投稿時間:2021-02-03 03:30:42 RSSフィード2021-02-03 03:00 分まとめ(35件)

カテゴリー等 サイト名等 記事タイトル・トレンドワード等 リンクURL 頻出ワード・要約等/検索ボリューム 登録日
AWS AWS Open Source Blog Configuring Grafana Cloud Agent for Amazon Managed Service for Prometheus https://aws.amazon.com/blogs/opensource/configuring-grafana-cloud-agent-for-amazon-managed-service-for-prometheus/ Configuring Grafana Cloud Agent for Amazon Managed Service for PrometheusThe Grafana Cloud Agent is a lightweight alternative to running a full Prometheus server It keeps the necessary parts for discovering and scraping Prometheus exporters and sending metrics to the backend which in this case is the Amazon Managed Service for Prometheus AMP removing subsystems such as the storage query and alerting engines Grafana Cloud … 2021-02-02 17:22:30
AWS AWS Open Source Blog AWS Distro for OpenTelemetry adds partner exporters for metrics and traces https://aws.amazon.com/blogs/opensource/aws-distro-for-opentelemetry-adds-partner-exporters-for-metrics-and-traces/ AWS Distro for OpenTelemetry adds partner exporters for metrics and tracesToday s release of AWS Distro for OpenTelemetry ADOT adds support for four more partner monitoring solutionsーDatadog Dynatrace New Relic and Splunkーenabling customers to send correlated metrics and traces using OpenTelemetry These partner exporters are available now in addition to exporters for AWS monitoring services such as Amazon CloudWatch AWS X Ray and Amazon Managed Service … 2021-02-02 17:17:32
AWS AWS Security Blog Over 40 services require TLS 1.2 minimum for AWS FIPS endpoints https://aws.amazon.com/blogs/security/over-40-services-require-tls-1-2-minimum-for-aws-fips-endpoints/ Over services require TLS minimum for AWS FIPS endpointsIn a March blog post we told you about work Amazon Web Services AWS was undertaking to update all of our AWS Federal Information Processing Standard FIPS endpoints to a minimum of Transport Layer Security TLS across all AWS Regions Today we re happy to announce that over services have been updated and … 2021-02-02 17:47:30
AWS AWS Security Blog Over 40 services require TLS 1.2 minimum for AWS FIPS endpoints https://aws.amazon.com/blogs/security/over-40-services-require-tls-1-2-minimum-for-aws-fips-endpoints/ Over services require TLS minimum for AWS FIPS endpointsIn a March blog post we told you about work Amazon Web Services AWS was undertaking to update all of our AWS Federal Information Processing Standard FIPS endpoints to a minimum of Transport Layer Security TLS across all AWS Regions Today we re happy to announce that over services have been updated and … 2021-02-02 17:47:30
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) ランダムに数字を出す方法 https://teratail.com/questions/320151?rss=all 課題 2021-02-03 02:52:48
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) Swift 透過pngをカメラロールに保存したい https://teratail.com/questions/320150?rss=all Swift透過pngをカメラロールに保存したいお世話になっておりますSwiftの基本的な画像保存メソッドUIImageWriteToSavedPhotosAlbumimageUIImagecompletionTargetAnycompletionSelectorSelectorcontextInfoUnsafeMutableRawPointerUIImageWriteToSavedPhotosAlbumUIImagenamed透過画像pngselfnilnilでは透過png画像を保存した際に透明のところが白塗りになってしまいます。 2021-02-03 02:51:51
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) 「もし特定の子オブジェクトが特定の親オブジェクトに付いていたら」というif文が書きたい https://teratail.com/questions/320149?rss=all 「もし特定の子オブジェクトが特定の親オブジェクトに付いていたら」というif文が書きたい「もし特定の子オブジェクトが特定の親オブジェクトに付いていたら」というif文が書きたいです。 2021-02-03 02:39:25
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) javaの実行結果について https://teratail.com/questions/320148?rss=all 2021-02-03 02:33:59
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) Arduinoを用いてタクトスイッチを1回押すと12VDCファンが1分間のみ駆動するプログラムと回路が作りたいです。 https://teratail.com/questions/320147?rss=all Arduinoを用いてタクトスイッチを回押すとVDCファンが分間のみ駆動するプログラムと回路が作りたいです。 2021-02-03 02:32:52
Ruby Rubyタグが付けられた新着投稿 - Qiita 【Ruby on Rails】gem "jsonapi-serializer"の基本的な使い方 https://qiita.com/m6mmsf/items/010dac048c9cd78ed59c 【RubyonRails】gemquotjsonapiserializerquotの基本的な使い方RailsAPIモードで開発をする際に、JSONを整形するためにjsonapiserializerというものを使用している。 2021-02-03 02:03:15
海外TECH Ars Technica Scalpers aren’t the main reason you can’t find a new console https://arstechnica.com/?p=1739073 console 2021-02-02 17:53:52
海外TECH Ars Technica Mass Effect Legendary Edition 4K remaster coming May 14 https://arstechnica.com/?p=1739039 citadel 2021-02-02 17:32:25
海外TECH Ars Technica Today’s best tech deals: AirPods Pro, Fitbit trackers, Lenovo ThinkPads, and more https://arstechnica.com/?p=1738703 games 2021-02-02 17:09:26
