Senior Java Developer (Backend, Spring Boot, Webservices, Microservices, Kubernetes, PKI, Smartcard, HSM)
Aktualisiert am 19.11.2024
Profil
Referenzen (5)
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 01.02.2025
Verfügbar zu: 100%
davon vor Ort: 100%
Spring Boot
Webservices
PKI
Spring
Backend
Microservices
Docker
Kubernetes
AWS Cloud
MQTT
Websockets
REST
SOAP
TLS
Cryptography
HSM
Hibernate
PostgreSQL
Deutsch
Muttersprache
Englisch
sehr gute Kenntnisse in Wort und Schrift

Einsatzorte

Einsatzorte

München (+20km)
möglich

Projekte

Projekte

1 Jahr 1 Monat
2021-12 - 2022-12

RIS-Mobile

Senior Software Developer Java 8 SCRUM Hibernate ...
Senior Software Developer

Maintenance and further development of the Reisenden (Traveler) Information System (RIS) with the RIS-Communicator app as frontend and the clustered microservices in the cloud as RIS-Mobile backend.

IntelliJ IDEA 2022.2 Git GitLab Repository CI/CD Pipelines Gradle 7.4 Artifactory (JFrog)
Java 8 SCRUM Hibernate MariaDB Kubernetes Docker Microservices GitLab Spring Boot JSON JWT RESTful SOAP
DB Systel GmbH
München/Frankfurt
11 Monate
2021-01 - 2021-11

KMS.Cloud FOTA

Java Backend Developer Java 11 SCRUM Amazon Web Services (AWS) Cloud ...
Java Backend Developer

Design, implementation, test and documentation of X.509 Public Key
Infrastructure (PKI) and key management (KMS) microservices for
firmware over the air (FOTA) use cases. The microservices run on
Kubernetes clusters in the AWS Cloud.

IntelliJ IDEA Ultimate 2021
Java 11 SCRUM Amazon Web Services (AWS) Cloud Amazon EC2 Amazon RDS PostgreSQL Amazon S3 Buckets AWS CloudHSM Kubernetes Docker Microservices GitLab Spring Boot RESTful Hibernate RabbitMQ Keycloak
ESCRYPT GmbH
München/Bochum
6 Monate
2020-07 - 2020-12

Protect-for-Use Integration into ELSTER

Java Backend Developer Java 11 Kanban DDD ...
Java Backend Developer
  • Full-stack SOAP web-service implementation for the management of mobile tokens.
  • YAML-based generation and integration of a REST web-service client for invocations of the Protect-for-Use server.
JetBrains IntelliJ IDEA
Java 11 Kanban DDD SOAP RESTful Spring Hibernate Git JWT JSON YAML JCE/JCA nShield HSM
secunet Security Networks AG
München
1 Jahr 4 Monate
2019-01 - 2020-04

Business Plugin Manager

Java Software Developer
Java Software Developer

User shall be enabled to use smartphones for automotive related use cases, like car logistics, where mobile apps (iPhones, iPads) communicate bi-directionally via Internet with backend services in the intranet of a car manufacturer.

Description
Required is a proper communication infrastructure which supports data exchange and push notifications between mobile apps and backend services, i.e. gateway and routing functionality.
Backend services shall be easily added a la plug-and-play.
Furthermore, the users, the mobile apps, and the backend services have to be managed, i.e. registration, activation/deactivation, and removal.
That management will be done by administrators via a web-based Angular UI which communicates via a RESTful interface with the upcoming "Device Manager" component.
These administrators and the users get role-based access to Device Manager's functionality, which have to be managed too.
The plug-and-play of the backend services will be supported by Apache Kafka as message broker.

Tasks
Design and Implementation of the Device Manager as Spring Boot application with embedded Tomcat for the REST interface and a PostgreSQL database.
The Device Manager realizes the bi-directional asynchronous gateway with routing functionality and implements the management for mobile apps, backend services as well as for users and administrators available via secured REST.

Furthermore, it integrates a webservice to an external user directory for local user import and remote user authentication.
Additionally, a Java library "Mapper Broker" has to be designed and implemented which supports the plug-and-play of backend services and the exchange of management, data, and push notifications.

Finally, an Attribute Based Access Control (ABAC/XACML) has been integrated.

Results
The completely tested infrastructure with Device Manager, Mapper Broker, and a car logistic backend service runs on docker containers as reference installation for the product.

Programming Language
Java JDK 8

IDE

  • IntelliJ IDEA 2018
  • Eclipse JEE 2018-12-R


Software Management

  • Git for Windows 2.20, GitLab Community Edition 11.7
  • Apache Maven 3.6, Jenkins 2.150, SonarQube


Database
SQL Developer, H2, Oracle, PostgreSQL, JDBC

Platform
Windows 10

Tools

  • Atlassian JIRA 7.1, Atlassian Confluence 5.10
  • Axiomatics Policy Server ABAC/XACML


Technologies

  • Spring Boot 2.0.6, embedded Tomcat, logback
  • Spring MVC 5.0, Spring Data JPA, Spring Security 5.0
  • Spring RESTful services, JSON Web Token Authorization (jjwt 0.9), Jackson 2.9
  • Hibernate 5.2, Hibernate Envers
  • Zookeeper 2.0, Apache Kafka 2.11, Kafka Manager, Trifecta-UI 0.22, spring-kafka, spring-kafka-test
  • swagger, swagger-ui, springfox 2.8

Test

JUnit 4.12, Hamcrest, Mockito

Teamware GmbH
München
9 Monate
2019-05 - 2020-01

Secure Web Box

Java Software Developer
Java Software Developer

The Secure Web Box (SWB) provides a secure platform for asynchronous communication between mobile apps and backend services.

