Page 1,898«..1020..1,8971,8981,8991,900..1,9101,920..»

The Brazilian Stock Exchange will launch Bitcoin and Ethereum futures – Cointelegraph

May 16, 2022 | Author: admin

B3, the Brazilian Stock Exchange, confirmed that within six months it intends to launch its first official product aimed at the cryptocurrency market Bitcoin (BTC) futures trading. The group's chief financial officer, Andr Milanez, made the announcement during a conference call on Monday.

Milanez did not provide many details on how the product will work. It is not yet known if B3 will form a partnership or if it will offer Bitcoin futures trading directly, but the timeline for launching this product was stated to be relatively short. "We plan to launch bitcoin futures in the next three to six months," he said.

Currently, in Brazil, institutional and retail investors can trade 11 ETFs through B3 with exposure to cryptocurrencies, including CRPT11 from Empiricus with Vitreo; the NFTS11of Investo; QBTC11, QETH11 and QDFI11 all from QR Assets and META11, HASH11, BITH11, ETHE11, DEFI11, WEB311 all from Hashdex. In addition, in Brazil, there are more than 25 investment funds approved by the Securities and Exchange Commission (CVM) that offer different types of exposure to the crypto-assets market.

In January Jochen Mielke de Lima, director of information technology at B3, had already said that the Brazilian stock exchange would launch several products with exposure to cryptocurrencies in 2022, including Bitcoin futures and Ethereum (ETH) futures

At the time, the executive highlighted that the Brazilian stock exchange had been looking closely at the cryptocurrency market from a technological point of viewsince 2016.

According to the statement, B3 only needed to settle the question on whether the negotiations would be carried out against the U.S. dollar or against the Brazilian real. Futures contracts need a reference index, so if the team chooses Brazil's native currency, it will be necessary to compose a crypto-assets index in reais something that does not exist now.

The B3 rep also said it is exploring ways to provide data inputs for the countrys central bank digital currency, or CBDC.

In addition to BTC and ETH futures, B3 also intends to offer services to national cryptocurrency exchanges and to be a kind of "centralizer" of custody and settlement operations, according toJochen Mielke de Lima:

Mielke, also stated that the cryptocurrency market is very similar to the regulated stock market, as it involves issuing, trading, settlement and custody. He stated therefore that B3 could help solve common problems between exchanges.

We are identifying points of friction that we can help resolve to face up, such as helping our customers provide the best access to their end customers, he said.

In addition, B3 plans other products based on cryptocurrencies and blockchain to launch in 2022. Among them, there are studies on a platform for asset tokenization, cryptocurrency trading, cryptocurrency custody, among others.

"Trading and access to liquidity centers: this means mitigating the complexities of accessing a fragmented, global and 24x7 market; Digital Asset Custody: providing reliable custody (hence, purpose of blockchain transactions); Over-the-counter facilitation: thIn this way, it wants to provide more security and efficiency in the movement and DVP of digital assets; Capital efficiency gains: thus, it wants to mitigate the pre-funded nature of operations and Crypto as a service: make it easier for clients to explore the crypto market with low friction," highlighted B3.

For 2022, B3 reps said they foresee the official launch of a reinsurance platform. This will work on the Corda blockchain R3, and is a partnership between the exchange and IRB Brazil.

Go here to read the rest:
The Brazilian Stock Exchange will launch Bitcoin and Ethereum futures - Cointelegraph

Read More..
Posted in Bitcoin | Leave a Comment

Bitcoin: The Return To Reality – Seeking Alpha

May 16, 2022 | Author: admin

matejmo/iStock via Getty Images

Bitcoin (BTC-USD) has been bleeding for months due to tight liquidity conditions and targeted selling of high beta technology stocks. Low interest rates since the global financial crisis in 2008 have led markets to reach extreme valuations. Now, the decade-long bubble has popped, and assets are moving back to reality.

