BGDon ๐Ÿ‡จ๐Ÿ‡ฆ ๐Ÿ‡บ๐Ÿ‡ธ ๐Ÿ‘จโ€๐Ÿ’ปFeb 2

It is a matter of time before Quantum Computing gains the ability to crack todayโ€™s core public key encryption methods.

Our latest post on TechAptitude outlines the efforts by NIST to generate new cryptography standards to help withstand future quantum powered cyber attacks. Check it out!

https://techaptitude.substack.com/p/quantum-technologies-nist-drives #Cryptography #Quantum #QuantumTechnology #QuantumComputing #NIST #FIPS #CodeBreaker #Encryption #QDay #PQC #PostQuantumCryptography #Passwords #Ciphers #Algorithm #TechAptitude

GripNewsJan 23
๐ŸŒ˜ ไฝ ็š„ไพ่ณดๅฅ—ไปถไธๅœจไนŽไฝ ็š„ FIPS ่จญๅฎš | Docker
โžค ็•ถๅˆ่ฆ้‡ไธŠไพ่ณด็š„ใ€Œ้šฑ่— baggageใ€
โœค https://www.docker.com/blog/fips-dependencies-and-prebuilt-binaries/
FIPS ๅˆ่ฆ้›–่ƒฝๆๅ‡่ปŸ้ซ”ไพ›ๆ‡‰้ˆ็š„ๅฎ‰ๅ…จๆ€ง๏ผŒไฝ†ๅœจๅฎนๅ™จๆ˜ ๅƒไธญๅฏฆไฝœๆ™‚๏ผŒๅธธๅ› ไพ่ณดๅฅ—ไปถ่‡ชๅธถๅŠ ๅฏ†็จ‹ๅผๅบซ่€Œ็”ข็”Ÿ้›ฃไปฅ้™ค้Œฏ็š„้Œฏ่ชคใ€‚ๆ–‡็ซ ไปฅ Ruby on Rails ๆ‡‰็”จๅœจ FIPS ๅฎนๅ™จไธญ้ญ้‡ Postgres gem ้Œฏ่ชค็‚บไพ‹๏ผŒ่ชชๆ˜Žๅ•้กŒๆ นๆบๅœจๆ–ผ้ ็ทจ่ญฏ็š„ๅŽŸ็”Ÿไพ่ณด๏ผˆๅฆ‚ libpq๏ผ‰ๅฏ่ƒฝ้€ฃ็ตๅˆฐ้ž FIPS ็š„ OpenSSL๏ผŒๅฐŽ่‡ดๅŠ ๅฏ†้‚Š็•Œ่ขซ็นž้Žใ€‚ไฝœ่€…ๅปบ่ญฐๅพžๅŽŸๅง‹็ขผ็ทจ่ญฏไพ่ณดใ€ไฝฟ็”จๅคš้šŽๆฎตๅปบ็ฝฎ๏ผŒไธฆๅปบ็ซ‹ๆชขๆŸฅๆธ…ๅ–ฎๆ€็ถญไพ†ๆ‡‰ๅฐๆญคๆŒ‘ๆˆฐใ€‚
+ ใ€Œ้€™ๆ นๆœฌๆ˜ฏ็พๅฏฆไธ–็•Œ็š„ๅฏซ็…ง๏ผๆˆ‘ๅ€‘ๅœ˜้šŠๅœจ้ท็งปๅˆฐ FIPS ๆ™‚ไนŸ้‡้Ž้กžไผผ็š„็ฅž็ฅ•้Œฏ่ชค๏ผŒ้™ค้Œฏ้Ž็จ‹็œŸ็š„ๅพˆ็—›่‹ฆใ€‚ใ€
+ ใ€ŒๅพžๅŽŸๅง‹็ขผ็ทจ่ญฏ่ฝ่ตทไพ†็ฐกๅ–ฎ๏ผŒไฝ†ๅฏฆ้š›ไธŠๆœƒๅขžๅŠ ๅปบ็ฝฎๆ™‚้–“่ˆ‡่ค‡้›œๅบฆ๏ผŒๅธŒๆœ›ๆœชไพ†ๅทฅๅ…ท่ƒฝๆ›ด่ฐๆ˜Žๅœฐ่™•็†้€™้กžๅ•้กŒใ€‚ใ€
#ๆŠ€่ก“ๅฏฆไฝœ #ๅฎนๅ™จๅฎ‰ๅ…จ #FIPS ๅˆ่ฆ #ไพ่ณด็ฎก็†
Your Dependencies Don't Care About Your FIPS Config | Docker

FIPS images alone wonโ€™t ensure compliance. Learn how prebuilt native deps can bypass your crypto boundaryโ€”and how to build, test, and ship FIPS-compatible apps.