Description

The Secure Web Box is an intermediate server system between mobile apps and backend services. It is reachable via Internet with RESTful interfaces and provides a secure asynchronous communication platform with end-to-end security over networks with firewalls, proxies and load balancers. The SWB is operated as a cluster of docker containers managed by Kubernetes. To use this platform, the SWB clients, i.e. mobile apps (Android, iOS) and backend services (Spring Boot, IBM WebSphere AS), integrate SWB-Connectors.

Tasks

Specifications for the SWB platform and implementations in SWB-Server and SWB-Connector:

  • New features
    • Mobile app deletion message to backend
    • Mobile app infos for backend (REST extension)
    • sendSilentPushNotification (protocol header extension)
  • Extension for end-to-end communication:
    Application level protocol specification and implementation for request-response communication and StatusInfo messages
  • Proof of concept: Message exchange over WebSockets connections
  • Architectural extensions and implementations for new communication flows and signalling messages: Message signalling over MQTT via MQTT-Broker (Mosquitto) for SWB-Server and SWB-Connector, supporting TLS, forward and reverse proxies with authentication. Protocol stack: MQTT / WebSockets / HTTP / TLS / TCP/IP
  • New SWB-Connector variant for Server-to-Server communication.
  • Linux Docker containers in test environment: SWB-Server, Squid proxy with Basic Authentication, NGINX load balancer with TLS endpoint, Mosquitto, MQTT test driver and monitoring

Results

New releases of SWB-Server and SWB-Connector.

Programming Language

IBM Java 8, Oracle Java 8

IDE

IntelliJ IDEA 2019

Software Management

Git, Maven, Jenkins, SonarQube

Application Server

Spring Boot, IBM WebSphere

Database

MongoDB

Platform

Windows 10, Linux Docker

Tools

  • NoSQLBooster for MongoDB
  • MQTT Paho/Hive Test Clients, MQTT.fx
  • Tcp Trace, TunnelliJ
  • Atlassian Confluence (with Gliffy UML Diagrams)
  • Atlassian JIRA 7.1, Atlassian Confluence 5.10

Technologies

  • Spring 5, Spring Boot 2
  • Spring Integration, Spring Messaging, Spring MQTT, Spring WebSockets
  • Spring Security, Spring Data MongoDB
  • REST, Javax.ws.rs(-api), swagger, swagger-codegen (jersey client)
  • JWT, com.google.guava
  • MessagePack 0.8.16 (Java), JSON
  • Forward Proxy (Squid), Load Balancer/Reverse Proxy (NGINX)
  • Docker, Dockerfile
  • Eclipse Paho MQTT Client, HiveMQ MQTT Client, Mosquitto MQTT Broker, MQTT.fx
  • TLS PKI
  • WebSockets: Glassfish Tyrus

Test

JUnit, Hamcrest, Mockito, org.awaitility

Teamware GmbH
München
5 Monate
2019-08 - 2019-12

SGL Order Tracking System

Java Software Developer, Architect
Java Software Developer, Architect

Order tracking by mobile app and backend system.

Description

Implementation of backend system (Spring Boot) with interfaces to mobile apps (Android), RESTful management GUI (Angular2, webjar), and third-party system for order event notifications.

Order events are StatusUpdates (created, started, stopped, arrived, delivered), LocationUpdates (geo-coordinates), ErrorIndications, DamageReports. The backend system manages mobile apps, orders, administrators.

Tasks

  • Architecture (Apps, Server, UI, interfaces)
  • Protocol-Specification between mobile Apps and Server
  • SW- and DB-Design
  • Server Implementation
  • Linux Docker containers in test environment.

Results

Released and publicly available order tracking server for pilot phase.

Programming Language

Java JDK 8

IDE

IntelliJ IDEA 2019

Software Management

Git, Maven, Jenkins

Application Server

Spring Boot (embedded Tomcat)

Database

PostgreSQL 11, JDBC, SQL Developer, HeidiSQL

Platform

Windows 10, Docker (Linux)

Tools

JIRA, Confluence (Wiki)

Atlassian Confluence (with Gliffy UML Diagrams)

Technologies

  • Spring 5, Spring Boot 2
  • Spring Security, Spring Data JPA
  • Hibernate, Hibernate Envers
  • REST, swagger, TLS, JSON, JWT
  • Docker, Dockerfile

Test

JUnit, Mockito

Teamware GmbH
München
2 Monate
2019-07 - 2019-08

EVxBM - CoRE-Anbindung

Java Software Developer
Java Software Developer

Rich clients (RCP) communicate over SOAP with application servers which in turn communicate with backend services by exchange of XML documents either via SOAP or via message queues.

Description

For development and tests a MQ server providing message queues and a mock backend service simulating the CoRE service are required.

Tasks

  • Setup of a MQ Server (IBM MQ 9.1) providing request and reply queues.
  • Implementation of a CoRE-Mock simulating the CoRE backend service with receiving messages (XML documents) from a request queue and sending answers (XML documents) to a reply queue.
  • Extension of the existing application by EJBs (IBM WebSphere 9.0) to communicate via JMS and MQ Server with the CoRE (Mock) backend service.
  • Setup of TLS based communication with client/server authentication between MQ Server and its clients, i.e. WebSphere and CoRE.

