Better IPSec Security Association Resolution - Netconf 2006 Tokyo

•

1 gostou•378 visualizações

J

Better IPSec Security Association Resolution - Netconf 2006 Tokyo Presentation slides.

Better IPSec
Security Association Resolution

Netconf 2006
Tokyo

James Morris
jmorris@namei.org

Problem
a) Outbound packet
b) Security policy db entry match
c) No security association in kernel

●
Most of the time, we return EAGAIN to app or
drop packet if forwarding.
●
We kick the key manager, and usually have an
SA available for next packet.

Problem...
●
It actually kind of works for one case: blocking
sendmsg() of datagrams.
●
Process is scheduled in a loop until SA
resolved. See xfrm_lookup().
●
Does not work for connect(2), so ping and
many UDP apps just get EAGAIN.

Solution
●
General solution for all protocols and contexts:
– connect(2)
– sendmsg(2)
– forwarding path (tunnel endpoint)
– various kernel-generated packets
– blocking and non-blocking modes

Solution...
●
Ideally, we'd like connect(2) to follow Posix
semantics, for non-blocking this is:
– Return EINPROGESS first
– Return EALREADY until SA resolved
●
For non-blocking sockets in general, it'd be nice
to make sure poll(2) works as expected.
– even for datagram protocols, as IPSec adds a kind
of session underneath.

Solution...
●
sendmsg(2) should return EAGAIN for non-
blocking case
●
For tunnel end point, we probably need to
queue packets in a resolution queue.
●
This may also be useful for non-blocking socket
case.
●
Herbert has suggested larval dst to go with
larval SA.

Status
●
Current patch contains a lot of instrumentation
and some initial changes:
– Make connect(2) work for the blocking case,
hooking into ip_route_connect()
– Propagate new flags down to xfrm_lookup() to
control behavior:
●
Kick the key manager?
●
Sleep until resolved?

Ongoing work
●
Continue to develop code to handle all cases
and protocols
●
Probably involve some code consolidation
●
Determine how much of the problem to solve

Issues
●
Not clear on all of the use-cases for this:
– Opportunistic encryption
– Complex/large scale policy where pro-active SA
negotiation overhead would be too high
– Others?

Mais conteúdo relacionado

Destaque

Directions in SELinux Networking

Directions in SELinux Networking

Directions in SELinux Networking

VTI の中身

SmartCloud Enterprise: Using a SOCKS Proxy with VLANs

SmartCloud Enterprise: Using a SOCKS Proxy with VLANs

SmartCloud Enterprise: Using a SOCKS Proxy with VLANs

Mandatory Access Control Networking Update - Netonf 2006 Tokyo

Mandatory Access Control Networking Update - Netonf 2006 Tokyo

Mandatory Access Control Networking Update - Netonf 2006 Tokyo

Secure and Simple Sandboxing in SELinux

Secure and Simple Sandboxing in SELinux

Secure and Simple Sandboxing in SELinux

The networking industry has made good progress in the last few years on developing programmable interfaces and protocols for the control plane to enable a more dynamic and efficient infrastructure. Despite this progress, some parts of networking risk being left behind, most notably network management and configuration. The state-of-the-art in network management remains relegated to proprietary device interfaces (e.g., CLIs), imperative, incremental configuration, and lack of meaningful abstractions. We propose a framework for network configuration guided by software-defined networking principles, with a focus on developing common models of network devices, and common languages to describe network structure and policies. We also propose a publish/subscribe framework for next generation network telemetry, focused on streaming structured data from network elements themselves.

SDN in the Management Plane: OpenConfig and Streaming Telemetry

SDN in the Management Plane: OpenConfig and Streaming Telemetry

SDN in the Management Plane: OpenConfig and Streaming Telemetry

In his previous talk, Paul talked about getting your system to work with SELinux. This involved setting the security on your files and directories so that they worked with SELinux. However, many people have customised their Linux installs and want SELinux to do what they say, not the other way around. Sysadmins in particular are not 'run of the mill' users, and they have different requirements to what typically comes out of the box. Situations such as serving web pages from NFS shares or non-standard directories, or installing applications in custom locations, need specialised configuration of SELinux in order to make it work with your needs. This talk will deal with those situations. Fortunately for Sysadmins, much of the work in developing SELinux policies for Linux has focussed on their requirements. Paul will show you a few of the things behind the scenes that make your job as a Sysadmin much easier and safer with SELinux.

