Huabing Blog

微服务安全沉思录之三

外部系统访问控制

一些外部的第三方系统可能需要访问系统内部的微服务。例如在网上商店的例子中，外部的推荐服务可能需要接入系统，以获取商店的商品目录信息。相对于内部服务之间的访问而言，外部系统的访问需要进行严格的安全控制。

Posted by "赵化冰" on Wednesday, May 23, 2018

微服务安全沉思录之二

服务间认证与鉴权

除来自用户的访问请求以外，微服务应用中的各个微服务相互之间还有大量的访问,根据应用系统数据敏感程度不同，对于系统内微服务的访问也需要进行相应的安全控制。

Posted by "赵化冰" on Wednesday, May 23, 2018

微服务安全沉思录之一

用户访问认证与鉴权

这段时间对之前微服务安全相关的一些想法进行了进一步总结和归纳，理清在之前文章里面没有想得太清楚的地方，例如服务间的认证与鉴权以及用户身份在服务调用链中的传递。在这一系列博客里面将分为三个部分对微服务安全进行系统阐述：用户访问认证与鉴权，服务间认证与鉴权，外部系统访问控制。

Posted by "赵化冰" on Wednesday, May 23, 2018

Istio Sidecar自动注入原理

Kubernetes webhook扩展机制解析

Kubernets 1.9版本引入了Admission Webhook(web 回调)扩展机制，通过Webhook,开发者可以非常灵活地对Kubernets API Server的功能进行扩展，在API Server创建资源时对资源进行验证或者修改。 Istio 0.7版本就利用了Kubernets webhook实现了sidecar的自动注入。

Posted by "赵化冰" on Wednesday, May 23, 2018

Programming Assignment: Scrooge Coin

Bitcoin and Cryptocurrency Technologies-Week 1

Finally, I got to the most exciting part of week 1 lectures-the programming assignment!

Posted by 赵化冰 on Sunday, May 20, 2018

Digital Signature and Public Key as Identities

Bitcoin and Cryptocurrency Technologies-Week 1

Some fundamental cryptographic technologies in Bitcoin: Asymmetic encryption(Public/Private key), Digital Signature, Digital Identity(Public key and Digital Certificate).

Posted by 赵化冰 on Tuesday, May 15, 2018

Hash Pointers and Data Structures

Bitcoin and Cryptocurrency Technologies-Week 1

Hash pointer is used to bulid some key data structures in cryptocurrency, such as Block chain and Merkel tree.

Posted by 赵化冰 on Saturday, May 12, 2018

Cryptographic Hash Function

Bitcoin and Cryptocurrency Technologies-Week 1

Hash function can produce a fixed lenght digest of any size of data, and the original data can not be found out if it's properly used.

Posted by 赵化冰 on Wednesday, May 9, 2018

Introduction to crypto and cryptocurrencies

Bitcoin and Cryptocurrency Technologies-Week 1

I have noticed the buzzwords “Bitcoin” and “Blockchain” for a while. There are lots of articles, news, and talks around them. It seems that many people believe that cryptocurrency is the future of online payment, some even claim that blockchain would become the fundamental technology of the next generation of the Internet.

Posted by 赵化冰 on Sunday, May 6, 2018

川西秘境探险

2018五一甘堡藏寨，九龙湖自驾游记

五一节前的一周内，几个朋友就纷纷坐不住了，一个二个不再安心上班，开始在微信群里讨论过节要到哪里耍。大家思来想去，最后决定还是去理县方向。因为根据多年自驾的经验，只要出了汶川，沿途都是风景。

Posted by 赵化冰 on Tuesday, May 1, 2018

CNCF Ambassador, engineer @tetrate.io, creator @Aeraki Mesh, open-source enthusiast, technical writer and life adventurer

QUICK LINKS

FEATURED TAGS

aeraki aeraki-mesh ambient-mesh api-gateway bitcoin blockchain cryptocurrency dubbo envoy envoy-gateway istio kubecon kubernetes metaprotocol microservice onap service-mesh

PUBLICATIONS