Results

Deployment of IBM MQ server in development and production environments. Depoyment of CoRE-Mock in development environment.

Programming Language

Oracle Java JDK 8, IBM Java JDK 8

IDE

  • Eclipse IDE (Java EE) for application server (EJBs)
  • IntelliiJ IDEA for CoRE Mock

Software Management

GIT, Maven

Application Server

IBM WebSphere Application Server 9 (JEE 7, EJB 3.2, JMS 2.0)

IBM MQ 9.1

Platform

Windows 10, CentOS, Linux

Tools

IBM WebSphere (Web) Console, IBM MQ Explorer, IBM MQ (Web) Console, MobaXterm

Technologies

  • Spring Boot, Spring JMS, JMS API 2.0
  • EJB 3.2, JSSE, TLS
  • XML, JAXB, SAX
  • IBM JMS Provider

Teamware GmbH
München
4 Monate
2018-08 - 2018-11

Software Infrastructure Prototype

Java Developer
Java Developer

Feasibility and evaluation of a complete Spring based EAC Software. Same control and data flows as with “VD EAC-CM V2”. Re-design and re-implementation of the software infrastructure realizing business cases and operational flows required by a distributed EAC PKI system (but implemented with mocked cryptography functionality). Support of RESTful services.

Programming Language:

  • Oracle Java 8/10 JDK

IDE:

  • Eclipse IDE Neon/2018-09
  • JUnit V4, TestNG

Software Management:

  • Apache Maven V3.5.2, Git V2.17

Application Server

  • Apache Tomcat V8.5
  • Spring Boot Embedded

Database:

  • MariaDB V10.2, SQL Developer

Platform:

  • Windows

Technologies:

  • Spring Boot V2.1.0, Spring V5.1.8 (Core, WebMVC, Test)
  • Spring Data JPA V2, RestTemplate
  • Logback V1.2.3
  • Hibernate V5.3.7 Final, JPA V2.2
  • MariaDB Java Client (JDBC) V2.2.6
  • Gson V2.8.5, Jackson V2.9

Company in Munich, Germany
1 Jahr 5 Monate
2017-03 - 2018-07

VD EAC-CM V2

Full stack Java Developer, Architect
Full stack Java Developer, Architect

Support of an “ePass/eID PKI Appliance”.

Partly re-design, refactoring and updates of the existing Java software “VD EAC-CM”. The new version 2 realizes EAC PKI entities and web-services compliant to BSI TR-03110 V1.11/V2.0 and BSI TR-03129 respectively. It supports several databases (JDBC) and HSMs (PKCS#11) and can be installed standalone on Windows or Linux and is prepared to be integrated into a PKI Appliance.

 

Software has two technical applications:

  • Command Line Interface (CLI), and
  • Web-application with Web-GUI, Healthcheck, and Webservices (CAWS and TAWS)

 

Updates:

  • Java 8 (language and RTE), JAX-WS, Apache Tomcat, Repositories

 

Extension of the Java software “VD EAC-CM V2” with new features, like

  • Access Control, User Management, Session Control
  • TLS based web interfaces with client/server authentication
  • Syslog, encrypted credential management
  • CVCA cross-certifications, self-signed link certificates
  • Integrable into PKI Appliance

 

Results:

  • Standalone implementations on Windows and Linux
  • Integrated into the ePass/eID PKI Appliance

 

Programming Language:

  • Oracle Java 8 JDK
  • Windows batch scripts, Linux bash scripts

 

IDE:

  • Eclipse IDE, Release 4.6.1 Neon (XML, Web, JavaEE, …)
  • Junit 4.12
  • m2e plug-in 1.7.0
  • TestNG plug-in 6.10.0
  • MercurialEclipse plug-in 2.2.0  

 

Software Management:

  • Team Explorer Everywhere 14.114 (Team Foundation Server)
  • Mercurial 4.0, TortoiseHg 4.0
  • Apache Maven 3.3.9 (repositories, code generations for XML schemas and WSDLs)

 

Application Server:

Apache Tomcat 8.5.14, Servlet Spec V3.1

 

Database:

  • MariaDB 10.2.11
  • MS SQL Server

 

Platform:

  • Windows Server 2016 64-bit
  • Ubuntu 16.04.2 LTS Server AMD 64-bit (Linux) (OpenJDK)
  • Thales nShield Connect (12.10)
  • Utimaco HSM Simulator

 

Tools:

Oracle SQL Developer 4.1, HeidiSQL 9.4.0, ERMaster

 

Technologies:

  • Secunet CVC-CA V4.0
  • IAIK (ECC V2.17, JCE V3.16, PKCS#11 Wrapper V1.2.17, PKCS#11 Provider V1.2.5)
  • Hibernate V5.3.2 Final
  • JPA V2.2
  • MariaDB Java Client (JDBC) V2.0.3
  • JTDS (MS SQL Server protocol) V1.3.1
  • c3p0 (JDBC connection pool) V0.9.5.2
  • Quartz Scheduler V2.2.1
  • Log4J V1.2.15
  • Apache Commons
  • SecretStore V2.0
  • JAX-WS V2.2.10
  • JAXB/XJB V2.2.10
  • Struts2 V2.1.6
  • Spring V2.5.6
Company in Munich, Germany
4 Monate
2017-12 - 2018-03

Governmental mDL/TLS PKI

Specification and implementation of a governmental mDL/TLS PKI supporting mobile driver licenses and governmental portals.