Slug 2009 06 SELinux For Sysadmins

Slug 2009 06 SELinux For Sysadmins

Slug 2009 06 SELinux For Sysadmins

Much has been written on SELinux, and a lot of it seems confusing. It's buzzword heavy, involves locking your computer up, has a strange new set of permissions that are obscure in architecture and silently fails where things used to just work. Why use it? Well, for most people, it's not actually that hard to understand. In this talk, Paul Wayper talks about how to make sense of what SELinux does, and how to keep it out of the way and get on with using your computer. In the process Paul will deal with the background to SELinux, what it's main aims are, and why you really do want it turned on.

SELinux for Everyday Users

SELinux for Everyday Users

SELinux for Everyday Users

Destaque (8)

Directions in SELinux Networking

Directions in SELinux Networking

Directions in SELinux Networking

VTI の中身

SmartCloud Enterprise: Using a SOCKS Proxy with VLANs

SmartCloud Enterprise: Using a SOCKS Proxy with VLANs

SmartCloud Enterprise: Using a SOCKS Proxy with VLANs

Mandatory Access Control Networking Update - Netonf 2006 Tokyo

Mandatory Access Control Networking Update - Netonf 2006 Tokyo

Mandatory Access Control Networking Update - Netonf 2006 Tokyo

Secure and Simple Sandboxing in SELinux

Secure and Simple Sandboxing in SELinux

Secure and Simple Sandboxing in SELinux

SDN in the Management Plane: OpenConfig and Streaming Telemetry

SDN in the Management Plane: OpenConfig and Streaming Telemetry

SDN in the Management Plane: OpenConfig and Streaming Telemetry

Slug 2009 06 SELinux For Sysadmins

Slug 2009 06 SELinux For Sysadmins

Slug 2009 06 SELinux For Sysadmins

SELinux for Everyday Users

SELinux for Everyday Users

SELinux for Everyday Users

Semelhante a Better IPSec Security Association Resolution - Netconf 2006 Tokyo

One Year of Porting - Post-mortem of two Linux/SteamOS launches

One Year of Porting - Post-mortem of two Linux/SteamOS launches

One Year of Porting - Post-mortem of two Linux/SteamOS launches

Leszek Godlewski

Anatomy of neutron from the eagle eyes of troubelshoorters

Anatomy of neutron from the eagle eyes of troubelshoorters

Anatomy of neutron from the eagle eyes of troubelshoorters

Single Packet Authorization - Slides English

Single Packet Authorization - Slides English

Single Packet Authorization - Slides English

Leandro Almeida

Webinar topic: Layer 7 Firewall on Mikrotik Presenter: Achmad Mardiansyah In this webinar series, We are discussing Network Security with Mikrotik Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback Check our schedule for future events: https://www.glcnetworks.com/en/schedule/ Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram Recording is available on Youtube https://youtu.be/Z0Akaksp0DA

Layer 7 Firewall on Mikrotik

Layer 7 Firewall on Mikrotik

Layer 7 Firewall on Mikrotik

Linux Network Stack

Linux Network Stack

Linux Network Stack

Fast dynamic analysis, Kostya Serebryany

Fast dynamic analysis, Kostya Serebryany

Fast dynamic analysis, Kostya Serebryany

20 мая 2011, научный семинар Константин Серебряный "Быстрый динамичекский анализ программ на примере поиска гонок (data races)" Доклад посвящен динамическому анализу программ и, в частности, поиску гонок (data races). В рамках семинара будут рассмотрены следующие темы: • Динамический анализ программ. Введение в теорию поиска гонок. Анализ потока событий программы. Требования по производительности. • Базовый алгоритм инструмента ThreadSanitizer. Анализ производительности или почему алгоритм медленный? • Ускорение и параллелизация базового алгоритма ThreadSanitizer. • War stories: опыт внедрения регулярного тестирования для поиска гонок в Google Russia.

Константин Серебряный "Быстрый динамичекский анализ программ на примере поиск...

Константин Серебряный "Быстрый динамичекский анализ программ на примере поиск...