Apple AppleInsider - Frontpage News Apple hints at new 'Health Hardware' in recent job ad https://appleinsider.com/articles/21/02/02/apple-hints-at-new-health-hardware-in-recent-job-ad Apple hints at new x Health Hardware x in recent job adApple is working on producing more devices to improve the well being of its customers with a job advertisement for a managerial role mentioning the design and development of Apple branded Health Hardware products The Jobs at Apple listing for a Senior Engineer Project Manager for Health Technologies based in Cupertino is one of many Apple places on a regular basis to expand and renew its ever growing workforce Unusually the advertisement indicates it will be in the development of completely new products Spotted by MyHealthyApple the listing s summary advises it is for an EPM to lead the design and development of Apple branded Health Hardware products While there is no obvious mention of what these products would be there s also no mention of existing health related items such as Beddit and the Apple Watch which could mean it relates to completely new hardware Read more 2021-02-02 17:49:15
海外TECH Engadget In ‘Searchers’, looking for love on dating apps is a revealing journey https://www.engadget.com/searchers-dating-app-documentary-film-sundance-2021-174519299.html In Searchers looking for love on dating apps is a revealing journeyApps have taken over dating Gone is the stigma of using a service like Match com or OKCupid to find a partner ーnowadays finding someone via Tinder Bumble or Hinge is the norm Swiping mindlessly through potential lovers is so common we now do it 2021-02-02 17:45:19
海外TECH Engadget I wish Google showed more faith in Stadia https://www.engadget.com/google-stadia-studios-closure-173055505.html I wish Google showed more faith in StadiaYesterday Stadia Vice President and General Manager Phil Harrison announced that the studios Google built to make games for the cloud gaming service would close Jade Raymond the star producer that Google wooed to lead the effort would depart the 2021-02-02 17:30:55
海外TECH Engadget EA Sports is bringing back its college football game https://www.engadget.com/ea-sports-college-football-revival-172243205.html EA Sports is bringing back its college football gameEA Sports is once again ready for some College Football It confirmed it s reviving the franchise with a to the point tweet For those who never stopped believing EASPORTSCollegeFootball pic twitter com vDUYnbXEJーEA SPORTS EASPORTS February 2021-02-02 17:22:43
海外TECH Engadget Facebook bans account of TV network associated with Myanmar military https://www.engadget.com/facebook-bans-myawaddy-tv-station-171950609.html Facebook bans account of TV network associated with Myanmar militaryIn the aftermath of Monday s coup in Myanmar Facebook has banned the account of a prominent TV station associated with the country s military According to The Wall Street Journal the page had been active since at least early During that time 2021-02-02 17:19:50
海外TECH Engadget Instagram adds ‘recently deleted’ to protect your posts from hackers https://www.engadget.com/instagram-recently-deleted-hacked-accounts-170049660.html Instagram adds recently deleted to protect your posts from hackersInstagram s latest feature could help protect your post history from hackers The app is adding a new “recently deleted feature which adds an extra step before a post can be permanently removed from your account The feature is similar to the “rece 2021-02-02 17:00:49
Cisco Cisco Blog What’s New With Webex: Tools, Devices and Insights Designed for the Future of Work https://blogs.cisco.com/collaboration/whats-new-with-webex-tools-devices-and-insights-designed-for-the-future-of-work What s New With Webex Tools Devices and Insights Designed for the Future of WorkSee how Webex provides endless opportunities for x better than being there collaboration experiences empowering IT administrators to manage more effectively 2021-02-02 17:00:59
金融 金融庁ホームページ IOSCOによる最終報告書「個人投資家の苦情処理と補償制度」について掲載しました。 https://www.fsa.go.jp/inter/ios/20210128.html iosco 2021-02-02 17:10:00
海外ニュース Japan Times latest articles Japan defense official warns Myanmar coup could increase China’s influence in region https://www.japantimes.co.jp/news/2021/02/02/national/myanmar-coup-china-influence/ Japan defense official warns Myanmar coup could increase China s influence in regionMyanmar s army seized power Monday declaring a state of emergency and detained elected leader Aung San Suu Kyi along with other government officials 2021-02-03 02:49:53
ニュース BBC News - Home Captain Sir Tom Moore dies in hospital with coronavirus https://www.bbc.co.uk/news/uk-england-beds-bucks-herts-55881753 coronavirusthe 2021-02-02 17:41:15
ニュース BBC News - Home Covid-19: 'Critical' those in South African variant test areas stay at home https://www.bbc.co.uk/news/uk-55906365 health 2021-02-02 17:20:34
ニュース BBC News - Home Putin critic Navalny jailed in Russia https://www.bbc.co.uk/news/world-europe-55910974 novichok 2021-02-02 17:53:34
ニュース BBC News - Home Covid-19: Captain Sir Tom Moore dies, Scottish schools to return this month, and pandemic fashion https://www.bbc.co.uk/news/uk-55907092 coronavirus 2021-02-02 17:44:10