 

Results:

One offline Root CA, two internal online issuing sub CAs, two external available OCSP responders.

  • Productive system with PKI Appliance.
  • Reference system has been set-up with
  • Windows Server 2016 VM (HyperVisor)
    • Java JDK 8
    • WildFly 11.0.0
    • EJBCA 6.5.0.5
    • MariaDB 10.2.11,HeidiSQL 9.4.0
    • THALES nShield Connect (12.10)
Country in south-eastern Europe
7 Monate
2017-03 - 2017-09

VD COS-EACCM

Architect, Developer
Architect, Developer

Realization of an “ePass/eID PKI Appliance” supporting governmental PKIs, e.g. for ePass/eID passive and terminal authentication or for citizen authentication/identification, according to ICAO, BSI, ETSI and RFC (IETF) standards.

Creation of a virtual machine “VD COS-EACCM” (Linux) and its integration into PKI Appliance. That virtual machine has an installed and running “VD EAC-CM V2” software.

 

Integration topics

  • Technical VM integration (SFP with KVM and additives)
  • Internal networks
  • Internal communication via SSH
  • Date and time synchronization
  • Database access (VDB)
  • HSM access (VHSM)
  • External communication via gateway (VGW)
  • Syslog support
  • Appliance Lifecycle support (backup, restore, clean-up with factory reset)

 

Results

“ePass/eID PKI Appliance” providing EAC functionality with web-GUI and web-services compliant to BSI specifications.

 

Architecture/Design    

UML 2 (Enterprise Architect V12.1), MS Visio

 

Programming Language

Linux bash scripts

 

Software Management

Team Foundation Server

 

Database

MariaDB

 

Platform

PrimeKey PKI Appliance V2.5.0 with

  • Hardened Linux (SFP – “Secure Foundation Platform”) as host system (KVM – Kernel-based Virtual Machine)
  • Virtual Gateway (VGW), VM with Apache HTTP Server 2.4 (Reverse Proxy)
  • Virtual Administration (VADM), VM for web-based administration
  • Virtual Database (VDB), VM with MariaDB server and Galera Cluster
  • Virtual Hardware Security Module (VHSM), provides PKCS#11 based access to “Utimaco CryptoServer Se50 PCIe” (FIPS 140-2 Level 3 certified)

 

External Test Environment

Oracle VM VirtualBox, Apache HTTP Proxy, Syslog Server, MariaDB Server, Utimaco HSM Simulator

 

Tools

mysql

 

Technologies

  • Ubuntu 16.04.2 LTS Server AMD 64-bit
  • GRUB boot loader
  • OpenSSH Server
  • OpenJDK 8 JDK/JRE (headless) AMD 64-bit
  • Apache Tomcat 8.5.14
  • MariaDB client 10.0
  • NTP Server
Company in Munich, Germany
3 Monate
2016-12 - 2017-02

National Identity Service

Java Developer, Architect
Java Developer, Architect

Integration of a National Identity Web-Service into publicly available PKI Appliance and comprehensive tests with web-portal and citizen client systems.

 

Results;

Readyness to be integrated into four externally available OCSP responders (PKI Appliances) distributed over two sites providing that national identity web-service.

4 Monate
2016-09 - 2016-12

ICAO PKI

Specification and implementation of an ePassport PKI with CSCA and DS, compliant to ICAO Doc9303-12, 7th Edition 2015.

 

Results:

  • Productive system with PKI Appliance.
  • Reference system has been set-up with Windows Server 2012 R2, Java 8, JBoss EAP 6.4, EJBCA EE 6.5.2, Apache ANT 1.9.7, Utimaco HSM Simulator, Microsoft SQL Server.
3 Monate
2016-05 - 2016-07

Participation in the design of a system architecture for a national ID card

Participation in the design of a system architecture for a national ID card based on JavaCard comprising following card applications:

  • PKI based authentication and signature
  • One-Time-Password (OTP)
  • Match-on-card fingerprint

 

The Card and Application Management System (CAMS) supports

  • Enrolment with biometric identity verification
  • Personalization and issuance
  • Post-issuance personalization for card application updates
  • Block, unblock, and termination

 

Beside a PKI with Issuing CA, OCSP responder, and CRL provider, a Signing Server and a Time Stamping Authority (TSA) is provided. The web services are accessible via API managers and located via a service registry. The enrolment, verification, and personalization is performed decentralized whereas the CAMS and PKI with services operate centralized and distributed over two data centers in high availability configuration and disaster recovery ability.

End customer is island country in south Asia.

10 Monate
2015-08 - 2016-05

Governmental PKI design

Governmental PKI design and system architecture for the management (issuance, post-issuance, status changes) of national ID cards with authentication certificates. Furthermore, it issues also service provider certificates and provides an identity web service for the identification of citizens for authorized provider systems. Setup of two high availability clusters spread over two sites for disaster recovery. Installation, tests, and trainings on-site.

4 Monate
2015-09 - 2015-12

Identity Service

Java Developer
Java Developer

Design and implementation of a governmental identity web-service which provides identity attributes of an individual citizen to authorized service providers. Citizens are identified by pseudonyms. Service providers can be assigned to different attribute classes. The identity attributes and the class definitions are hold in a national database.

 

Results:

Implemented, tested and accepted by first end customer (country in North-Africa).