For most of Bitcoin's existence, it has benefited from low interest rates. With rates now rising, Bitcoin's price is suffering from the resulting uncertainty. In the near term, Bitcoin's Wave 3 Elliott extension is signaling a crash to $21k. In the long term, Bitcoin's Price Cycle outlook implies an 80% crash to $14k.

Bitcoin All-Time Chart (TradingView 5-11-22)

At BitFreedom Research, we believe the activities of the past 2.5 years will be remembered as the second dot-com bubble. The bubble popped in November 2021 when Bitcoin reached $68,990. Going forward, persistent sell pressure should kill any elements of the cryptocurrency market that do not provide tangible value.

While the underlying internet technologies that powered the turn of the millennium dot-com bubble were solid, an overabundance of investments into the space caused an eventual crash. This same process has afflicted the cryptocurrency market, and the crash is occurring right now:

LUNA, First Collapse Of The Crypto Crash (TradingView 5-11-22)

By following the same rules that dictated the dot-com crash, we can infer there will emerge oligopolistic winners that grow to dominate each Web 3 sector. According to our own analysis, the following cryptocurrencies are the most likely to survive and thrive long into the future:

If we believe these projects will succeed, then it follows that there will a be a point of maximum opportunity (a bottom) at some point during the present bear market. To find potential bottoms, we are using Elliott Wave theory combined with Bitcoin's Price Cycle theory.

Bitcoin Elliott Waves (TradingView)

Looking at Bitcoin's daily chart, the asset is currently moving in Wave 3 (the most powerful wave) of its long-term corrective phase. Wave 3 typically extends 1.618 the length of Wave 1. When charted, this Fibonacci extension implies Bitcoin will crash to $21k.

With Bitcoin in Wave 3, this implies a deeper move into Wave 5. To analyze how low a final Wave 5 can push Bitcoin, we are studying data from the asset's previous 2 price cycles.

After each parabolic run-up, Bitcoin has decreased from peak to trough by 80% approximately 1 year later. According to this movement, Bitcoin should reach $14k between October-November 2022.

Bitcoin Price Cycle Analysis (TradingView)

A major difference between the current crypto bubble and the previous dot-com bubble, is that the speed of the internet should make crypto's drawdown and recovery occur much faster. Due to this, we expect the entire cryptocurrency crash and bear market to conclude near the end of 2022. In accordance with how bubbles typically pop, a dip below Bitcoin's baseline growth trend (identifiable through the 200-week simple moving average) can take Bitcoin as low as $14k.

From a conceptual perspective, Bitcoin is currently in the Fear/Capitulation zone of the 'Stages in a bubble' diagram. Since Bitcoin's previous bull run was so long and unhinged, toxic aspects of the market now must die before everything can heal.

Stages In A Bubble (Hofstra University)

The following bad actors represent Greed, Delusion, and New Paradigm practices that are typical of asset bubble tops. We expect each of these enterprises to collapse in the coming months:

Going forward, each of these enterprises should die as Bitcoin returns to its baseline growth rate (the 200-week moving average).

Read more here:
Bitcoin: The Return To Reality - Seeking Alpha

Read More..
Posted in Bitcoin | Leave a Comment

Terra’s Big Backers, Shanghai Court Declares Bitcoin Property, BTC Obituaries, and Triple Top Hopes Bitcoin.com News Week in Review The Weekly…

May 16, 2022 | Author: admin

With the nightmare nosedive of Terras LUNA and UST, the Shanghai High Peoples Court declaring that bitcoin is virtual property protected by Chinese law, a surge in Bitcoin Obituaries, and some hoping for a rare triple top to appear for BCT, the past week has been full of shock, questions, speculation, and broader market resilience in the crypto community. Without further ado, this is your bite-sized digest of the weeks hottest crypto news.

Terras founder Do Kwon revealed a plan on Wednesday, but after some brief healing, Terras native tokens LUNA and UST continued to plummet. Now people are beginning to wonder who backed this popular crypto project, and which crypto firms had a lot of exposure to the failing assets.

