Katherine Stanley is a Software Engineer on the microservices team for WebSphere Liberty. As a part of the Liberty team she has created samples to help developers get started with microservices and worked on the open source microservice project GameOn. Katherine has also given presentations and run workshops about microservices and GameOn at European conferences, including DevoxxUK and OSCon in London, and JFokus in Sweden. Katherine has been at IBM since 2014 and is based in the Hursley UK lab.
Moving to microservices requires a new mindset and approach to application design. This is particularly important when it comes to security as in a distributed world even calls from other parts of your application are vulnerable. Security is often discussed in an abstract context and as there are so many existing standards it's difficult to know what methods are appropriate and when to use them. This session will use the text-based microservice adventure Game On! to discuss security in a real-world scenario. It will introduce the security considerations in a microservice environment and the choices we made to secure our application. You will learn how to utilise industry-wide standards such as OAuth2, OpenID Connect and other social sign-on methods and what we have done to work towards dev/production parity.