Modern apps are multi-components, and most data leaks are caused by poor architectural decisions.

We will take a deep look into data lifecycle, risk, trust and how they affect security architecture, encryption, and key management techniques. We will illustrate typical SDL patterns: narrowing trust, monitoring intrusions, zero knowledge architectures, distributing trust.

The goal of the talk is to give a general thinking framework and enough ideas about tools for senior engineers to plan their solutions securely, regarding sensitive data contained within.

Points we cover

• what is sensitive data life-cycle,
• how to build trust model for your app,
• what are typical trust patterns,
• how to select proper security controls based on real-world risks.

Watch ENG 📺

Presented at ✨

• DevExperience 19 Iasi, Romania, 19 April 2019

• Javazone 18 Oslo, Norway, 12-13 September 2018