Published: Jun 09, 2019 Tags: blockchain, security Category: Engineering This year, I worked on a project and the topic for me is cyber security for blockchain in Oil and Gas industry. It was really good experience since I got the chance to think through this topic and deliver research report to client. Both cyber …

Published: April 19, 2019 Tags: security, cloud Category: Engineering Cyber Security is important aspect to digital transformation. To use Azure well, the understanding of the security building blocks is crucial. https://docs.microsoft.com/en-us/azure/security/azure-security-getting-started Security Basics Every …

Published: Mar 14, 2018 Tags: security Category: Engineering Authentication and Authorization are two relevant but different concepts, which causes confusion sometimes. Both of them are important for SaaS solution. This blog explains the basic of these two concepts. Single sign on In classic intranet scenarios, …

Published: Feb 26, 2018 Tags: blockchain, security Category: Engineering This blog explain the potential scenarios of blockchain usage. The content comes from good articles on web. 分布式数字货币系统 现实生活中常用的纸币具备良好的可转移性，可以相对容易地完成价值的交割。 但是对于数字货币来说，数字化内容容易被复制，数字货币的持有人可以将同一份货币发给多个接受者，这种攻击称为“双重支付攻击”。 中心化控制下，数字货币的实现相对容易。 但是，很多时候很难找到 …

Published: Jan 24, 2018 Tags: security Category: Engineering Hypertext Transfer Protocol Secure (HTTPS) is a safer version of HTTP, which is the communications protocol of the World Wide Web. An HTTPS session is encrypted using either the SSL protocol (Secure Socket Layer) or TLS protocol (Transport Layer Security) and …

Published: Jan 07, 2018 Tags: security Category: Engineering Cryptography is the core part of security, this blog introduces the basic concepts in cryptography and uses .NET as code example. Randomness System.Random and its problems System.Random is a pseudo random number generator A seed value is passed into the …

Published: Sep 06, 2017 Tags: blockchain, security Category: Engineering Blockchain is the technology behind Bitcoin, this blog introduce what the Blockchain is. What is Blockchain Blockchain is a distributed ledger system which makes the transactions transparent and anonymous. By doing this, Blockchain brings a secure …

Published: Jul 09, 2017 Tags: security Category: Engineering OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0; while OAuth 2.0 is an authorization framework. The standard is controlled by the OpenID Foundation. This blog post will go through an example to use your google account to login a Node.js …

Published: Jul 05, 2017 Tags: security Category: Engineering The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications and APIs that can be trusted. The goal of the Top 10 project is to raise awareness about application …

Published: May 07, 2017 Tags: security Category: Engineering With more and more data and software go to internet, the security becomes crucial for software development. OWASP (Open Web Application Security Project) lists top 10 security risks: Injection Broken Authentication and session management Cross-site scripting …