Read More

The Shanghai High Peoples Court has declared bitcoin to be a virtual asset protected by Chinese law. The court notes that the cryptocurrency has economic value.

Read More

While bitcoins price has dropped to levels not seen since January 2022, a number of detractors think bitcoin is on its death bed. Data stemming from the Bitcoin Obituaries list shows the leading crypto has died seven times in 2022, outpacing the first three years of obituaries by year written by bitcoin haters. The last obituary written about bitcoin, opined by the financial journalist, John Plender, claims the leading crypto asset follows the greater fools scenario.

Read More

While crypto markets look extremely bearish these days, a few crypto advocates have theorized the bear market will be less harsh this time around. Furthermore, theres also the rare scenario that bitcoins price could reverse and see a triple top even though its commonly said in the finance world there is no such thing as a triple top.

Read More

What are your thoughts on this weeks top stories? Let us know what you think in the comments section below.

Bitcoin.com is your premier source for everything Bitcoin-related. We can help you buy bitcoins and choose a bitcoin wallet. You can also read the latest news, or engage with the community on our Bitcoin Forum. Please keep in mind that this is a commercial website that lists wallets, exchanges and other Bitcoin-related companies.

Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Continued here:
Terra's Big Backers, Shanghai Court Declares Bitcoin Property, BTC Obituaries, and Triple Top Hopes Bitcoin.com News Week in Review The Weekly...

Read More..
Posted in Bitcoin | Leave a Comment

USA finance and payments live updates: Bitcoin drops, $400 monthly check car owners, Child Tax Credit 2022, S. – AS USA

May 16, 2022 | Author: admin

Biden promises action on inflation concerns

President Biden is facing huge kickback in the polls as a result of high inflation, hurting his party politically ahead of this year's midterm elections.Biden has tasked the Federal Reservewith handling inflationand it is being criticisedfor moving too late to raise interest rates in an attempt to cool the economy.

Is Biden likely to blame the Fed for the poor inflation response? Unlikely - it was he who nominated Chairman Jerome Powell to a second term, the Senate confirmed him on Thursday, and it could seem politically weak to attempt to shift the blame.

Instead, Biden is focusing on measures that can cool the economic growth without tipping the country back into recession.

A White House statement on inflation reads: "Inflation is too high and is putting a strain on working families. The Presidents top economic priority is tackling inflation and reducing costs for American families so we can sustain this historic economic recovery in a way that benefits all Americans."

Here is the original post:
USA finance and payments live updates: Bitcoin drops, $400 monthly check car owners, Child Tax Credit 2022, S. - AS USA

Read More..
Posted in Bitcoin | Leave a Comment

Bitcoin to the sky: Emirates to accept BTC payments and launch NFT collectibles – Cointelegraph

May 16, 2022 | Author: admin

Emirates, the largest airline in the United Arab Emirates (UAE), announced that it has plans to implement Bitcoin (BTC) payments and launch nonfungible tokens (NFTs) to be traded through the company's websites.

In a media gathering held at the Arabian Travel Market, the chief operating officer of Emirates, Adel Ahmed Al-Redha reportedly stated that the Dubai-based airline will be onboarding new employees who will be focused on blockchain-related projects such as the crypto payments, blockchain tracking, metaverse and NFTs.

According to Al-Redha, the airline is looking into using blockchain to keep aircraft records. Additionally, the airline executive also noted that it may use the metaverse to transform its processes such as operations, training, website sales and other airline-related experiences into the digital world. The airlines chief operating officer believes that this will make the processes "more interactive."

Apart from these, Al-Redha also mentioned that the airline industry is slowly making a comeback as there are more and more travelers coming in. To expand its reach, the firm is embracing new technologies such as a Bitcoin payment service and NFT collectibles to be traded.