 

Development Process:

Waterfall

 

Team Size:

2

 

Architecture/Design    

Microsoft Visio 2010, Microsoft Word 2010

 

Programming Language

Java/JEE 1.7 (OpenJDK 64bit)

 

IDE

Eclipse Kepler 64bit, TFS Plug-in for Eclipse  

 

Software Management

Team Foundation Server, Apache Maven 3.3

 

Application Server

JBoss AS V7

 

Database

Oracle 11g R2, Oracle JDBC thin driver

 

Platform

Windows 7, Ubuntu V12 as virtual machine on PKI Appliance V2.3

 

Test

Web application on IIS as test provider system calling the identity web-service.

 

Tools

Oracle SQL Developer

 

Technologies

JAX-WS, JNDI

4 Monate
2015-06 - 2015-09

System and software architecture for a governmental ID card system

System and software architecture for a governmental ID card system supporting application, issuance, renewal, and revocation of ID cards as well as its usage for online authentication, online signing and decryption even with smartphones.

2 Monate
2015-02 - 2015-03

eIDAS (STORK) - Analyses and Evaluations

Analysis and evaluation of the requirements and the architecture of a national system for identification, authentication, and signature (IAS) based on European regulations (eIDAS), implementing acts, STORK, eIDAS Token and further standards (ETSI).

2 Monate
2014-12 - 2015-01

Java PACE library

Design and implementation of a PACE Java library which supports a secure access to local or remote ID cards.

4 Monate
2014-08 - 2014-11

eID PKI Optimization

Linux OpenJDK HyperV ...

Optimizations of an existing PKI and infrastructure for issuing and using of ID cards

  • Problem analyses and measurements

 

Results:

Certificate issuance perfomance increased by storage enlargement. Latency reduction during distributed identification use case by card middleware bugfix.

Linux OpenJDK HyperV Virtual Box VMware JBoss Card Middleware EJBCA Wireshark
2 Monate
2014-09 - 2014-10

File encryption C library

Design and implementation of a file encryption/decryption C library based on PKI tokens

1 Jahr 6 Monate
2013-02 - 2014-07

Consumer Cards Platform

Full stack Java Developer
Full stack Java Developer

Beschreibung:

Weiterentwicklung der Consumer Cards Platform (CCP)

Die für Endkunden über Internet (Web und REST) hoch-verfügbare und mandantenfähige Kreditkarten-Plattform verwaltet Endkunden mit ihren Konten und Kreditkarten. Die Kreditkarten können sein:

  • Reguläre Kreditkarte (Plastikkarte mit CVC)
  • Virtuelle Kreditkarte (nur Kartennummer mit CVC)
  • Mobile Karte (im Secure Element des Smartphones oder der SIM)

 

Die Plattform realisiert Sign-Up Prozesse (Kundenregistrierung and Kartenaktivierung) und unterstützt monetäre Transaktionen auf den Konten wie

  • Bezahlen mit den Kreditkarten
  • Kontoaufladen über:
    • iDEAL
    • Sofortüberweisung
    • Direktüberweisung
    • Kreditkarte
    • Lastschrift (Überziehung)
    • Gutschein
    • Überweisung
    • P2P
  • Geldsenden über:
    • Überweisung
    • P2P

 

Die Plattform bietet Anwendungsschnittstellen:

  • Web-GUI für Kunden
  • Web-GUI für Callcenter
  • RESTful Webservices für mobile Applikationen („Apps“)

 

Die Plattform stützt sich auf Schnittstellen zu externen Systemen:

  • Banken (Sammelkonten und Transaktionen mit anderen Banken)
  • Kreditkarten-Prozessoren (Autorisierungen und Clearings)
  • Mobile Network Operator (Mobile Kreditkarten in Secure Elements)
  • SMS-Center, eMail-Server (Kundenkommunikation)

 

Aufgaben:

Weiter- und Neuentwicklungen (Scrum) von

  • Anwendungen
    • Web-UI, Callcenter-UI
    • Batch Jobs
  • Externen Plattformschnittstellen
    • Bereitstellung von RESTful-Services für mobile Anwendungen (“Apps”)
    • Nutzung von RESTful-Services zur Anbindung der Kreditkartenprozessoren und der Mobile Network Operators
  • Internen Schichten
    • Business und Support Services zur Verwaltung von Kunden, Konten und Karten, als auch zur Durchführung der monetären Transaktionen
    • DAO Schicht mit ORM (Hibernate Mappings) und SQL-Skripten (DDL, DML) für die Datenbank
  • Ereignisbasierte asynchrone Kommunikation (Enterprise Integration Pattern)
    • Events/Messages über Apache Camel
    • Event Hub basierend auf JMS (ActiveMQ)
  • Verschlüsselung von Datenbank-Tabellen mit versionierten Schlüsselsätzen
    • Kreditkartennummer, Activation Code, PIN, Password
  • Maintenance (Kanban) der Produktivversion durch Fehleranalysen und Hotfixes.