Docker
Show threadJdeBPJan 20

@njsg

The fun part of that is that a necessary pre-cursor would be going back to get ISO 8601:1988 ratified almost a decade earlier than it was in our universe.

The sad part is that, conversely, in our universe ANSI X3.30-1971 and FIPS PUB 4 had standardized YYYYMMDD years before the IBM PC was invented.

@Natasha_Jay

#ISO8601 #DateFormats #TimeTravel #retrocomputing #FIPS #ANSI #FIPSPub4

๋‚จ์ •ํ˜„Dec 23

ํ˜น์‹œ ์—ฌ๋Ÿฌ๋ถ„์€ .NET์ด ๋ฏธ ๊ตญ๋ฐฉ๋ถ€(DoD)์˜ ๊ฐ€์žฅ ๊นŒ๋‹ค๋กœ์šด ๋ณด์•ˆ ๊ฐ€์ด๋“œ๋ผ์ธ์ธ STIG๋ฅผ 100% ์ถฉ์กฑํ•˜๋Š” ๊ธฐ์ˆ ์ด๋ผ๋Š” ์‚ฌ์‹ค์„ ์•Œ๊ณ  ๊ณ„์…จ๋‚˜์š”?

๊ทธ๋™์•ˆ '๊ตฐ์šฉ ์ˆ˜์ค€์˜ ํ•˜๋“œ๋‹'์€ ์†Œ์ˆ˜์˜ ์ „๋ฌธ๊ฐ€๋งŒ์ด ๋ง‰๋Œ€ํ•œ ๋ฆฌ์†Œ์Šค๋ฅผ ํˆฌ์ž…ํ•ด ๊ตฌ์ถ•ํ•  ์ˆ˜ ์žˆ๋Š” ๋†’์€ ์„ฑ๋ฒฝ๊ณผ๋„ ๊ฐ™์•˜์Šต๋‹ˆ๋‹ค. ํ•˜์ง€๋งŒ ์ด์ œ Docker์™€ .NET์˜ ํ˜‘์—…์œผ๋กœ ํƒ„์ƒํ•œ Docker Hardened Images(DHI)๊ฐ€ ๊ทธ ์žฅ๋ฒฝ์„ ํ—ˆ๋ฌผ์—ˆ์Šต๋‹ˆ๋‹ค.

๐Ÿ›ก๏ธ ์™œ .NET ๊ฐœ๋ฐœ์ž์™€ ๊ธฐ์—…์ด DHI์— ์ฃผ๋ชฉํ•ด์•ผ ํ• ๊นŒ์š”?

๊ฒ€์ฆ๋œ ๊ธฐ์ˆ ์˜ ์ •์ : .NET์€ ์ด๋ฏธ ์ „ ์„ธ๊ณ„ ๊ธˆ์œต๊ณผ ๊ณต๊ณต, ๊ตญ๋ฐฉ ๋ถ„์•ผ์—์„œ ์‹ ๋ขฐ๋ฐ›๋Š” ํ”Œ๋žซํผ์ž…๋‹ˆ๋‹ค. DHI๋Š” ์ด ์‹ ๋ขฐ๋ฅผ '์ธ์ฆ'์˜ ํ˜•ํƒœ๋กœ ๊ฐ๊ด€ํ™”ํ–ˆ์Šต๋‹ˆ๋‹ค.

๋ณด์•ˆ์˜ ๋ฏผ์ฃผํ™”: STIG 100% ์ค€์ˆ˜, FIPS ์•”ํ˜ธํ™” ์ธ์ฆ๊ณผ ๊ฐ™์€ ์ตœ๊ณ  ๋“ฑ๊ธ‰์˜ ๋ณด์•ˆ ์„ค์ •์„ ์ด์ œ ๋ณ„๋„์˜ ๋ณต์žกํ•œ ๊ณผ์ • ์—†์ด ๋ฒ ์ด์Šค ์ด๋ฏธ์ง€ ๊ต์ฒด๋งŒ์œผ๋กœ ์ฆ‰์‹œ ์ ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