ニュース BBC News - Home UK finds more coronavirus cases with 'concerning' mutations https://www.bbc.co.uk/news/health-55900625 immune 2021-02-02 17:30:15
ニュース BBC News - Home Covid: France restricts AstraZeneca vaccine to under-65s https://www.bbc.co.uk/news/world-europe-55901957 elderly 2021-02-02 17:41:00
ニュース BBC News - Home Over one million pupils in England's schools https://www.bbc.co.uk/news/education-55906766 schools 2021-02-02 17:16:27
ニュース BBC News - Home Two FBI agents shot dead and three hurt during Florida raid https://www.bbc.co.uk/news/world-us-canada-55908105 abuse 2021-02-02 17:12:06
ニュース BBC News - Home Covid-19 in the UK: How many coronavirus cases are there in your area? https://www.bbc.co.uk/news/uk-51768274 cases 2021-02-02 17:34:19
ニュース BBC News - Home Covid: What are the UK's lockdown rules and when will they end? https://www.bbc.co.uk/news/explainers-52530518 lockdown 2021-02-02 17:38:50
ビジネス ダイヤモンド・オンライン - 新着記事 世界の凄腕投資家がやっている「株式銘柄」の選び方 - 機関投資家だけが知っている「予想」のいらない株式投資法 https://diamond.jp/articles/-/261068 株式投資 2021-02-03 02:50:00
ビジネス ダイヤモンド・オンライン - 新着記事 夢は忘れた頃に 叶うことが多いわ。 - 精神科医Tomyが教える 1秒で幸せを呼び込む言葉 https://diamond.jp/articles/-/260224 精神科医Tomyが教える秒で幸せを呼び込む言葉大人気シリーズ万部突破待望の第弾『精神科医Tomyが教える秒で幸せを呼び込む言葉』『精神科医Tomyが教える秒で悩みが吹き飛ぶ言葉』『精神科医Tomyが教える秒で不安が吹き飛ぶ言葉』もう大丈夫、私たちにはTomyがいる“言葉の精神安定剤で救われる人が続出「なくなった元気を一瞬でとり戻せる」仕事、生活、恋愛、人間関係……すべての悩みが解決するの言葉なるようになるのよ。 2021-02-03 02:45:00
GCP Cloud Blog The cloud trust paradox: 3 scenarios where keeping encryption keys off the cloud may be necessary https://cloud.google.com/blog/products/identity-security/3-scenarios-where-keeping-encryption-keys-off-the-cloud-may-be-necessary/ The cloud trust paradox scenarios where keeping encryption keys off the cloud may be necessaryAs we discussed in “The Cloud trust paradox To trust cloud computing more you need the ability to trust it less and hinted at in “Unlocking the mystery of stronger security key management there are situations where the encryption keys must be kept away from the cloud provider environment While we argue that these are rare they absolutely do exist Moreover when these situations materialize the data in question or the problem being solved is typically hugely important Here are three patterns where keeping the keys off the cloud may in fact be truly necessary or outweighs the benefits of cloud based key management Scenario The last data to go to the cloudAs organizations migrate data processing workloads to the cloud there usually is this pool of data “that just cannot go It may be data that is the most sensitive strictly regulated or the one with the toughest internal security control requirements Examples of such highly sensitive data vary by industry and even by company One global organization states that if they present the external key approach to any regulator in the world they would be expecting an approval due to their robust key custody processes Another organization was driven by their interpretation of PCI DSS and internal requirements to maintain control of their own master keys in FIPS level HSMs that they own and operate This means that risk compliance or policy reasons make it difficult if not impossible to send this data set to the public cloud provider for storage or processing This use case often applies to a large organization that is heavily regulated financial healthcare and manufacturing come to mind It may be data about specific “priority patients or data related to financial transactions of a specific kind  However the organization may be willing to migrate this data set to the cloud as long as it is encrypted and they have sole possession of the encryption keys Thus a specific decision to migrate may be made involving a combination of risk trust as well as auditor input Or customer key possession may be justified by customer interpretation of specific compliance mandates Now some of you may say “but we have data that really should never go to the cloud This may indeed be the case but there is also general acceptance that digital transformation projects require the agility of the cloud so an acceptable if not entirely agreeable solution must be found Scenario Regional regulations and concernsAs cloud computing evolves regional requirements are playing a larger role in how organizations migrate to the cloud and operate workloads in public cloud This scenario focuses on a situation where an organization outside of one country wants to use a cloud based in a different country but is not comfortable with the provider having access to encryption keys for all stored data Note that if the unencrypted data is processed in the same cloud the provider will access the data at one point anyhow  Some of these organizations may be equally uncomfortable with keys stored in any cryptographic device such as an HSM under logical or physical control of the