 

Teamgröße:

9 MA (6 internationale Teams)

 

Entwicklungsprozeß:

Scrum, Kanban (Sprints, User Stories, Planning & Estimation, Specification, Development, Code Review, Refactoring, Business Review, Unit Tests, Integration Tests, Documentation, Demonstration, Retrospective)

 

Sprachen:

Java 1.6/1.7

 

IDE:

Eclipse Java EE IDE, IntelliJ IDEA 13.0

 

Softwareverwaltung:

Apache Subversion, Mercurial, Apache Maven 3.0, TortoiseSVN, TortoiseHg, Jenkins, Liquibase

 

Application Server:

Apache Tomcat 7.0, Oracle WebLogic Server 11g (Cluster)

 

Datenbank:

Oracle 11g, Oracle SQL Developer, Hibernate, JDBC

 

Plattform:

Windows 7 Enterprise 64-bit, Linux 2.6 (x86_64 )

 

Test:

EclEmma, Sonar, JUnit, TestNG, EasyMock, Mockito

 

Tools:

Atlassian JIRA, Atlassian FishEye, Atlassian Crucible, TWiki, Microsoft Powerpoint, PuTTY, WinSCP, Clean Code

Technologien:

Spring (DI, AOP, JDBC, Transaction, Batch),Apache Camel, JMS (ActiveMQ)

 

Ergebnisse:

Alle 3 Wochen wurde ein neues Software-Release in der Produktionsumgebung live-geschaltet.

Wirecard Technologies GmbH

Aus- und Weiterbildung

Aus- und Weiterbildung

1 Monat
2016-06 - 2016-06

Fortbildung

Certified Professional for Software Architecture ? Foundation Level, iSAQB, München
Certified Professional for Software Architecture ? Foundation Level
iSAQB, München
1 Monat
2016-03 - 2016-03

Fortbildung

Information Security Management Systeme (ISO 2700x), KESS, München
Information Security Management Systeme (ISO 2700x)
KESS, München

Position

Position

Senior Java Software Engineer

Kompetenzen

Kompetenzen

Top-Skills

Spring Boot Webservices PKI Spring Backend Microservices Docker Kubernetes AWS Cloud MQTT Websockets REST SOAP TLS Cryptography HSM Hibernate PostgreSQL

Produkte / Standards / Erfahrungen / Methoden

DDD
Git
JCE/JCA
JetBrains IntelliJ IDEA
JWT
Kanban
nShield HSM
RESTful
Spring

Online Authentication and Identification Systems (Internet)

  • Nationales eID System (eIAS) ? Webportale, Sichere eMails, Dokumentensignaturen
  • ePA Internet Pilot (Banken)? Registrierung, Anmeldung und Transaktionen mittels Chipkarten

 

Public Key Infrastructure (PKI)

  • Certificate (CA), Registration (RA) und Validation Authorities (VA), OCSP, CRL, Certificate Policies
  • X.509 PKIs for travel documents (ICAO), ID cards, Internet (TLS, ETSI, Extended Validation, Digital Signatures)
  • Card Verifiable Certificate (CVC) PKIs (BSI EAC1/2)

Card and Application Management Systems (CAMS)

  • Life Cycle Management von Chipkarten, Post-Issuance Personalization, Global Platform
  • CAMS eGK und JavaCard

 

Mediation Systems (Telekommunikation, GSM, UMTS)

  • Operative Netzknoten (ON) ? Managementsysteme (BSS, OSS)
  • Billing Mediation (Usage Data Collection, Indosat, Celcom)
  • Provisioning (SIM, Subscriber, HLR/AUC)

 

Secure Mobile Banking and Payment Systems (Banken, Telekommunikation)

  • Mobile - Gateway - Providersystem - Bankhost (D2, O2, Dt. Bank, SSKM, SIZ)
  • Kontostand, Überweisung, Umsätze, Aktienkauf
  • Payment, Kreditkartentransaktionen (Indien, Euronet)

 

Netz-, System- und Anwendungs-Management in heterogenen Netzen

  • Management von Rechner-Clustern (PCs) und Großrechnern
  • Master- & Sub-Agenten für Managed Objects in MIB, Management-GUIs

 

Datenkommunikation, Kommunikationssysteme und Protokolle

  • Webservices (SOAP, WSDL), Webservice-Security (XWSS, WSS4J)
  • Internet (TCP/IP, SOAP, FTP, HTTP, SSL, SNMP)
  • Home Banking Computer Interface (HBCI) Standard
  • Secure Mobile Banking Protocol (SMBP), Smart Messaging (Narrowband Sockets), WAP Spezifikationen (WDP, WTLS, WIM)
  • GSM und SMSC Spezifikationen (SMS, SMSC, SAT, GPRS, SMPP, EMI)
  • Wireless LAN  (IEEE 802.11), Optische Nachrichtenübertragungstechnik

 

Public Key Infrastrukturen (PKI)

  • Certificate (CA), Registration (RA) und Validation Authorities (VA)
  • Certificate Policies (ETSI, Extended Validation, Digital Signatures)
  • X.509 PKIs für Reisepässe, ID-Karten und Webportale
  • Card Verifiable Certificate (CVC) PKIs (EAC1/2, EAP) für Chipkarten

 

Key Management und Kryptographie

  • Symmetrische und asymmetrische Kryptosysteme (TDES, IDEA, AES, RSA, ECDSA, ECDH, CMAC, HMAC Hash, Random, Comp128), GSS-API, PKCS#11
  • Hardware Security Modules (IBM 4758, Thales nShield, Chipkarten)

 

Prozessor-Chipkarten

  • Reisepässe (ePassport), ID-Karten (eID), Signaturkarten (eSign), SIM
  • Gesundheitskarten (eGK0, eGK1)
  • ZKA-Chipkarte (GeldKarte, HBCI, VAS-Container, Space-Manager)
  • JavaCard und Global Platform, Personalisierung

 

