YoVDO

Lightweight Zero-Trust Network Implementation and Transition with Keycloak and NGINX

Offered By: Linux Foundation via YouTube

Tags

Zero Trust Security Courses Nginx Courses API Gateways Courses Kubernetes Security Courses Microservices Security Courses Keycloak Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a lightweight approach to implementing and transitioning to a zero-trust network using Keycloak and NGINX in this 27-minute conference talk presented by Yoshiyuki Tabata from Hitachi, Ltd. at a Linux Foundation event. Delve into underlying technologies such as JWT validation and OAuth MTLS (RFC 8705), and gain insights into Keycloak's role in the process. Learn about security boundary transition scenarios, including changing API Gateway to NGINX Ingress Controller and shifting security boundaries to per-service and per-pod levels. Discover techniques for achieving JWT validation for east-west traffic and examine potential chokepoints in the system. The talk concludes with a discussion on caching token introspection responses as a possible solution.

Syllabus

Intro
Session Overview (1/3)
Underlying technology 1.JWT validation
Underlying technology 2' - OAuth MTLS (RFC 8705)
What is Keycloak?
Security boundary transition scenario
Change API Gateway to NGINX Ingress Controller
Shift security boundary to per service
Shift security boundary to per pod
How to achieve JWT validation (east-west traffic)
Where is the chokepoint?
Option A: Cache token introspection responses
Summary


Taught by

Linux Foundation

Tags

Related Courses

Palo Alto Networks Security Operations Fundamentals
Palo Alto Networks via Coursera
AZ-500: Manage Identity and Access
Microsoft via Microsoft Learn
Zero Trust Security
Udacity
Microsoft 365 Fundamentals (MS-900) Cert Prep: 3 Security, Compliance, and Trust in Microsoft 365
LinkedIn Learning
ゼロトラストセキュリティ
Udemy