Lightweight Zero-Trust Network Implementation and Transition with Keycloak and NGINX
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a lightweight approach to implementing and transitioning to a zero-trust network using Keycloak and NGINX in this 27-minute conference talk presented by Yoshiyuki Tabata from Hitachi, Ltd. at a Linux Foundation event. Delve into underlying technologies such as JWT validation and OAuth MTLS (RFC 8705), and gain insights into Keycloak's role in the process. Learn about security boundary transition scenarios, including changing API Gateway to NGINX Ingress Controller and shifting security boundaries to per-service and per-pod levels. Discover techniques for achieving JWT validation for east-west traffic and examine potential chokepoints in the system. The talk concludes with a discussion on caching token introspection responses as a possible solution.
Syllabus
Intro
Session Overview (1/3)
Underlying technology 1.JWT validation
Underlying technology 2' - OAuth MTLS (RFC 8705)
What is Keycloak?
Security boundary transition scenario
Change API Gateway to NGINX Ingress Controller
Shift security boundary to per service
Shift security boundary to per pod
How to achieve JWT validation (east-west traffic)
Where is the chokepoint?
Option A: Cache token introspection responses
Summary
Taught by
Linux Foundation
Tags
Related Courses
Securing Microservices in ASP.NET CorePluralsight Microservices Security
Pluralsight Kubernetes Security: System Hardening
Pluralsight Anthos Service Mesh
Google via Qwiklabs [NEW] Master Microservices with SpringBoot,Docker,Kubernetes
Udemy