Tagged articles

14 articles

Page 1 of 1

Mar 26, 2026 · Information Security

How to Defend Against PyPI and Docker Hub Supply‑Chain Attacks with Cloud‑Native API Gateways

The article analyzes recent supply‑chain poisoning of the LiteLLM PyPI package and Docker Hub images, explains why PyPI is an attractive attack vector, and details a three‑layer defense using Alibaba Cloud's cloud‑native API Gateway—including KMS‑encrypted credentials, WAF traffic filtering, and Wasm sandbox plugins—to protect the software supply chain.

KMSPyPI poisoningWAF

0 likes · 11 min read

How to Defend Against PyPI and Docker Hub Supply‑Chain Attacks with Cloud‑Native API Gateways

Ray's Galactic Tech

Dec 4, 2025 · Information Security

How to Secure Phone Numbers in Databases: Threat Modeling, Envelope Encryption, and High‑Performance Key Rotation

This guide presents a comprehensive, enterprise‑grade solution for encrypting phone numbers in databases, covering threat modeling, layered schema design, envelope encryption with KMS, Python service implementation, searchable indexes, key rotation, performance tuning, auditing, and common pitfalls.

AES-GCMKMSPython

0 likes · 11 min read

How to Secure Phone Numbers in Databases: Threat Modeling, Envelope Encryption, and High‑Performance Key Rotation

IT Services Circle

Nov 19, 2025 · Fundamentals

Why Microsoft Tolerates Windows Piracy: The Hidden Strategy Behind KMS38 Removal

The article explains how Microsoft deliberately allows widespread Windows piracy to maintain market dominance, detailing the role of KMS activation, the recent KMS38 deprecation in Windows 11, and why this “soft‑kill, hard‑gain” approach benefits the company in the long run.

KMSMicrosoft BusinessPiracy Strategy

0 likes · 8 min read

Why Microsoft Tolerates Windows Piracy: The Hidden Strategy Behind KMS38 Removal

Alibaba Cloud Developer

Jun 23, 2025 · Information Security

Securely Rotate Database Credentials with MSE Nacos, KMS, and Apache Druid

This article explains how to protect and dynamically rotate database usernames and passwords in modern applications by integrating MSE Nacos, Alibaba Cloud KMS, and Apache Druid, reducing leakage risk, eliminating manual maintenance, and achieving near‑instant, zero‑downtime credential updates.

Apache DruidDatabase SecurityDynamic Credential Rotation

0 likes · 9 min read

Securely Rotate Database Credentials with MSE Nacos, KMS, and Apache Druid

Huolala Tech

Apr 15, 2025 · Information Security

How a Key Management Gateway Secures Third‑Party API Integrations

This article examines the security challenges of integrating third‑party services via OpenAPI, analyzes code and personnel risks of key exposure, and presents a key‑gateway solution that uses KMS, multi‑tenant architecture, customizable signing modules, and robust exception handling to protect sensitive credentials.

API SecurityKMSkey management

0 likes · 15 min read

How a Key Management Gateway Secures Third‑Party API Integrations

Alibaba Cloud Developer

Dec 9, 2024 · Backend Development

Dynamic Config Refresh & Secure Settings in Spring Cloud with Nacos & KMS

This article demonstrates how to integrate Nacos into a Spring Cloud application to achieve runtime configuration refresh, and how to employ Alibaba KMS for zero‑code encryption of sensitive properties, covering setup steps, code examples, underlying mechanisms, and best practices for secure, dynamic configuration management.

Configuration EncryptionDynamic ConfigurationKMS

0 likes · 20 min read

Dynamic Config Refresh & Secure Settings in Spring Cloud with Nacos & KMS

Alibaba Cloud Native

Dec 22, 2023 · Cloud Native

Secure Sensitive Configurations in MSE Nacos Using KMS Encryption

This guide explains how MSE Nacos integrates with Alibaba Cloud KMS to encrypt and protect sensitive configuration data, covering the security challenges, architecture, encryption/decryption workflows, recommended configuration items, step‑by‑step setup, and Java/Go SDK examples for cloud‑native applications.

