What Is Secure Remote Password(SRP) Protocol and How to Use It

“Password” this crazy piece of string worth a lot, get a lot of attention but yet very hard to process & hide. Even with the multi-factor approach, it is crucial to design the first step right (which is what the user knows). It becomes increasingly harder for the software systems to securely authenticate their users, process the sensitive password in a right & secure way. One of the most common approaches is, Password Hashing

November 21, 2019 · Ramesh Lingappan

Going Multi Regional in Google Cloud Platform

For a successful business, it is important to know who your customers are. Knowing your customers helps to understand your business better, build better versions of your ideas, and can make effective decisions for the successful long run. Everyone knows it right! When it comes to software infrastructure, it remains important. Knowing your customers greatly improves the performance of your application, makes it more resilient, after all, no one likes to wait for the response :)...

November 3, 2019 · Ramesh Lingappan

End to End Restful Api Development Using Openapi Specification

Learn how OpenAPI Specification (formerly known as swagger), a language-agnostic interface to write RESTful APIs which allows both humans and computers to understand the service capabilities. With the increasing number of adoption towards service-oriented architecture and for better integrations with external systems, it became a necessity to write Restful APIs for our services. While building so we might often find several challenges such as, Standard & Consistent API design Better documentation Client Libraries Playground (better developer experience) So while writing APIs, we have to make sure it sticks to a standard design principle, update documentation (hosted elsewhere) and finally write client libraries (harder if you have to support multiple languages)....

October 23, 2019 · Ramesh Lingappan

How to secure and manage secrets using Google Cloud KMS

Let’s jump right in. We all know it’s a bad idea to store application secrets within our code. So why we are storing there it still? Let’s take an example. We could store those secrets in a file and add it to the gitignore so it’s not added to version control. But there are a couple of hurdles: How do we manage those secrets? What happens when the local copy is deleted?...

January 7, 2019 · Ramesh Lingappan

Best practices for building secure API Keys

We all know how valuable APIs are. They’re the gateway to exploring other services, integrating with them, and building great solutions faster. You might have built or are thinking of building APIs for other developers to use. An API needs some form of authentication to provide authorised access to the data it returns. There are several authentication standards available today such as API Keys, OAuth, JWT, etc. In this article, we’ll look at how to correctly manage API Keys to access APIs....

September 30, 2018 · Ramesh Lingappan