Related: Venezuelan international airport to accept Bitcoin payments: Report

Airports and airlines around the globe have been looking into ways to integrate blockchain-based technologies and crypto payments. In February 2021, Air France partnered with several organizations to create a blockchain-based system that verifies COVID-19 test results.

In March 2021, the Latvian airline airBaltic has added Dogecoin (DOGE) and Ether (ETH) into its payment options. The airline has been accepting BTC since 2014 and allows the use of other currencies like USD Coin (USDC), Binance USD (BUSD) and Gemini Dollar (GUSD).

Back in October 2021, Salvadoran President Nayib Bukele announced that the airline Volaris El Salvador will accept BTC payments. The announcement followed El Salvador's push for BTC adoption when it declared BTC as legal tender.

Here is the original post:
Bitcoin to the sky: Emirates to accept BTC payments and launch NFT collectibles - Cointelegraph

Read More..
Posted in Bitcoin | Leave a Comment

This Analyst Believes Bitcoin and Ethereum Will Outperform Stocks: Here’s Why – Benzinga – Benzinga

May 16, 2022 | Author: admin

Bloomberg senior commodity strategist Mike McGlone has recently opined that Bitcoin BTC/USD and Ethereum ETH/USD will lead to the mostcrypto gains after the recent price dip.

In an interview, McGlone said that the Federal Reserves interest rate hikes are more detrimental to the U.S. stock market long-term than proven digital assets like BTC and ETH.

Also Read:Bitcoin Advocate Jack Dorsey Believes BTC Price Will Again Rise: Here's Why

Overall, the volatility of these nascent crypto assets, most notably Bitcoin, has declined versus the stock market. Thats what happened with Amazon when it first came out. Its volatility in 2009 was the same as with Bitcoin right now, he said.

Investors are looking forward to the future do you want to miss out on this revolution?, McGlone questioned and said, Thats what I see happening. There are a few selling offers in the stock market and bids below in things like Bitcoin and Ethereum.

McGlone believes that despite BTC recently dipping below the $30,000 level, its not the only asset class in decline.

Also Read:Bitcoin Bloodbath Getting Worse: Crypto Experts Say Mid-$20,000 Range May Be Next

Its going down with the ebbing tide with all risk assets. What happened to the S&P 500 this week? It finally got below 4,000 for a while, he said.

At the time of writing, Bitcoin was trading at $30,074, down almost 13% down in the last seven days.

Ethereum was trading at $2,078.29, losing over18% in the last seven days.

For the first time in about two years, both Bitcoin and the S&P 500 came back to the 100-week moving averages. The asset that went up the most over the past five-ten years will return as the Fed hammers the punch bowl Its more likely to come out ahead, McGlone added.

Excerpt from:
This Analyst Believes Bitcoin and Ethereum Will Outperform Stocks: Here's Why - Benzinga - Benzinga

Read More..
Posted in Bitcoin | Leave a Comment

Bitcoin mining in Norway gets the green light as the proposed ban rejected – Cointelegraph

May 16, 2022 | Author: admin

Theres Nor-way they can ban Bitcoin (BTC) mining in Norway now. Thats according to a majority vote passed by the Norwegian parliament on Tuesday.

The proposal to ban Bitcoin mining in Norway was first suggested in March this year by the Red Party (Norways communist party). In this week's vote, the proposal was overturned as only Norways left-leaning parties, including the Socialist Left Party, the Red Party and the Green Party would support a ban on cryptocurrency mining.

Jaran Mellerud, an analyst at Arcane Research and a Cointelegraph confidant, shed light on the developments: The vote these parties lost was against banning large-scale Bitcoin mining overall.

Contrary to the political parties' efforts, Bitcoin mining companies in Norway have thrived in recent years. Norway now contributes as much as 1% to the global Bitcoin hash rate, taking advantage of 100% renewable energy in the Land of the Midnight Sun.

Norwegian Mellerud added that Bitcoin-hostile political parties in Norway have been trying to force bitcoin miners out of the country by implementing a higher power tax rate specifically for miners or even attempting to ban mining.

