I am looking for sample Corda code (kotlin/java) for permissioning. Please let me know if you have any pointer. Thank you.
Corda is built on open standards, for network membership it relies on standard PKIX infrastructure for connecting public keys to identities (the identity of a node is an X.500 name). Please take a look at the ‘Network Permissioning’ section of the docs - you can use standard tools and procedures to manually create, sign and distribute certificates to Corda nodes.
For production deployments of Corda please plan to use Corda Enterprise - this will give you HA, DR, performance and other enterprise capabilities as well as enterprise-grade Doorman.
Related
Implement ABAC Access Control for the Openstack in C# to apply it in real enviroment.
/etc/keystone.conf and XACML policy write ...
Yes, ABAC can be applied in an OpenStack cloud environment. Unfortunately, since we don't have much information about what you are trying to achieve, I can only speak in generalities.
C# is a supported programming language for SDKs for XACML implementations, such as the company I work for, Axiomatics.
OpenStack can be used with certain API gateways that would allow fine grain access control/ ABAC. While I don't have much OpenStack experience, I suggest reading about Trio2o and IBM® OpenStack based on my searches. Any API Gateway with sufficient features will do the track though.
Is it possible to deploy Azure Face API trained model to IoT Edge like Custom Vision?
If it is, please answer me how to do that?
Updating this topic...
Now you can download a Docker Image with the Face API for running it on-premises.
Here you can find the documentation for testing this feature, that currently is in public preview.
Here you can see the list of all the Azure Cognitive Services that are available as Docker Containers.
This new feature basically is targeting enterprises that:
Are not willing or able to load all their data into the cloud for processing or storage;
Are subject to regulatory requirements on handling customer data;
Have data that they aren’t comfortable sharing and processing in a cloud, regardless of security;
Have weak bandwidth or disconnected environments with high latency and TPS issues.
Model export is not a feature supported by the Face API.
My understanding is that Corda uses a whitelist to control which Java libraries can be used as part of contract verification. This ensures that contract execution is deterministic.
Is there any way to customise this whitelist?
As of Corda V3, the deterministic sandbox for contract execution has not yet been implemented.
Ultimately, contracts executing in the sandbox will only have access to a subset of the Java standard libraries. However, the mechanism by which Corda will restrict access to other libraries - and whether nodes or network operators will be able to customise this set of available libraries - has not yet been determined.
Hi is Corda a recommended platform for Digital Identity? For a use-case of Account based-Certification. (i.e. i as a user store my certificates/Identity on the ledger and access it via a password/key where i would go through a node, at the same time to allow a specified certificate only to be seen by a specified party. Where the control is on the user/account level and not a node level. Which means i could specify which certificate/identities i would want to allow another organisation to access)
for blockchain technologies I understand that the data is duplicated across all nodes as long as the user have the key the user can access his own data even if the node is a newly joined node to the network.
As i understand also Corda doesn't support multiple identities on a single node as it is node basis. What will be the approach for this case using Corda platform?
first of all - Corda is not like Ethereum, Fabric and any other blockchain where all nodes store same common state. In Corda network nodes store only transactions and states they were participating in or observing. So its more peer-to-peer rather than broadcast.
Check here for more details:
https://docs.corda.net/key-concepts-ledger.html
From this perspective Corda is probably not the best candidate for public Identity network.
For solution about self-sovereign identity management I would recommend to have a look at something like Sovrin(Indy). You can use it to build app on top of the platform. Or just learn their design ;)
Corda may have sense in Identity context if there are different organisations and they exchange its members identity info for some reason. Then node will be Identity Manager and store info about people who gave it its credentials of any kind. So Identity will be mere state here, I think. Corda itself will play transport and storage role. Not a blockchain-style decentralized way at all but may be useful in some cases.
as a follow up to the twitter conversation here https://twitter.com/johannwalder/status/854791427871694848 is it possible to use our own encryption keys for the DocumentDB encryption at rest?
I have found the following answer "We are working on providing capabilities for customers to bring their own encryption keys." about storage service here https://learn.microsoft.com/en-us/azure/storage/storage-service-encryption but not sure if the same applies to DocumentDB as well.
Thank you!
Best regards,
Johann
Johann - DocumentDB is delivering "Encryption at Rest with Service Managed Keys." As PaaS service we have done all the heavy lifting of managing keys and keeping them secure. We have also worked with auditors to ensure we are PCI compliant as are customers using our service. I mention this because many customers ask for "Customer Managed Keys" as a proxy for meeting compliance requirements like PCI.
Happy to discuss any of the topics around Encryption At Rest (E#R) more in the coming ~week I'll be posting some detailed documentation. Until then ... happy computing and thanks for using Azure DocumentDB.
Anthony F. Voellm [Microsoft Developer]
For context I'm the lead developer delivering the Encryption at Rest feature for DocumentDB.