only protection of bilateral IP connections
not protecting different data objects, but apis
unsuited for rapid change of data owners / new data channels
static design: build once, run forever
new requirements vs. security design
introduce security exceptions on change
trust perimeter has changed
fragmented information (flows) need protection
authn/authz must be possible everywhere
data objects governed by external/internal access policies (AP)
defines trust levels for data objects / smaller groups
fine grained access to objects possible
more insights means minimizing risk
Never trust, always verify
data object interactions main driver for future IT architecture
devices produce and consume data at the same time
respect different data owners per device
if one fails, all suffer!
business agility: enables your company to adapt and survive
switch to a different service provider is easy
change policies in days (rather than months)
enables data reduction and data economy
Legal
Economic
Environment
Social
Your Experience?
Tabelle
api gateways
versch. technische Komponenten & Einsatzzwecke
B2B Mesh
digital identities
dual encryption layer
attribute based access control
decentralized access delegation
... and more
stacked identities (realm / audience)
addressing hash based
DHT to protect metadata discovery
... and more
installed as a OS library
connect once, communicate globally
python / lua binding available
identity / data based routing
... and more
stay secure behind closed firewalls
standardized security measures
limit packet size / throughput
"blind broker" nodes
connects everything:
devices, edge, processes,
applications, users, enterprises
...
Cooperation, dialogue, contribution etc.
By Stephan Schwichtenberg
a short introduction to the neuropil messaging layer