ํƒ€ํ˜‘ ์—†๋Š” ์™„๊ฒฐ์„ฑ: ๋‹จ์ˆœํžˆ ์ทจ์•ฝ์ ์„ ์ค„์ด๋Š” ์ˆ˜์ค€์„ ๋„˜์–ด, ์„ค๊ณ„ ๋‹จ๊ณ„๋ถ€ํ„ฐ ๋ณด์•ˆ์ด ๋‚ด์žฌ๋œ(Secure-by-Design) ์ตœ์ƒ์˜ ์ธํ”„๋ผ๋ฅผ ํ‘œ์ค€ํ™”๋œ ๋ฐฉ์‹์œผ๋กœ ๊ณต๊ธ‰๋ฐ›๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.

์ด์ œ .NET ๊ฐœ๋ฐœํŒ€์€ "์šฐ๋ฆฌ ์„œ๋น„์Šค๊ฐ€ ์–ผ๋งˆ๋‚˜ ์•ˆ์ „ํ•œ๊ฐ€?"๋ผ๋Š” ์งˆ๋ฌธ์— ๋Œ€ํ•ด, "๋ฏธ ๊ตญ๋ฐฉ๋ถ€ ํ‘œ์ค€์„ 100% ์ค€์ˆ˜ํ•˜๋Š” ํ•˜๋“œ๋‹ ๊ธฐ์ˆ ์„ ์‚ฌ์šฉํ•˜๊ณ  ์žˆ๋‹ค"๋Š” ๊ฐ€์žฅ ๊ฐ•๋ ฅํ•œ ๋‹ต๋ณ€์„ ๋‚ด๋†“์„ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๊ธ€๋กœ๋ฒŒ ์ˆ˜์ค€์˜ ๋ณด์•ˆ ๊ฒฝ์Ÿ๋ ฅ์„ ํ™•๋ณดํ•˜๊ณ  ์‹ถ์€ .NET ๋ฆฌ๋”์™€ ๊ฐœ๋ฐœ์ž๋ถ„๋“ค์„ ์œ„ํ•ด ์ƒ์„ธํ•œ ๊ฐ€์ด๋“œ์™€ ์ธ์‚ฌ์ดํŠธ๋ฅผ ๊ณต์œ ํ•ฉ๋‹ˆ๋‹ค.

๐Ÿ”— ์ƒ์„ธ ๋‚ด์šฉ ๋ณด๊ธฐ: https://forum.dotnetdev.kr/t/docker-hardened-image-dhi-net/14171

#dotNET #๋‹ท๋„ท #๋ณด์•ˆ #CyberSecurity #DHI #STIG #FIPS #์—”ํ„ฐํ”„๋ผ์ด์ฆˆ #๋””์ง€ํ„ธํŠธ๋žœ์Šคํฌ๋ฉ”์ด์…˜ #DevSecOps