Cointelegraph previously reported that Norway is a green oasis for Bitcoin mining, boasting abundant hydropower and low energy prices, particularly in the north.

In mid-northern and northern Norway, the cost per kilowatt-hour is 0.12 Norwegian Krone ($0.012), a highly competitive rate internationally, or extremely cheap, Mellerud told Cointelegraph.

Related:Water great idea! Bitcoin mining heats this swimming pool

The article from Norwegian news E24 reported that ordinary households, companies and the public sector pay an electricity tax of 15.41 re ($0.015) per kilowatt-hour. However, in some cases, the mining industry has a reduced electricity tax."

Mellerud concluded that an increase in the power tax specifically for miners is now much less likely. Meanwhile, Bitcoin is slowly entrenching into the Norwegian financial landscape asretail interest in cryptocurrencies swellsand TradFi companies have dipped their toes into BTC investments in the country.

Originally posted here:
Bitcoin mining in Norway gets the green light as the proposed ban rejected - Cointelegraph

Read More..
Posted in Bitcoin | Leave a Comment

Trust in Decentralized Finance Rattled After $100 Billion Left the Defi Economy Defi Bitcoin News – Bitcoin News

May 16, 2022 | Author: admin

The effect of Terras demise continues to shine a light on the fragility surrounding the decentralized finance (defi) ecosystem. Things have changed a great deal following Terras aftermath, as the total value locked (TVL) in defi has plummeted from $231 billion to todays $112.29 billion, losing 51.38% in 42 days.

The total value locked in defi today is just above the $100 billion mark at $112.29 billion. While the TVL has been sliding since almost reaching an all-time high on April 3, last weeks Terra chaos removed most of the TVL held in decentralized finance protocols.

In addition to commanding a $231 billion TVL 42 days ago on April 3, the Terra blockchain held $30.45 billion or 13.15% of the $231 billion aggregate at that time. Terra held the second-largest TVL in defi and today, Terra is in the 14th position with only $500.38 million.

Out of Sundays $112.29 billion, Ethereum dominates the TVL in defi with 63.63% of the aggregate in defi or $71.09 billion. The second-largest TVL in defi is tethered to Binance Smart Chain (BSC) with 7.71% of the $112.29 billion or $8.62 billion held on BSC.

Another significant change this week that occurred was the downfall of Curves defi dominance, as Makerdao is now the largest defi protocol in terms of TVL size. Makerdao dominates by 9.40% with its $10.56 billion TVL and Curve now holds $8.76 billion.

Curves current TVL is a lot different than it was on April 3, when it was $21.17 billion roughly 42 days ago. The top 28 defi protocols today have seen significant TVL reductions during the past seven days. While Makerdao leads it is still down 13.73% this week and Curve is down 49.18% this past week as well. Lido has shed 46.37% and the defi application Aave has lost 21.94% this week.

After being the third-largest defi application in terms of TVL a week ago, Anchor has dropped to the 58th position after losing 97.76% this week. Stats show that Anchor has $309.78 million total value locked in the lending protocol today.

17 defi protocols have at least $1 billion or more as far as TVL size is concerned. Theres still $419 billion in smart contract protocol tokens today with ethereum leading the pack. Terra now holds the 18th position in terms of smart contract platform token market capitalizations.

While Terras issues rippled across the entire crypto-economy, the carnage affected decentralized finance the most. Not only was trust shaken to the core, but well over $100 billion was removed from defi in less than a weeks time.

Its likely going to take some time before trust is regained, and the $100 billion lost is added back to the defi ecosystem. Out of all the defi chains, Ethereum benefited the most as dominance has increased a great deal since last week. Although, Ethereum still felt the impact, as the chain lost 31.53% during the past seven days.

What do you think about the state of defi today? What do you think about the trust thats been lost and the $100 billion wiped away from the defi space? Let us know what you think about this subject in the comments section below.

