Real world multi-tenant applications are conceptually simple, but hide lots of complexities under the hood: when confidential data of multiple clients coexist under the same platform, you must ensure that data is kept segregated at any layer of your architecture. During this talk we'll try to demystify some of these aspects, analysing how we can build a SaaS application in ASP.NET Core, secure it via Azure AD B2C, and deliver it via the Azure infrastructure. We'll investigate how to use policies in our server side logic and even at the database level (via SQL Server's Row Level Security) to ensure data is kept segregated even when running on a shared infrastructure.
My name is Marco and I have an incredible passion for technology which I had the privilege to turn into a job. I’ve been working with .NET since the first beta, focusing on ASP.NET and, more generally, anything that is web related. I’ve been an early adopter of Microsoft Azure – who remembers the portal in Silverlight? :) – and, since its introduction, Cloud technologies have represented the core of my professional interest. Today I work as a freelance Solutions Architect in the beautiful London, focusing on Cloud transformation. Getting involved in the .NET and Azure community is also a key aspect of my profession: I’m convinced that knowledge sharing is one of the best ways to improve our professional skills, and therefore I try to dedicate as much time as I can to activities such as writing articles or speaking at conferences and meetups. Thanks to that, I’ve been awarded as a Microsoft MVP for the last 13 years in a row.
We seek to provide a respectful, friendly, professional experience for everyone, regardless of gender, sexual orientation, physical appearance, disability, age, race or religion. We do not tolerate any behavior that is harassing or degrading to any individual, in any form. The Code of Conduct will be enforced.
All live stream organizers using the Global Azure brand and Global Azure speakers are responsible for knowing and abiding by these standards. Each speaker who wishes to submit through our Call for Presentations needs to read and accept the Code of Conduct. We encourage every organizer and attendee to assist in creating a welcoming and safe environment. Live stream organizers are required to inform and enforce the Code of Conduct if they accept community content to their stream.
If you are being harassed, notice that someone else is being harassed, or have any other concerns, report it. Please report any concerns, suspicious or disruptive activity or behavior directly to any of the live stream organizers, or directly to the Global Azure admins at email@example.com. All reports to the Global admin team will remain confidential.
We expect local organizers to set up and enforce a Code of Conduct for all Global Azure live stream.
A good template can be found at https://confcodeofconduct.com/, including internationalized versions at https://github.com/confcodeofconduct/confcodeofconduct.com. An excellent version of a Code of Conduct, not a template, is built by the DDD Europe conference at https://dddeurope.com/2020/coc/.