Description:
Explore a lightweight approach to implementing and transitioning to a zero-trust network using Keycloak and NGINX in this 27-minute conference talk presented by Yoshiyuki Tabata from Hitachi, Ltd. at a Linux Foundation event. Delve into underlying technologies such as JWT validation and OAuth MTLS (RFC 8705), and gain insights into Keycloak's role in the process. Learn about security boundary transition scenarios, including changing API Gateway to NGINX Ingress Controller and shifting security boundaries to per-service and per-pod levels. Discover techniques for achieving JWT validation for east-west traffic and examine potential chokepoints in the system. The talk concludes with a discussion on caching token introspection responses as a possible solution.
Lightweight Zero-Trust Network Implementation and Transition with Keycloak and NGINX
Add to list
#Information Security (InfoSec)
#Cybersecurity
#Zero Trust Security
#Programming
#Web Development
#Nginx
#API Management
#API Gateways
#Computer Science
#DevOps
#Kubernetes
#Kubernetes Security
#Cloud Computing
#Microservices
#Microservices Security
#Identity and Access Management
#Keycloak
0:00 / 0:00