Engineering the Future of Software
April 2–3, 2017: Training
April 3–5, 2017: Tutorials & Conference
New York, NY

Security

Security is a longstanding problem in the software world, previously organized more by technology stack, and now, being viewed through a more language-agnostic and services-oriented lens. What do you protect? What frameworks and architectures are working for you? How do you test the strength of your architecture? How do you fix it when it doesn’t do the job? How do we deal with identity and privacy? How open should we be?

Add to your personal schedule
3:50pm–4:40pm Tuesday, April 4, 2017
Location: Beekman Parlor
Level: Intermediate
Robert Lefkowitz (Warby Parker)
Average rating: *****
(5.00, 4 ratings)
Many web frameworks consist of an application server that performs "business logic" and connects to a database. By design, they connect to the database with full access rights, defeating most database-enforced security. Robert Lefkowitz explains how using a two-tier architecture with modern databases enhances information security. Read more.
Add to your personal schedule
3:50pm–4:40pm Wednesday, April 5, 2017
Location: Beekman Parlor
Level: Intermediate
Alasdair Allan (Babilim Light Industries)
Average rating: ****.
(4.67, 6 ratings)
A review of the internet of things finds poor architectural choices, poor decisions, and poorly secured things. In the rush to connect devices to the internet, we have built devices with sloppy privacy and sloppy security. It can't continue. Alasdair Allan explains why our mistakes must inform future architectures before the internet of things becomes a threat to the internet itself. Read more.