Константин Серебряный "Быстрый динамичекский анализ программ на примере поиск...

cachegrand is what happens when you throw in a mix a SIMD-accelerated hashtable — capable of performing parallel GET operations without locks or busy-wait loops (e.g. atomic operations) — with fibers, io_uring, your own I/O library, your own memory allocator, and an in-memory & on-disk time series database! Written in C, built from scratch, natively modular - currently working on Redis compatibility — it's a platform that can deliver very high QPS with low latencies for caching and data streaming with the door open to supporting business logic in Rust & WebAssembly down the line. This session will focus on developing techniques and OS components used highlighting how they can provide an extra boost to your platforms, no matter the programming language.

cachegrand: A Take on High Performance Caching

cachegrand: A Take on High Performance Caching

cachegrand: A Take on High Performance Caching

UWE Linux Boot Camp 2007: Hacking embedded Linux on the cheap

UWE Linux Boot Camp 2007: Hacking embedded Linux on the cheap

UWE Linux Boot Camp 2007: Hacking embedded Linux on the cheap

延伸Linux关键业务到双活高速NVMe-oF存储-OpenInfraDays-China2018

延伸Linux关键业务到双活高速NVMe-oF存储-OpenInfraDays-China2018

延伸Linux关键业务到双活高速NVMe-oF存储-OpenInfraDays-China2018

Roger Zhou 周志强

SREcon Europe 2016 - Full-mesh IPsec network at Hosted Graphite

SREcon Europe 2016 - Full-mesh IPsec network at Hosted Graphite

SREcon Europe 2016 - Full-mesh IPsec network at Hosted Graphite

Implementing efficient spinlocks in userspace is not possible yet in Linux, even after years of different approaches and proposed solutions.The main gap to achieve it is the lack of ABI providing an easy and low-overhead way to check if the current lock holder is running or not. In this session, we are going to present the problem, and to propose a solution for it using the restartable sequences infrastructure as means to expose the thread state to userspace in a cheap way, without requiring system calls. RFC: https://lore.kernel.org/lkml/20230529191416.53955-1-mathieu.desnoyers@efficios.com/ (c) Linux Plumbers Conference 2023 15-15 Nov Omni Richmond Hotel, Richmond, VA (US) https://lpc.events/event/17/page/198-lpc-2023-overview

Userspace adaptive spinlocks with rseq

Userspace adaptive spinlocks with rseq

Userspace adaptive spinlocks with rseq

Memory model

This presentation shows that code coverage guided fuzzing is possible in the context of network daemon fuzzing. Some fuzzers are blackbox while others are protocol aware. Even ones which are made protocol aware, fuzzer writers typically model the protocol specification and implement packet awareness logic in the fuzzer. Unfortunately, just because the fuzzer is protocol aware, it does not guarantee that sufficient code paths have been reached. The presentation deals with specific scenarios where the target protocol is completely unknown (proprietary) and no source code or protocol specs are accessible. The tool developed builds a feedback loop between the client and the server components using the concept of "gate functions". A gate function triggers monitoring. The pintool component tracks the binary code coverage for all the functions untill it reaches an exit gate. By instrumenting such gated functions, the tool is able to measure code coverage during packet processing.

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

Alexandre Moneger

Performance optimization techniques for Java code

Performance optimization techniques for Java code

Performance optimization techniques for Java code

pfSense 2.2 Preview - pfSense Hangout November 2014

pfSense 2.2 Preview - pfSense Hangout November 2014

pfSense 2.2 Preview - pfSense Hangout November 2014

Snap - the universal packaging format for linux distros

Snap - the universal packaging format for linux distros

Snap - the universal packaging format for linux distros

Ceph Day Melbourne - Troubleshooting Ceph

Ceph Day Melbourne - Troubleshooting Ceph

Ceph Day Melbourne - Troubleshooting Ceph

BlackHat 2009 - Hacking Zigbee Chips (slides)

BlackHat 2009 - Hacking Zigbee Chips (slides)

BlackHat 2009 - Hacking Zigbee Chips (slides)

Streaming huge databases using logical decoding

Streaming huge databases using logical decoding

Streaming huge databases using logical decoding

Alexander Shulgin

Semelhante a Better IPSec Security Association Resolution - Netconf 2006 Tokyo (20)

One Year of Porting - Post-mortem of two Linux/SteamOS launches

One Year of Porting - Post-mortem of two Linux/SteamOS launches

One Year of Porting - Post-mortem of two Linux/SteamOS launches

Anatomy of neutron from the eagle eyes of troubelshoorters

Anatomy of neutron from the eagle eyes of troubelshoorters

Anatomy of neutron from the eagle eyes of troubelshoorters

Single Packet Authorization - Slides English

Single Packet Authorization - Slides English

Single Packet Authorization - Slides English

Layer 7 Firewall on Mikrotik

Layer 7 Firewall on Mikrotik

Layer 7 Firewall on Mikrotik

Linux Network Stack

Linux Network Stack

Linux Network Stack

Fast dynamic analysis, Kostya Serebryany

Fast dynamic analysis, Kostya Serebryany

Fast dynamic analysis, Kostya Serebryany

Константин Серебряный "Быстрый динамичекский анализ программ на примере поиск...

