Azure Tutorials Series - Encryption

-

 In Previous article, we covered Azure Identity Management, different user roles, Azure AD tenant and lot of other topics. In this article, we will be covering concepts of Encryption in Azure.

Encryption in Azure

  • Encryption of data such that no unauthorised person can read it.
  • Data has to be decrypted to understand

Encryption Types

  • Symmetric Encryption - Requires the same key to encrypt and decrypt the data
  • Asymmetric Encryption - uses a pair of public and private key such that one key can perform a single task at a given time.

Encryption Ways
  • Encryption at Rest - Data stored in server disk, database or storage account.
  • Encryption in Transit - Data actively moving from one location to another

Encryption on Azure

  • We have below encryption for different services
    • For raw storages - Azure Storage Service Encryption
    • For Virtual machine disks - Azure Disk Encryption
    • For Databases - Transparent Data Encryption(TDE)
    • For Secrets- Azure Key vault
  • We will learn about these 4 services and its encryption methods in more details.

Azure Storage Service Encryption

  • Allows you to encrypt raw storage
  • Automatically encrypts data before processing it to Azure Managed disks, Azure blob storage, Azure files or Azure queue.

Azure Disk Encryption

  • Helps you to encrypt Windows and Linux IaaS virtual machine disks.
  • Uses BitLocker in Windows and dm-crypt in Linux
  • Integrated with Azure Key Vault to help manage disc encryption keys and secrets

Transparent Data Encryption(TDE)

  • Protects Azure SQL Database and Azure Data Warehouse
  • Azure Key vault also supports BYOK(Bring your own key)

Azure Key Vault

  • Responsible for storing and managing secrets, key or certificates

Azure Certificates

  • Certificates can be divided into 2 types
    • Service certificates
      • Attached to the specific cloud service
    • Management certificates
      • Are not related to the cloud services

Comments

Post a Comment

Popular posts from this blog

Azure Tutorials Series - Azure Networking

-
Image
In this article, we will learn about Azure networking concepts such as architecture, microservices, virtual networks, VPNs, subnet, VPN gateways and most importantly Network Security Group(NSG). All these terms are to be understood if you appearing for AZ900 Microsoft Azure Fundamentals exam. Azure Networking In previous articles we have learnt about Micro- services and how they work, these are alos loosely coupled architecture. Some of the features includes Independent components interact with each other with the help of queues Can be updated and deployed independently Highly scalable Supports Asynchronous messaging N-tier Architecture Supports loosely coupled architecture Application divided into multiple tiers such that higher tier can access lower tier but not vice versa Tiers are re-usable and can be updated or replaced easily without any hassle. Three-tier in general Web Tier(front end) Application tier(back end) Data tier(Storage) Virtual Network Isolated network shared by few g
Read more

Coforge Interview Questions | Automation Testing profile

-
Image
In this article we will cover recent Coforge Interview questions asked for testing profile.  Date of Interview - 19th December 2020 Mode of Interview - Web conference through TEAMS Interviewer - Rahul Sharma Round - L1 Coforge Interview Questions | Automation testing profile Round L1 Tell me about your project I have been working as a QA for XYZ company from 5.4 years, during this tenure,  I have learnt about Manual testing, Selenium, Database testing, TestNg, framework designing and API testing. What is a webdriver? A webdriver is a an automation framework that allows executing our tests in different browsers. It also supports headless execution using HtmlUnit driver. What are hooks? @Before and @After are called Hooks, they are used before and after any test scenario. How would you like your automation framework to be designed? How can you use data properties in Test NG framework? Explain Access specifiers? Access modifiers define the visibility of the class. There are four different
Read more

Testing in CI/CD

-
If you are part of testing fraternity you would have heard CI/CD numerous times by now. It's the talk of the software testing town. In this article, we will cover the basics of CI/CD, what actually it is and how it is implemented in software testing. What is continuous integration? In simple terms, development teams can integrate their code into a shared repository. This helps in maintaining code quality and identifying potential issues with the local version of the code at an early stage. What is continuous delivery? Everything that is being continuously merged by the development team, is continuously deployed to the live environment. Continuous delivery is often coined as ‘Continuous Deployment’ as well. Since most developers work in parallel, continuously integrating their code into one repository would mean that the master branch is continuously updated with new features. In order to ensure that there is no compromise in the code quality with so many changes
Read more