180 likes | 413 Views
Building Multi-tenant Highly Secured Applications on .NET for any Cloud - Demystified
E N D
Building Multi-tenant Highly Secured Applications on .NET for any Cloud - Demystified 26-Jun-2013 www.techcello.com (A Division of Asteor Software Inc)
Housekeeping Instructions • All phones are set to mute. If you have any questions, please type them in the Chat window located beside the presentation panel. • We have already received several questions from the registrants, which will be answered by the speakers during the Q & A session. • We will continue to collect more questions during the session as we receive and will try to answer them during today’s session. • In case if you do not receive answers to your question today, you will certainly receive answers via email shortly. • Thanks for your participation and enjoy the session!
Techcello Introduction • Cloud Ready, SaaS/Multi-Tenant Application Development Framework • Provides end-end SaaS Lifecycle Management Solution • Redefines the way enterprise softwares are built and managed • Saves anywhere between 30-50% of time and cost
Speaker Profiles • 14+ years of experience in architecting cloud and SaaS solutions for both ISVs and Enterprises • Chief architect in designing and constructing CelloSaaS framework • Plays consultative role with customers in implementing technical solutions • One of the top 10 enterprise technologists in the world • Has authored more than 6 books on computing and dozens of published articles • Twenty years experience in developing, managing and deploying large scale technology systems, business processes, and strategies
Security in Multi-Tenancy Protection of information. It deals with the prevention and detection of unauthorized actions and ensuring confidentiality, integrity of data. • Tenant data isolation • RBAC – Prevent unauthorized action • Data security • Web related top threats as per OWASP • Security Audit trail
Tenant Data Isolation • Database Routing Based On Tenant • Application Layer Auto Tenant Filter • Tenant Based View Filter
OWASP – TOP 10 Threats 2013 • A1 Injection • A2 Broken Authentication and Session Management (was formerly A3) • A3 Cross-Site Scripting (XSS) (was formerly A2) • A4 Insecure Direct Object References • A5 Security Misconfiguration (was formerly A6) • A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection) • A7 Missing Function Level Access Control (renamed/broadened from former A8 Failure to Restrict URL Access) • A8 Cross-Site Request Forgery (CSRF) (was formerly A5) • A9 Using Known Vulnerable Components (new but was part of former A6 – Security Misconfiguration) • A10 Unvalidated Redirects and Forwards
Cello Stack – At a Glance How does it work? Administrative Modules Tenant Provisioning Licensing Metering Billing Data Backup Security Modules User Management Role/Privilege Mgmt. Single Sign-on Dynamic Data Scope Auditing Configurability Modules Custom Fields Custom LoV Settings Template Themes & Logo Pre & Post Processors Enterprise Engines Integration Modules Business Rules Workflow Dynamic Forms Events Notification Templates Ad-hoc Builders Productivity Boosters Query Chart Reports Code Templates Master Data Mgmt. Forms Generation Application Multi-Tenancy & Tenant Data Isolation Cello Cloud Adapters Cloud Ready, Multi-Tenant Application Development Framework
Thank You Contact Details JothiRengarajan(jothi.r@techcello.com) James McGovern (james.mcgovern@hp.com) Reference URLs Web : http://www.techcello.com ROI Calculator : http://www.techcello.com/techcello-roi-calculator Demo Videos : http://www.techcello.com/techcello-resources/techcello-product-demo SaaS e-Book: http://www.techcello.com/techcello-resources/techcello-resources-white-papers