for every little transactions. While adhering to this policy will make an institute PSD2 complaint, if they can react fast to the fraud rates…