Configuration EncryptionKMSMSE Nacos

0 likes · 16 min read

Secure Sensitive Configurations in MSE Nacos Using KMS Encryption

OPPO Kernel Craftsman

Nov 25, 2022 · Fundamentals

An Overview of Linux Direct Rendering Manager (DRM): History, Architecture, and Simple Example

Linux’s Direct Rendering Manager (DRM) replaces the legacy framebuffer by providing a kernel subsystem that unifies GPU and display control through libdrm, KMS, and GEM, tracing its evolution from 1999 DRI origins to atomic APIs, and illustrating usage via a step‑by‑step modeset example.

DRMDirect Rendering ManagerGEM

0 likes · 11 min read

An Overview of Linux Direct Rendering Manager (DRM): History, Architecture, and Simple Example

GrowingIO Tech Team

Oct 22, 2021 · Information Security

Securing Enterprise Data: GrowingIO’s KMS‑Driven Runtime and PII Encryption

This article explains the definition and importance of data security, describes GrowingIO’s implementation of software runtime protection and static storage encryption using KMS, details data logic isolation, PII management with AES‑256 encryption, and provides code examples for configuring and using these security measures in cloud environments.

KMSPIIcloud security

0 likes · 10 min read

Securing Enterprise Data: GrowingIO’s KMS‑Driven Runtime and PII Encryption

Beike Product & Technology

Mar 19, 2021 · Information Security

Key Management System (KMS) Overview and Common Cryptographic Security Risks

The article outlines typical cryptographic security risks such as weak algorithms, insufficient key lengths, poor key management, and then introduces a comprehensive Key Management System (KMS) architecture, its core functions, key hierarchy, and practical application scenarios like API signing and data encryption.

API signingKMSSecurity Risks

0 likes · 9 min read

Key Management System (KMS) Overview and Common Cryptographic Security Risks

Ops Development Stories

Jan 26, 2021 · Information Security

How to Secure Kubernetes Secrets: Static Encryption and KMS Plugin Guide

This article explains why Kubernetes Secrets need encryption, demonstrates static encryption via the kube‑apiserver, shows how to configure an external KMS plugin (using Alibaba Cloud as an example), and lists third‑party tools for protecting secret data in a cluster.

Cloud NativeKMSKubernetes

0 likes · 13 min read

How to Secure Kubernetes Secrets: Static Encryption and KMS Plugin Guide

AntTech

Aug 11, 2020 · Information Security

Security Challenges of Kubernetes Secrets and Ant Group’s TEE‑Based End‑to‑End Protection

An interview with Ant Group senior engineer Qin Kailun reveals the inherent security flaws of Kubernetes Secrets—including plaintext storage, memory exposure, and vulnerable KMS plugins—and explains Ant Group’s TEE‑based end‑to‑end protection solution that encrypts secrets throughout their lifecycle.

Ant GroupKMSKubernetes

0 likes · 7 min read

Security Challenges of Kubernetes Secrets and Ant Group’s TEE‑Based End‑to‑End Protection

Open Source Linux

Feb 20, 2020 · Cloud Native

Deploy a Docker‑Based KMS Server and Activate Windows & Office

This guide walks you through installing Docker CE, pulling and running a KMS‑server container, configuring firewall and security‑group rules, then using slmgr commands to activate Windows Server 2012 R2 and Office 2016 via the KMS service, with all required code snippets and screenshots.

Container DeploymentKMSoffice activation

0 likes · 6 min read

Deploy a Docker‑Based KMS Server and Activate Windows & Office

JD Tech

Jul 10, 2018 · Big Data

Deploying Hadoop KMS for Transparent HDFS Encryption: A Step‑by‑Step Guide

This article details a complete, hands‑on deployment of Hadoop KMS on a CentOS‑based Hadoop 2.6.1 cluster, covering environment setup, configuration file changes, key generation, service startup, encryption‑zone creation, user permission tuning, verification procedures, and common troubleshooting tips.

HDFSHadoopKMS

0 likes · 19 min read

Deploying Hadoop KMS for Transparent HDFS Encryption: A Step‑by‑Step Guide