Projektaufgaben

Consultant, Präsentationen, Workshops (Deutschland, Indien, Mazedonien)

  • ID-Kartensysteme, PKIs
  • Sicherheit, Bankintegration, Key-Management, SIM-Personalisierung
  • Sales-Support, Mobile Banking Systeme, Billing Mediation

 

System- und Software-Architekt (PKI, Key Management, Mobile Banking, Billing Mediation)

  • Anforderungsanalysen, Funktionale Spezifikationen
  • System- und Komponentendesign, Schnittstellendefinitionen

 

Projektleitung / permanente Stellvertretung (4-10 Mitarbeiter)

  • Projektmanagement, Projektpläne, Systembeschreibungen
  • Entwicklungs- und Produktionsprozesse

 

Software-Entwickler

  • Softwaredesign von Komponenten, Moduln und Programmen
  • Spezifikationen: Protokolle, Client- und Serversysteme, Kryptographie  
  • Komponenten-, Modul- und Programmentwicklungen
  • Java/JEE, C#/.NET, C/C++
  • Windows und UNIX Systeme

Betriebssysteme

AIX
BS2000
CP/M
Docker
Hyper-V
KVM
KVM
Linux
MS-DOS
POSIX
SINIX
TOS
Ubuntu
Unix
VirtualBox
VMware
Windows 10
Windows Server
XENIX

Programmiersprachen

Apache
Geronimo, HTTP Server, Tomcat
Applets
ASN.1
BER, DER, Snacc4J, BinaryNotes
Assembler
R3000, 68000, 6809, 80286, Z80
Basic
C
C#
.NET Framework, Windows Forms, P/Invoke
C++
dBase
DOM/SAX
EJB
ESQL/C
Forth
HTML
Imake, GNU-Make, Make-Maker etc...
Java 1.8
JavaScript
Mozilla Rhino
JBoss
JCE
JDBC
JEE
JMS
JNDI
JNI
JSON
JSP
Modula-2
Pascal
Perl
Prolog
RMI
Servlets
Shell
Smalltalk
Sun Application Server
Swing/AWT
Tcl/Tk
TeX, LaTeX
XML
XML-DSig
XML-Enc
XPath
Xt, Motif
yacc/lex
JavaCC, SableCC

Datenbanken

Access
DB2
Galera Cluster
H2
HeidiSQL
Hibernate
Informix
JDBC
JPA 2
JTDS
MariaDB
MS SQL Server
MySQL
MySQL
ODBC
Oracle
Oracle 11g
Oracle SQL Developer
PostgreSQL
SQL

Datenkommunikation

Apache Kafka
Apache Kafka
ATM
CORBA
Ethernet
HTTP
Internet, Intranet
ISDN
ISO/OSI
LAN, LAN Manager
Message Queuing
MQ Server
MQTT
REST
RPC
RS232
SMTP
SNMP
SOAP
swagger
TCP/IP
SSL, TLS
Webservice-Security
WSS4J, XWSS
Webservices
Websockets
Winsock
WSDL

Design / Entwicklung / Konstruktion

Architecture and Design

  • UML 2.0 (Enterprise Architect 12.1), Rational Rose (UML)
  • Microsoft Word, Microsoft Viso, Mirosoft Powerpoint
  • Altova XMLSpy, ERMaster

Integrated Development Environments & Tools
  • MS Visual Studio 2005/2008/2010/2012
  • Eclipse IDE, IntelliJ IDEA 13, MyEclipse, NetBeans, AnyJ

Version Control, Builder, Test

  • Apache Subversion, VisualSVN Server, TortoiseSVN, AnkhSVN, CVS, rcs, sccs
  • IBM Rational ClearCase, ClearQuest
  • Team Explorer Everywhere V14.114 (Team Foundation Server)
  • Mercurial 4.0, TortoiseHg 4.0, Git 2.15
  • Git, GitLab, Bitbucket
  • Apache Maven, Luntbuild, Jenkins, Liquibase
  • Apache Ant, make files, shell scripts
  • JUnit, JMock, TestNG, EclEmma, Sonar, EasyMock, Mockito
  • NUnit

GUI

  • Windows Forms (MVC Pattern)
  • Java Swing

Web-GUI

  • Apache Struts 2 Framework (Front Controller)
  • Java Server Pages (JSP), HTML
  • Java Applet, Apache Tapestry

Web-Services

  • SOAP 1.1, HTTP, WSDL, WS-I Basic Profile V1.1, WS-Policy V1.1
  • Glassfish WSIT (JAX-WS RI 2.1, XWSS 3.0)
  • Codehaus XFire Java Webservice
  • Apache WSS4J, Sun XWS-Security
  • RESTful, Swagger

Application Server

  • WildFly 11.0.0, JBoss EAP 6.4
  • Java Servlet 2.5/3.1.0
  • Apache Tomcat 6.0 (Windows Service 32/64-bit)/7.0/8.5.14
  • Oracle Weblogic Server 11g (Cluster)
  • Red Hat JBoss 4.2/AS 7
  • Sun Application Server 8.2, Apache Geronimo (OpenEJB)
  • Apache HTTP server 2.4, CGI, Perl
  • Apache Kafka

