Lightweight Zero-Trust Network Implementation and Transition with Keycloak and NGINX
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a lightweight approach to implementing and transitioning to a zero-trust network using Keycloak and NGINX in this 27-minute conference talk presented by Yoshiyuki Tabata from Hitachi, Ltd. at a Linux Foundation event. Delve into underlying technologies such as JWT validation and OAuth MTLS (RFC 8705), and gain insights into Keycloak's role in the process. Learn about security boundary transition scenarios, including changing API Gateway to NGINX Ingress Controller and shifting security boundaries to per-service and per-pod levels. Discover techniques for achieving JWT validation for east-west traffic and examine potential chokepoints in the system. The talk concludes with a discussion on caching token introspection responses as a possible solution.
Syllabus
Intro
Session Overview (1/3)
Underlying technology 1.JWT validation
Underlying technology 2' - OAuth MTLS (RFC 8705)
What is Keycloak?
Security boundary transition scenario
Change API Gateway to NGINX Ingress Controller
Shift security boundary to per service
Shift security boundary to per pod
How to achieve JWT validation (east-west traffic)
Where is the chokepoint?
Option A: Cache token introspection responses
Summary
Taught by
Linux Foundation
Tags
Related Courses
Palo Alto Networks Security Operations FundamentalsPalo Alto Networks via Coursera AZ-500: Manage Identity and Access
Microsoft via Microsoft Learn Zero Trust Security
Udacity Microsoft 365 Fundamentals (MS-900) Cert Prep: 3 Security, Compliance, and Trust in Microsoft 365
LinkedIn Learning ゼロトラストセキュリティ
Udemy