==== PKIs ==== ==== The oprginasiuation needs to use PKI It can use SSH public keys to allow comms between a user and servers over SSH It needs to use SSL client certificates to allow commms between user and web servers (apps) It can also use SAML to intermediate beween those It will need another solution for server-server comms Server Security --------------- - unikernels and cloud deployments The obvious end point of docker and immutable servers http://erlangonxen.org/blog/rediscovering-cloud Can we rely on the library is? - qubeos - security models and PKI - saml and single sign on multiple providers A sensible approach is client certs That won't happen with passwords so ... - ssh Standard Operating procedures are of course neccessary They make up a user manula for my company, Mikado software.