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,000 articles for Bitcoin.com News about the disruptive protocols emerging today.

Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Continued here:
Trust in Decentralized Finance Rattled After $100 Billion Left the Defi Economy Defi Bitcoin News - Bitcoin News

Read More..
Posted in Bitcoin | Leave a Comment

How the Metaverse Is Giving Birth to Humans as a Service – ITPro Today

May 16, 2022 | Author: admin

Although definitions of the metaverse are still being hashed out, most center on the idea that the metaverse is a virtual 3D world where people can interact. In other words, the metaverse is what you get when you fuse social media with virtual reality.

But here's another way of thinking about what the metaverse means: It's what happens when you combine cloud computing architectures with human beings. In other words, what the metaverse proposes to do is instrument humans as a service by deploying humans as virtualized services, just like the cloud has done to servers and software.

Related: Top 10 Industries Profiting From the Metaverse

Here's what this means, and why looking at the metaverse from this angle is important.

First, let me explain what I mean by terms like humans as a service, or HaaS, and how they relate to cloud computing.

Related: DevOps Teams to Play Big Role in Tackling Metaverse Challenges

The concept at the core of the cloud, of course, is that resources can be delivered "as a service" over the internet. Instead of standing up your own servers in your own data center, you can use cloud-based servers, which is an example of infrastructure as a service, or IaaS. Instead of installing and managing your own applications, you can use software as a service, or SaaS.

Viewed from one perspective, the metaverse does exactly the same thing to people: It makes them available as a hosted, fully managed service that anyone can consume via the internet.

More specifically, consider how the metaverse is similar to cloud computing in these respects:

The list could go on, but I hope the point is clear: The metaverse promises to transform humans and human relationships into abstract, scalable resources that can be consumed on demand with no strings attached.

Viewing the metaverse as the application of cloud computing architectures to human relationships is useful because it provides new perspective on both the positive and negative potentials of the metaverse.

On a positive front, the "cloudification" of humans promises to make it easier to interact with other people. Just as cloud computing brought world-class infrastructure within reach of businesses that might not otherwise be able to access it, a humans-as-a-service metaverse would extend access to human communities for people who would otherwise not engage with them due to geographic, political, cultural, or other barriers.

On the other hand, expect folks to criticize the metaverse for cheapening human relationships by, for example, placing constraints around how humans can interact, and how humans can represent themselves within virtual worlds. Such criticisms would not be unlike complaints that cloud computing limits the control that organizations have over their computing infrastructure that you typically can't access the bare-metal hardware, for instance, or control how SaaS applications manage your data.

Such worries about the metaverse could eventually push some early adopters of virtual communities to retreat from virtual communities back into the "real world." If that happens, it would be sort of like the cloud repatriation trend, which involves businesses migrating workloads from the cloud back on-premises.

To compare the metaverse to cloud computing is not to draw a mere analogy. In many cases, actual cloud infrastructure will be responsible for hosting metaverse communities, so there's already a clear technical link between metaverse and cloud.

I think, however, that it's valuable also to recognize the clear conceptual and cultural links between the metaverse and cloud computing. Ultimately, the metaverse stands to do to human beings what the cloud has done to servers and software: Make us available as an on-demand, scalable service.

If you thought the cloud computing revolution was over that IaaS and SaaS were as far as cloud computing would evolve just wait. The emerging metaverse suggests that there is a whole new chapter playing out in the cloud industry, and its focus is not on servers or code. It's on us.

More:
How the Metaverse Is Giving Birth to Humans as a Service - ITPro Today

Read More..
Posted in Cloud Hosting | Leave a Comment

OAuth Security in a Cloud Native World The New Stack – thenewstack.io

May 16, 2022 | Author: admin

These days most software companies use cloud deployment with modern hosting capabilities that make everyone productive, from developers to DevOps and InfoSec staff.

Gary Archer

Gary is a product marketing engineer at Curity. For 20 years, he has worked as a lead developer and solutions architect.

