1 / 18

Techcello-hp-arch workshop

Techcello-hp-arch workshop

Diya
Download Presentation

Techcello-hp-arch workshop

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building Multi-tenant Highly Secured Applications on .NET for any Cloud - Demystified 26-Jun-2013 www.techcello.com (A Division of Asteor Software Inc)

  2. Housekeeping Instructions • All phones are set to mute. If you have any questions, please type them in the Chat window located beside the presentation panel. • We have already received several questions from the registrants, which will be answered by the speakers during the Q & A session. • We will continue to collect more questions during the session as we receive and will try to answer them during today’s session. • In case if you do not receive answers to your question today, you will certainly receive answers via email shortly. • Thanks for your participation and enjoy the session!

  3. Techcello Introduction • Cloud Ready, SaaS/Multi-Tenant Application Development Framework • Provides end-end SaaS Lifecycle Management Solution • Redefines the way enterprise softwares are built and managed • Saves anywhere between 30-50% of time and cost

  4. Speaker Profiles • 14+ years of experience in architecting cloud and SaaS solutions for both ISVs and Enterprises • Chief architect in designing and constructing CelloSaaS framework • Plays consultative role with customers in implementing technical solutions • One of the top 10 enterprise technologists in the world • Has authored more than 6 books on computing and dozens of published articles • Twenty years experience in developing, managing and deploying large scale technology systems, business processes, and strategies

  5. Security in Multi-Tenancy Protection of information. It deals with the prevention and detection of unauthorized actions and ensuring confidentiality, integrity of data. • Tenant data isolation • RBAC – Prevent unauthorized action • Data security • Web related top threats as per OWASP • Security Audit trail

  6. Tenant Data Isolation • Database Routing Based On Tenant • Application Layer Auto Tenant Filter • Tenant Based View Filter

  7. Role Based Access Control (RBAC)

  8. Role Based Access Control (RBAC)

  9. Role Based Access Control (RBAC)

  10. OWASP – TOP 10 Threats 2013 • A1 Injection • A2 Broken Authentication and Session Management (was formerly A3) • A3 Cross-Site Scripting (XSS) (was formerly A2) • A4 Insecure Direct Object References • A5 Security Misconfiguration (was formerly A6) • A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection) • A7 Missing Function Level Access Control (renamed/broadened from former A8 Failure to Restrict URL Access) • A8 Cross-Site Request Forgery (CSRF) (was formerly A5) • A9 Using Known Vulnerable Components (new but was part of former A6 – Security Misconfiguration) • A10 Unvalidated Redirects and Forwards

  11. OWASP – open web application security project

  12. Data Security – Data Storage

  13. Data Security – Sample Encryption Decryption Approach

  14. Data Security – Data Transit

  15. Security Audit

  16. Security Audit

  17. Cello Stack – At a Glance How does it work? Administrative Modules Tenant Provisioning Licensing Metering Billing Data Backup Security Modules User Management Role/Privilege Mgmt. Single Sign-on Dynamic Data Scope Auditing Configurability Modules Custom Fields Custom LoV Settings Template Themes & Logo Pre & Post Processors Enterprise Engines Integration Modules Business Rules Workflow Dynamic Forms Events Notification Templates Ad-hoc Builders Productivity Boosters Query Chart Reports Code Templates Master Data Mgmt. Forms Generation Application Multi-Tenancy & Tenant Data Isolation Cello Cloud Adapters Cloud Ready, Multi-Tenant Application Development Framework

  18. Thank You Contact Details JothiRengarajan(jothi.r@techcello.com) James McGovern (james.mcgovern@hp.com) Reference URLs Web : http://www.techcello.com ROI Calculator : http://www.techcello.com/techcello-roi-calculator Demo Videos : http://www.techcello.com/techcello-resources/techcello-product-demo SaaS e-Book: http://www.techcello.com/techcello-resources/techcello-resources-white-papers

More Related