Embeddable AI

  • 1.  How to secure a Watson Assistant across multiple devices?

    Posted Wed July 06, 2022 06:46 PM

    I am building an Assistant that needs to be available on mobile devices as well as PC. It will integrate with a number of other IBM Cloud and external (e.g. Google Sheets) services, so I need to isolate and securely store secrets for each user, to protect the services / accounts that their assistant is connecting to. I think I can use Secrets Manager and Cloud Object Store to hold all the user data that the assistant needs, but I think I would still need somewhere to store the keys for accessing the assistant.

    This looks easy enough when I am only accessing the assistant from a PC, because I can store them in a local file. But, how would I secure the user's access on something like an Android tablet? Am I even on the right track, here?



    ------------------------------
    Alain de Nogent
    ------------------------------

    #BuildwithWatsonApps
    #EmbeddableAI


  • 2.  RE: How to secure a Watson Assistant across multiple devices?

    Posted Fri July 08, 2022 02:18 PM
    Alain,

      This isn't really a Watson App question, it's more of a general "Where do I store user keys/credentials/certificates for my users?" question.  Since many of the services that you call out are Cloud-based services, it probably makes sense to look for good patterns for doing this in Hybrid Cloud architectures.  Since I am an IBM guy, I will point you at the IBM solution for this, called Key Protect.  Take a look at this blog post on how to Use Key Protect as a Vault for Multicloud Credentials.

      If, for some reason, the IBM solution is not a good fit for you, you can just do a search on "Hybrid Cloud storing credentials and keys".  I got back a bunch of hits from all sorts of different vendors.....

    ------------------------------
    Daniel Toczala
    Community Leader and Customer Success Manager - Watson
    dtoczala@us.ibm.com
    ------------------------------

    Original Message


  • 3.  RE: How to secure a Watson Assistant across multiple devices?

    Posted Sun July 17, 2022 02:11 AM

    Thanks, Daniel

    Please point me elsewhere if appropriate, but it seems there is an overlap between Kep Protect and Secrets Manager. Is one a subset of the other, or is Key Protect just bigger and better?



    ------------------------------
    Alain de Nogent
    ------------------------------

    Original Message


  • 4.  RE: How to secure a Watson Assistant across multiple devices?

    Posted Mon July 18, 2022 09:48 AM
    Alain,

      Not really my area of expertise, but I believe that Key Protect is the basis for things.  If you look at Secrets Manager, it asks for a Key Protect instance to use for managing the cryptographic keys.  So I would start with Key Protect (you can use it for 20 keys for free), and if you find that you want or need more, you can expand to using Secrets Manager.

    ------------------------------
    Daniel Toczala
    Community Leader and Customer Success Manager - Watson
    dtoczala@us.ibm.com
    ------------------------------

    Original Message


  • 5.  RE: How to secure a Watson Assistant across multiple devices?

    Posted Fri July 14, 2023 12:25 PM

    Hello Alain, did you get this solved?

    Victor



    ------------------------------
    victor martinez
    ------------------------------

    Original Message