However, not all cloud deployments are the same, and you still need to make sound choices to meet your architectural requirements.

In this article, I will explain how my thinking has evolved after working with various cloud deployment types and integrating security into many kinds of apps.

I will start with a discussion on APIs and then highlight the key supporting security components. One of the most important of these is your identity and access management (IAM) system.

Nowadays, most application-level components implement security using the OAuth family of specifications, which provides modern security capabilities for web apps, mobile apps and APIs. This provides companies with the most cutting-edge options for authenticating users with one or more proofs of their identity, and protecting data in APIs according to business rules.

The authorization server defined in the OAuth specification deals with authentication, token issuing and user management. It enables many security solutions, or flows, to be built over time. Its the heart of any modern IAM system.

When I first started using cloud deployment, like many people, I was attracted by the thought of not having to host any backend servers and using the cloud infrastructure as a black box instead. For a single page application, this might lead to the following backend components that use PaaS:

Technologies like serverless enable you to develop APIs that use PaaS hosting. This can be a cost-effective solution for small startups or for developers to host their own solutions. Meanwhile, developers can use the cloud providers built-in authorization server when getting started with OAuth integration. This is sometimes referred to as Identity as a Service (IdaaS).

Your APIs or microservices are your core intellectual property (IP), and most companies implement them in a mainstream programming language, such as Java or C#. In doing so, organizations will want to leverage these technologies to their full capabilities without restrictions. In addition, code should be kept portable in case you want to use multiple cloud providers in the future. This can enable you to extend your digital solutions to emerging markets, where certain cloud providers may be blocked.

One downside to using PaaS for APIs is that you may run into limitations that lead to vendor lock-in, making it expensive to migrate APIs to another host in the future. Some compute-based API hosting may also have other limitations. For example, in-memory storage may be impossible if a system must spin up a new API instance for every request. These issues can add complexity and work against your technical architecture.

You must also control which API endpoints are exposed to the internet and secure the perimeter in your preferred way. A zero-trust approach is recommended for connections between APIs, as it can enforce both infrastructure and user-level security. Finally, APIs connect to sensitive data sources, so they should be hosted behind a reverse proxy or API gateway as a hosting best practice. This makes it more difficult for attackers to gain access to that data.

These requirements lead many companies to host APIs using a different cloud building block. Although virtual machines used to be more common, container orchestration platforms such as Kubernetes now provide the best API hosting features. This creates an updated deployment picture for APIs, where they are hosted inside the cluster while you continue to use PaaS for some other components:

Once API hosting is updated to use container-based deployment, there are no restrictions on code execution, and you have a portable backend that can be migrated between clouds. Your technical staff will also learn how to use modern patterns that deal with deployment and availability in the best ways. You then need to think more about other critical components that support your APIs.

As you integrate OAuth into your applications and APIs, you will realize that the authorization server you have chosen is a critical part of your architecture that enables solutions for your security use cases. Using up-to-date security standards will keep your applications aligned with security best practices. Many of these standards map to company use cases, some of which are essential in certain industry sectors.

APIs must validate JWT access tokens on every request and authorize them based on scopes and claims. This is a mechanism that scales to arbitrarily complex business rules and spans across multiple APIs in your cluster. Similarly, you must be able to implement best practices for web and mobile apps and use multiple authentication factors.

The OAuth framework provides you with building blocks rather than an out-of-the-box solution. Extensibility is thus essential for your APIs to deal with identity data correctly. One critical area is the ability to add custom claims from your business data to access tokens. Another is the ability to link accounts reliably so that your APIs never duplicate users if they authenticate in a new way, such as when using a WebAuthn key.

All of this leads to the preferred option of using a specialist cloud native authorization server. This is more efficient because the authorization server is hosted right next to your APIs. It also gives you the best control over security, limiting which authorization server endpoints are exposed to the internet.