cloud provider They reasonably conclude that such an approach is not really Hold Your Own Key HYOK  This may be due to issues with regulations they are subject to their government or all of the above Furthermore regulators in Europe Japan India Brazil and other countries are considering or strengthening mandates for keeping unencrypted data and or encryption keys within their boundaries Examples may include specific industry mandates such as TISAX in Europe that either state or imply that the cloud provider cannot have access to data under any circumstances that may necessitate not having any way for them to access the encryption keys  However preliminary data indicates that some may accept the models where the encryption keys are in a sole possession of a customer and located in their country and hence off the cloud provider premises while the encrypted data may be outside  Another variation is the desire to have the keys for each country specific data set in the respective country under the control of that country s personnel or citizens This may apply to banking data and will necessitate the encryption keys for each data set being stored in each country An example may be a bank that insists that all their encryption keys are stored under one particular mountain in Switzerland Yet another example covers the requirements whether regulatory or internal to have complete knowledge and control over administrators to the keys and a local audit log of all key access activity As Thomas Kurian states here “data sovereignty provides customers with a mechanism to prevent the provider from accessing their data approving access only for specific provider behaviors that customers think are necessary Examples of customer controls provided by Google Cloud include storing and managing encryption keys outside the cloud giving customers the power to only grant access to these keys based on detailed access justifications and protecting data in use With these capabilities the customer is the ultimate arbiter of access to their data Therefore this scenario allows organizations to utilize Google Cloud while keeping their encryption keys in the location of their choice under their physical and administrative control Scenario Centralized encryption key controlWith this use case there are no esoteric threats to discuss or obscure audit requirements to handle The focus here is on operational efficiency As Gartner recently noted the need to reduce the number of key management tools is a strong motivation for keep all the keys within one system to cover multiple cloud and on premise environments It may sound like a cliche but complexity is very much the enemy of security Multiple “centralized systems for any taskーbe it log management or encryption key managementーadd complexity and introduce new points for security to break In light of this a desire to use one system for a majority of encryption keys cloud or not is understandable Given that few organizations are cloud based today for workloads that require encryption the natural course of action is to keep all the keys on prem Additional benefits may stem from using the same vendor as an auxiliary access control and policy point A single set of keys reduces complexity and a properly implemented system with adequate security and redundancy outweighs the need to have multiple systems Another variant of this is a motivation to retain an absolute control over data processing by means of controlling the encryption key access After all if a client can push the button and instantly cut off the cloud provider from key access the data cannot possibly be accessed or stolen by anybody else Finally centralizing key management gives the cloud user a central location to enforce policies around access to keys and hence access to data at rest Next stepsTo summarize these scenarios truly call for encryption keys being both physically away from the cloud provider  away from their physical and administrative control This means that a customer managed HSM at the CSP location won t do  Please review Unlocking the mystery of stronger security key management for a broader review of key management in the cloud Assess your data risks in regards to attackers regulations geopolitical risks etc Understand the three scenarios discussed in this post and match your requirements to them Apply threat model thinking to your cloud data processing and see if you truly need to remove the keys from the cloud Review services covered by Google EKM and partners to deliver encryption key management for keeping the keys away from the cloud on premises Ionic Fortanix Thales etc 2021-02-02 17:30:00

コメント

このブログの人気の投稿

投稿時間:2021-06-17 22:08:45 RSSフィード2021-06-17 22:00 分まとめ(2089件)

投稿時間:2021-06-20 02:06:12 RSSフィード2021-06-20 02:00 分まとめ(3871件)

投稿時間:2021-06-17 05:05:34 RSSフィード2021-06-17 05:00 分まとめ(1274件)