SAS' Phuong Ngo demonstrates an automated shift-left CI/CD security workflow.
In my blog series regarding SAS REST APIs (you can read all of my posts on this topic here) I outlined how to integrate SAS analytical capabilities into applications. I detailed how to construct REST calls, build body parameters and interpret the responses. I've not yet covered authentication for the
Newcomers to SAS Viya Administration may appreciate these tried-and-tested patterns for securing folders, and the content within them (reports, data plans, models etc.). If you are new to security model design in SAS Viya, this post is for you.
La seguridad informática es un problema constante en las empresas, pero las soluciones como la analítica llegaron para redefinir y potenciar la ciberseguridad. Es común pensar que los hackers vulneran la seguridad de una empresa de la noche a la mañana, infectando la red y robando datos en cuestión de
This post addresses connecting to SAS Viya using a One-Time-Password generated by SAS 9.4. We'll learn more about SAS Viya connecting with SAS 9.4 and talk about how this authentication flow operates and when we are likely to require it.
You can now enable Kerberos delegation across the SAS Platform, using a single strong authentication mechanism across that single platform. As always with configuring Kerberos authentication the prerequisites, in terms of Service Principal Names, service accounts, delegation settings, and keytabs are important for success.
Phil Simon discusses some of the analytics considerations with record-level security.
Learn about the new feature of SAS Viya 3.3 that enables Kerberos delegation throughout the environment. It allows you to have end-user sessions in SAS Cloud Analytics Services that are able to use Kerberos to connect to Secured Hadoop.
Phil Simon chimes in on a way to lock down data
In this article, I want to give you an overview of the authentication options available with SAS Viya 3.3. SAS Viya 3.3, released in the second week of December 2017, and the second release with the new microservices architecture, presents more options for authentication than the previous releases. In future
In my last article, Managing SAS Configuration Directory Security, we stepped through the process for granting specific users more access without opening up access to everyone. One example addressed how to modify security for autoload. There are several other aspects of SAS Visual Analytics that can benefit from a similar
Authorization determines what a user can see and do in an application. An authorization system is used to define access control policies, and those policies are later enforced so that access requests are granted or denied. To secure resources in SAS Viya there are three authorization systems of which you need to be aware. The General
Need to grant one or more users access to part of your secure SAS configuration directory? You can do it without opening up your SAS configuration directory to everyone. Most SAS 9.4 Platform deployments on Unix have been done using the SAS Installer account known as sas. The sas account
Even if you are a traditional SAS programmer and have nothing to do with cybersecurity, you still probably have to deal with this issue in your day-to-day work. The world has changed, and what you do as a SAS programmer is not just between you and your computer anymore. However,
From national security agencies, law enforcement organizations looking to terrorism and criminal activities, internal security, audit and compliance departments, to hospitals and public health organizations guarding against disease outbreaks, there are many common needs and constant challenges, e.g.: Detect an event of interest in the early stages. Investigate suspicious events
.@philsimon raises some chilling questions about the IoT and current threats.
Since the SAS 9.4 M2 release in December 2014, there have been several refinements and updates to the middle tier that are of interest to installers and administrators. In this blog, I’m going to summarize them for you. What I’m describing here is available in the newest SAS release (9.4 M4). I’ll
.@philsimon says that privacy is your issue as well whether you believe it or not.
.@philsimon says that even seemingly useless information can be useful under the right circumstances.
Tablets, phablets, smartphones. These mobile devices not only travel to different corners of the earth with their owners; they participate in certain adventures that can result in an unexpected turn of events. Thanks to their mobility, these devices can be misplaced. And they could be found later. In rare cases,
Mobile devices travel with humans pretty much anywhere that humans want to go. Unlike desktop computers that stay fixed and grounded within brick and mortar walls, mobile devices are used in all sorts of locales – offices, homes, cars, planes, swimming pools, soccer fields, movie theaters – the list goes
Some weeks have passed since the United Kingdom voted, by a margin of 52 per cent for and 48 per cent against, to leave the European Union, the organization it's been a leading member of since 1973. The tumultuous global reaction to the vote has those of us in information
In a couple of my previous blogs I discussed how to audit who made changes to data in a SAS environment. In the last couple of weeks I have been asked how to do the same thing for SAS Visual Analytics reports and explorations. The Visual Analytics administrator overview report
The need for fast and easy access to high-powered analytics has never been greater than it is today. Fortunately, cloud processing still holds the promise of making analytics more transparent and ubiquitous than ever before. Yet, a significant number of challenges still exist that prevent more widespread adoption of cloud
Encryption and SAS is a wide ranging topic – so wide it gets its own book and features strongly in both the SAS(R) 9.4 Intelligence Platform: Security Administration Guide, Second Edition and SAS(R) 9.4 Intelligence Platform: Middle-Tier Administration Guide, Third Edition. In this blog we’ll take a high level look at
In researching material for an upcoming project, I investigated the SAS Deployment Backup and Recovery Tool available in SAS 9.4. Here are some of my findings on identifying what directories are included in a Backup and Recovery session and how to add custom directories to a backup configuration. The SAS
In this post we dig deeper into the fourth recommended practice for securing the SAS-Hadoop environment through Kerberos authentication: When configuring SAS and Hadoop jointly in a high-performance environment, ensure that all SAS servers are recognized by Kerberos. Before explaining the complex steps in connecting to secure Hadoop within a
In previous posts, we’ve shared the importance of understanding the fundamentals of Kerberos authentication and how we can simplify processes by placing SAS and Hadoop in the same realm. For SAS applications to interact with a secure Hadoop environment, we must address the third key practice: Ensure Kerberos prerequisites are met
So, with the simple introduction in Understanding Hadoop security, configuring Kerberos with Hadoop alone looks relatively straightforward. Your Hadoop environment sits in isolation within a separate, independent Kerberos realm with its own Kerberos Key Distribution Center. End users can happily type commands as they log into a machine hosting the
A challenge for you – do a Google search for “Hadoop Security” and see what types of results you get. You’ll find a number of vendor-specific pages talking about a range of projects and products attempting to address the issue of Hadoop security. What you’ll soon learn is that security
