Modern Java Security: Zero Trust Architectures with Jakarta EE 11

This talk examines implementing Zero Trust security principles within Jakarta EE 11 applications. As enterprise boundaries dissolve through cloud adoption, traditional perimeter-based security fails to protect modern Java applications. I’ll demonstrate how Jakarta EE 11’s security features enable Zero Trust implementations through: – Fine-grained authentication: Leveraging Jakarta Security with OAuth 2.0 and OpenID Connect for context-aware identity verification across microservices – Authorization patterns: Implementing attribute-based access control using Jakarta Security’s evolved authorization model – Continuous validation: Building runtime security monitoring using Jakarta’s CDI events and interceptors Through practical code examples, we’ll create a Zero Trust implementation that includes: – Multi-factor authentication integration within Jakarta applications – Least-privilege access patterns for service-to-service communication – Encrypted data transit using Jakarta’s security annotations We’ll examine a real-world case study of a healthcare application that adopted these patterns, significantly reducing breach exposure while maintaining performance requirements. Attendees will receive a security assessment framework and implementation guide for applying Zero Trust principles within their Jakarta EE environments.