Docker Hardened Image (DHI)์™€ .NET ํ”„๋กœ๋•์…˜ ์ด๋ฏธ์ง€ ๋นŒ๋“œ ์ธํ”„๋ผ ์ œ๊ณต

Docker์—์„œ ๋ณด์•ˆ์„ฑ๊ณผ ๊ณต๊ธ‰๋ง ํˆฌ๋ช…์„ฑ์„ ๊ทน๋Œ€ํ™”ํ•œ **Hardened Images(DHI)**๋ฅผ ์˜คํ”ˆ ์†Œ์Šค๋กœ ๊ณต๊ฐœํ–ˆ์Šต๋‹ˆ๋‹ค. .NET์šฉ ์ด๋ฏธ์ง€๋„ ํฌํ•จ๋˜์–ด ์žˆ์–ด, ๊ธฐ์กด Ubuntu Chiselled ์ด๋ฏธ์ง€์™€ ๋น„๊ตํ•˜๊ณ  ์ ์šฉ ๋ฐฉ๋ฒ•์„ ์‚ดํŽด๋ณด๊ฒ ์Šต๋‹ˆ๋‹ค. ์ž์„ธํ•œ ๋ฐœํ‘œ ์ „๋ฌธ์€ https://www.docker.com/blog/docker-hardened-images-for-every-developer/ ๋ฅผ ์ฐธ๊ณ ํ•ด์ฃผ์„ธ์š”! DHI์™€ Ubuntu Chiselled์˜ ์ฐจ์ด Ubuntu Chiselled: Ubuntu ํ™˜๊ฒฝ์„ ๊นŽ์•„๋‚ด์–ด(Chisel) ํฌ๊ธฐ๋ฅผ ์ค„์ธ โ€˜๊ฒฝ๋Ÿ‰ํ™”โ€™ ์ค‘์‹ฌ ์ด๋ฏธ์ง€์ž…๋‹ˆ๋‹ค. Docker Hardened (DHI): Alpine, Debian ๋“ฑ ๋‹ค์–‘ํ•œ OS๋ฅผ ์ง€์›ํ•˜๋ฉฐ, "์ด ์ด๋ฏธ์ง€๊ฐ€ ์•ˆ์ „ํ•˜๊ฒŒ ๋นŒ๋“œ๋˜์—ˆ๋Š”๊ฐ€"๋ฅผ ์ฆ๋ช…ํ•˜๋Š” **โ€˜๊ณต๊ธ‰๋ง ๋ณด์•ˆ ํ‘œ์ค€โ€™**์— ์ง‘์ค‘ํ•ฉ๋‹ˆ๋‹ค. DHI๋ฅผ ์จ์•ผ ํ•˜๋Š” 3๊ฐ€์ง€ ์ด์œ  ๊ณต๊ฒฉ ํ‘œ๋ฉด ์ตœ์†Œํ™”: ์‰˜(Shell), ํŒจํ‚ค์ง€ ๊ด€๋ฆฌ์ž, ์œ ํ‹ธ๋ฆฌํ‹ฐ๊ฐ€ ๋ชจ๋‘ ์ œ๊ฑฐ๋˜...

๋‹ท๋„ท๋ฐ๋ธŒ
Carlos Mendible Dec 13
๐Ÿ“ข๐Ÿ“ข๐Ÿ“ข FIPS mode in Application Gateway ๐Ÿ‘‡ #Azure #FIPS #Compliance https://learn.microsoft.com/en-us/azure/application-gateway/fips
FIPS 140 on Azure Application Gateway

Learn how to enable FIPS mode for Azure Application Gateway V2 SKU.

iRODSNov 26

An iRODS Workshop...

Ensuring Data Security: iRODS strategies for enabling agentic access in FIPS and HIPAA compliant environments

Dec 4, 2025 11:00 AM EST
Virtual

Register at https://go.unc.edu/iRODSWorkshop2025

#irods #workshop #hipaa #ai #fips

Welcome! You are invited to join a webinar: Ensuring Data Security: iRODS strategies for enabling agentic access in FIPS and HIPAA compliant environments. After registering, you will receive a confirmation email about joining the webinar.

The convergence of High-Performance Computing (HPC) and Artificial Intelligence (AI) has created significant data management challenges. This technical workshop demonstrates an integrated solution built on iRODS to provide automation, enforce compliance, and enable next-generation AI capabilities. What makes this session unique is our special guest showcase from CyVerse (University of Arizona). Their team will present a first-hand account of their project, AI Verde MCP Server, leveraging iRODS to connect Large Language Models (LLMs) to their complex data environment. They will share the real-world challenges, solutions, and results of their pioneering work. Before the showcase, we will set the stage by outlining the iRODS features for workflow automation and compliance (FIPS, HIPAA) that make such innovative projects possible on a secure and stable foundation. This is a unique opportunity to learn directly from the implementation experience of a leading research organization.

Zoom
iRODSOct 16

iRODS Development Update: October 2025

https://irods.org/2025/10/irods-development-update-october-2025/

#irods #policy #cplusplus #java #python #fips #s3 #globus

iRODS

@CrashNBurns Sep 24
Opening day of the 6th #pqc standardization conference #nist #fips #cryptomeanscryptography
iRODSSep 21

iRODS Development Update: September 2025

https://irods.org/2025/09/irods-development-update-september-2025/

#irods #fips #docker #el10 #deb13

iRODS

Adam   Aug 15

Red Hat OpenShift AI: Designed for FIPS, delivering trust and innovation

https://www.redhat.com/en/blog/red-hat-openshift-ai-designed-fips-delivering-trust-and-innovation

#RedHat #OpenShift #OpenShiftAI #AI #Kubernetes #InfoSec #FIPS

Red Hat OpenShift AI: Designed for FIPS, delivering trust and innovation

Red Hat OpenShift AI version 2.21 and later versions are now designed for Federal Information Processing Standards (FIPS).