Константин Серебряный "Быстрый динамичекский анализ программ на примере поиск...

Константин Серебряный "Быстрый динамичекский анализ программ на примере поиск...

cachegrand: A Take on High Performance Caching

cachegrand: A Take on High Performance Caching

cachegrand: A Take on High Performance Caching

UWE Linux Boot Camp 2007: Hacking embedded Linux on the cheap

UWE Linux Boot Camp 2007: Hacking embedded Linux on the cheap

UWE Linux Boot Camp 2007: Hacking embedded Linux on the cheap

延伸Linux关键业务到双活高速NVMe-oF存储-OpenInfraDays-China2018

延伸Linux关键业务到双活高速NVMe-oF存储-OpenInfraDays-China2018

延伸Linux关键业务到双活高速NVMe-oF存储-OpenInfraDays-China2018

SREcon Europe 2016 - Full-mesh IPsec network at Hosted Graphite

SREcon Europe 2016 - Full-mesh IPsec network at Hosted Graphite

SREcon Europe 2016 - Full-mesh IPsec network at Hosted Graphite

Userspace adaptive spinlocks with rseq

Userspace adaptive spinlocks with rseq

Userspace adaptive spinlocks with rseq

Memory model

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

Performance optimization techniques for Java code

Performance optimization techniques for Java code

Performance optimization techniques for Java code

pfSense 2.2 Preview - pfSense Hangout November 2014

pfSense 2.2 Preview - pfSense Hangout November 2014

pfSense 2.2 Preview - pfSense Hangout November 2014

Snap - the universal packaging format for linux distros

Snap - the universal packaging format for linux distros

Snap - the universal packaging format for linux distros

Ceph Day Melbourne - Troubleshooting Ceph

Ceph Day Melbourne - Troubleshooting Ceph

Ceph Day Melbourne - Troubleshooting Ceph

BlackHat 2009 - Hacking Zigbee Chips (slides)

BlackHat 2009 - Hacking Zigbee Chips (slides)

BlackHat 2009 - Hacking Zigbee Chips (slides)

Streaming huge databases using logical decoding

Streaming huge databases using logical decoding

Streaming huge databases using logical decoding

Mais de James Morris

Unix was not designed with security primarily in mind. It was initially developed in the late 1960s -- before the Internet was invented. While relatively simple, the Unix security model is inadequate for protecting against common security threats. Its designers identified fundamental design flaws over thirty years ago. As Linux is modeled on Unix, it inherits this traditional Unix security model. Meeting modern security requirements has required significant enhancements to Linux, which are ongoing, but well-advanced. While many new security ideas have emerged, Linux developers have necessarily been constrained by decades of operating system standards and conventions. Aimed at admins, developers and technical managers, the talk will cover: * The historical context of Linux security * Modern security OS requirements * How these requirements are being addressed (or not) by various enhancements made to Linux security * Areas of ongoing and future work. We'll also consider how FOSS culture contributes to security.

Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats

Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats

Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats

Adding Extended Attribute Support to NFS

Adding Extended Attribute Support to NFS

Adding Extended Attribute Support to NFS

Linux Kernel Security Overview - KCA 2009

Linux Kernel Security Overview - KCA 2009

Linux Kernel Security Overview - KCA 2009

sVirt: Hardening Linux Virtualization with Mandatory Access Control

sVirt: Hardening Linux Virtualization with Mandatory Access Control

sVirt: Hardening Linux Virtualization with Mandatory Access Control

Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...

Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...

Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...

OLPC Networking Overview

OLPC Networking Overview

OLPC Networking Overview

Cryptographic Hardware Support for the Linux Kernel - Netconf 2004

Cryptographic Hardware Support for the Linux Kernel - Netconf 2004

Cryptographic Hardware Support for the Linux Kernel - Netconf 2004

Kernel Security for 2.8 - Kernel Summit 2004

Kernel Security for 2.8 - Kernel Summit 2004

Kernel Security for 2.8 - Kernel Summit 2004

How and Why You Should Become a Kernel Hacker - FOSS.IN/2007

How and Why You Should Become a Kernel Hacker - FOSS.IN/2007

How and Why You Should Become a Kernel Hacker - FOSS.IN/2007

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

SELinux Kernel Internals and Architecture - FOSS.IN/2005

SELinux Kernel Internals and Architecture - FOSS.IN/2005

SELinux Kernel Internals and Architecture - FOSS.IN/2005

Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)

Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)

Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)

Mais de James Morris (12)

Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats

Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats

Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats

Adding Extended Attribute Support to NFS

Adding Extended Attribute Support to NFS

Adding Extended Attribute Support to NFS

Linux Kernel Security Overview - KCA 2009

Linux Kernel Security Overview - KCA 2009

Linux Kernel Security Overview - KCA 2009

sVirt: Hardening Linux Virtualization with Mandatory Access Control

sVirt: Hardening Linux Virtualization with Mandatory Access Control

sVirt: Hardening Linux Virtualization with Mandatory Access Control

Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...

Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...

Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...

OLPC Networking Overview

OLPC Networking Overview

OLPC Networking Overview

Cryptographic Hardware Support for the Linux Kernel - Netconf 2004

Cryptographic Hardware Support for the Linux Kernel - Netconf 2004

Cryptographic Hardware Support for the Linux Kernel - Netconf 2004

Kernel Security for 2.8 - Kernel Summit 2004

Kernel Security for 2.8 - Kernel Summit 2004

Kernel Security for 2.8 - Kernel Summit 2004

How and Why You Should Become a Kernel Hacker - FOSS.IN/2007

How and Why You Should Become a Kernel Hacker - FOSS.IN/2007

How and Why You Should Become a Kernel Hacker - FOSS.IN/2007

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

SELinux Kernel Internals and Architecture - FOSS.IN/2005

SELinux Kernel Internals and Architecture - FOSS.IN/2005

SELinux Kernel Internals and Architecture - FOSS.IN/2005

Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)

Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)

Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)

Último

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

Platformless Horizons for Digital Adaptability

Platformless Horizons for Digital Adaptability

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Retrieval augmented generation (RAG) is the most popular style of large language model application to emerge from 2023. The most basic style of RAG works by vectorizing your data and injecting it into a vector database like Milvus for retrieval to augment the text output generated by an LLM. This is just the beginning. One of the ways that we can extend RAG, and extend AI, is through multilingual use cases. Typical RAG is done in English using embedding models that are trained in English. In this talk, we’ll explore how RAG could work in languages other than English. We’ll explore French, Chinese, and Polish.

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Último (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Platformless Horizons for Digital Adaptability

Platformless Horizons for Digital Adaptability

Platformless Horizons for Digital Adaptability

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Better IPSec Security Association Resolution - Netconf 2006 Tokyo

1. Better IPSec Security Association Resolution Netconf 2006 Tokyo James Morris jmorris@namei.org

2. Problem a) Outbound packet b) Security policy db entry match c) No security association in kernel ● Most of the time, we return EAGAIN to app or drop packet if forwarding. ● We kick the key manager, and usually have an SA available for next packet.

3. Problem... ● It actually kind of works for one case: blocking sendmsg() of datagrams. ● Process is scheduled in a loop until SA resolved. See xfrm_lookup(). ● Does not work for connect(2), so ping and many UDP apps just get EAGAIN.

4. Solution ● General solution for all protocols and contexts: – connect(2) – sendmsg(2) – forwarding path (tunnel endpoint) – various kernel-generated packets – blocking and non-blocking modes

5. Solution... ● Ideally, we'd like connect(2) to follow Posix semantics, for non-blocking this is: – Return EINPROGESS first – Return EALREADY until SA resolved ● For non-blocking sockets in general, it'd be nice to make sure poll(2) works as expected. – even for datagram protocols, as IPSec adds a kind of session underneath.

6. Solution... ● sendmsg(2) should return EAGAIN for non- blocking case ● For tunnel end point, we probably need to queue packets in a resolution queue. ● This may also be useful for non-blocking socket case. ● Herbert has suggested larval dst to go with larval SA.

7. Status ● Current patch contains a lot of instrumentation and some initial changes: – Make connect(2) work for the blocking case, hooking into ip_route_connect() – Propagate new flags down to xfrm_lookup() to control behavior: ● Kick the key manager? ● Sleep until resolved?

8. Ongoing work ● Continue to develop code to handle all cases and protocols ● Probably involve some code consolidation ● Determine how much of the problem to solve

9. Issues ● Not clear on all of the use-cases for this: – Opportunistic encryption – Complex/large scale policy where pro-active SA negotiation overhead would be too high – Others?