As well as a hosting entry point, the API gateway (or reverse proxy) is a crucial architectural component. The API gateway can perform advanced routing and security-related tasks like token translation before your APIs receive requests. By externalizing security plumbing, your API code is simpler and more business-focused.

It is recommended to use the Phantom Token pattern so that internet clients receive only opaque access tokens. Unlike JSON Web Tokens (JWTs), which are easily readable, Phantom Tokens cannot reveal any private details that might disclose personally identifiable information (PII). When a client calls an API, the gateway can then perform introspection to translate from opaque access tokens to JWT access tokens. This flow is illustrated below.

There are many other gateway use cases, but a critical capability is running plugins that can perform both HTTP translation and routing as a single unit of work. There should be no limitations on the code you can write in the plugin. This is another area where cloud native solutions may provide better capabilities than the cloud providers generalist solution.

The authorization server and API gateway are key security components, and some companies also use an entitlement management system for their business authorization. Meanwhile, additional specialized components are required to support your APIs. These also must be chosen wisely, based on the providers capabilities and your requirements.

Each company must decide which third-party components they need. For example, it is common to host individual components for monitoring, log management and event-based data flows alongside your APIs. A possible setup is shown below:

PaaS is still an excellent choice for some component roles, though, and these days I follow a mix and match approach. Components that are a vital part of your API architecture should be hosted inside the cluster. I often prefer a serverless approach for other components if it is easier to manage.

The classic example where PaaS works better than CaaS is when delivering static web content to browsers. A content delivery network (CDN) can push the content to many locations at a low cost to enable globally equal web performance. This is more efficient than hosting CaaS clusters in all of those locations. See the Token Handler pattern for further details on using this approach, while also following current browser security best practices.

When companies are new to OAuth, there is often a fear that the authorization server could become unavailable, leading to downtime for user-facing applications. This concern remains valid, but when using cloud native APIs, you are already assuming this risk, and you should be able to follow identical patterns for third-party components. When using a cloud native authorization server, check that its deployment and availability behavior provides what you need.

Also, consider the people-level requirements. An InfoSec stakeholder will want a system with good auditing of identity events. These days DevOps staff should be able to perform zero-downtime upgrades of the authorization server or use canary deployment, where both old and new versions run simultaneously. The system should also have modern logging and monitoring capabilities so that technical support staff can troubleshoot effectively when there are configuration or connection problems.

Companies need to push their software down a pipeline, and discovering issues early on saves costs considerably. The benefits of a productive developer setup are often overlooked, but it is an area where cloud native provides some compelling advantages.

A developer, architect or DevOps person can run most cloud native components on a local computer. This can be a great way to first test the cloud native authorization server and API gateway and design end-to-end application flow.

Operational behavior such as upgrades can then be verified early, using a local cluster. Once the system is working with the desired behavior, you can simply update your Docker-based deployment, and the rest of the pipeline will also work in the same way.

Cloud native architecture provides the most portable and capable platform for hosting and managing your APIs, but keep an eye on the important security requirements. This will lead you to choose best-of-breed supporting components and host all of them inside your cluster. Choose an authorization server based on the security features you need and review it from an operational viewpoint.

At Curity, we provide a powerful identity and access management system designed to be cloud native from the ground up. It also integrates with modern cloud native platforms. As well as having rich support for standards, the system is based on a separation-of-concerns philosophy and is extensible to provide customers with the behaviors they need. There is also a free Community Edition, and it is trivial to spin up an initial system using a Docker container.

As a final note, the security components in your cloud native cluster will enable many powerful design patterns. Still, good architecture guidance is also a key ingredient when building cloud native security solutions. Our resource articles, guides, and code examples provide many end-to-end cloud native flows to help you along the way.

The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker.

Image byThomas BreherfromPixabay

Originally posted here:
OAuth Security in a Cloud Native World The New Stack - thenewstack.io

Read More..
Posted in Cloud Hosting | Leave a Comment