Library, Framework

  • Spring Boot V2.1.0, Spring V5.1.2 (Core, WebMVC, Test, Aspects), Spring Data JPA V2.1.2, Spring Framework 2.5.6
  • Spring DI/AOP/JDBC/Transaction/Batch/Security, Spring Remoting
  • Spring Kafka
  • IOPLEX Jespa für SSO, JCIFS 1.3, JAAS (NT Login Module)
  • Gson 2.8.5, Jackson
  • JAXB RI 2.1 (XML Schemata), JAXB/XJB 2.2.10, JDOM, JAXP, JMX, JNI
  • JAX-WS 2.2.10
  • Quartz Scheduler 2.2.1
  • Logback 1.2.3, Apache Log4J 1.2.15, Apache Commons, Sun Java Concurrency Utilities
  • JCE/JCA, IAIK-PKCS11, IAIK-JCE, IAIK-ECC, IAIK-XSECT, IAIK-PKCS#11 Wrapper, IAIK-PKCS#11 Provider
  • Bouncy Castle JCE/Crypto API, Bouncy Castle Mail, PDFBox
  • Apache XMLSec (XML-Enc, XML-DSig)
  • AspectJ (AOP), JProfiler
  • OpenJMS, OpenLDAP
  • ApacheFTP, EdtFTPj, Snacc4j
  • PPI Banking Kernel Multiuser V2.2 (HBCI)
  • XPath, SAX, DOM, XSLT
  • ASN.1 Compiler für C (asn1c)
  • BinaryNotes ASN.1 Framework (Java/C#)
  • P/Invoke (C#)
  • ActiveMQ (JMS), Apache Camel
  • WSO2 API Manager, WSO2 Identity Server

Hardware Security Module (HSM)

  • Thales nShield 500 F2/F3, Thales nShield Connect (12.10)
  • Utimaco CryptoServer Se50 PCIe/Simulator
  • IBM Cryptographic Coprocessor 4758 Model 002
  • SafeNet Luna, PKCS#11

Smartcard

  • G&D Smart Café Expert 5.0, G&D StarSign Management Suite V1.6,
  • G&D Customizer, G&D JLoad, G&D OffCard API 1.3, GemXplore 98 CASE
  • Sun smartcardio, CT-API, PC/SC, Open Card Framework (OCF)
  • Java Applet, RMI, A.E.T PKI Java Applet, Precise Biometrics
  • ePassport, eID, eSign, SIM, eGK0/1, ZKA Chipkarte (Geldkarte, HBCI), JavaCard, GlobalPlatform, Personalization

Miscellaneous

  • ASN.1, XML, JSON, SSL/TLS, OCSP
  • PrimeKey EJBCA CE 6.5.0.5, EJBCA EE 6.5.2
  • PrimeKey PKI Appliance 2.3/2.7
  • Wireshark, JIRA, Twiki, Clean Code

Branchen

Branchen

  • Government
  • Versicherungen (Krankenkassen)
  • Telekommunikation
  • Banken
  • IT-Security
  • SmartCards
  • Kreditkarten

Einsatzorte

Einsatzorte

München (+20km)
möglich

Projekte

Projekte

1 Jahr 1 Monat
2021-12 - 2022-12

RIS-Mobile

Senior Software Developer Java 8 SCRUM Hibernate ...
Senior Software Developer

Maintenance and further development of the Reisenden (Traveler) Information System (RIS) with the RIS-Communicator app as frontend and the clustered microservices in the cloud as RIS-Mobile backend.

IntelliJ IDEA 2022.2 Git GitLab Repository CI/CD Pipelines Gradle 7.4 Artifactory (JFrog)
Java 8 SCRUM Hibernate MariaDB Kubernetes Docker Microservices GitLab Spring Boot JSON JWT RESTful SOAP
DB Systel GmbH
München/Frankfurt
11 Monate
2021-01 - 2021-11

KMS.Cloud FOTA

Java Backend Developer Java 11 SCRUM Amazon Web Services (AWS) Cloud ...
Java Backend Developer

Design, implementation, test and documentation of X.509 Public Key
Infrastructure (PKI) and key management (KMS) microservices for
firmware over the air (FOTA) use cases. The microservices run on
Kubernetes clusters in the AWS Cloud.

IntelliJ IDEA Ultimate 2021
Java 11 SCRUM Amazon Web Services (AWS) Cloud Amazon EC2 Amazon RDS PostgreSQL Amazon S3 Buckets AWS CloudHSM Kubernetes Docker Microservices GitLab Spring Boot RESTful Hibernate RabbitMQ Keycloak
ESCRYPT GmbH
München/Bochum
6 Monate
2020-07 - 2020-12

Protect-for-Use Integration into ELSTER

Java Backend Developer Java 11 Kanban DDD ...
Java Backend Developer
  • Full-stack SOAP web-service implementation for the management of mobile tokens.
  • YAML-based generation and integration of a REST web-service client for invocations of the Protect-for-Use server.
JetBrains IntelliJ IDEA
Java 11 Kanban DDD SOAP RESTful Spring Hibernate Git JWT JSON YAML JCE/JCA nShield HSM
secunet Security Networks AG
München
1 Jahr 4 Monate
2019-01 - 2020-04

Business Plugin Manager

Java Software Developer
Java Software Developer

User shall be enabled to use smartphones for automotive related use cases, like car logistics, where mobile apps (iPhones, iPads) communicate bi-directionally via Internet with backend services in the intranet of a car manufacturer.

Description
Required is a proper communication infrastructure which supports data exchange and push notifications between mobile apps and backend services, i.e. gateway and routing functionality.
Backend services shall be easily added a la plug-and-play.
Furthermore, the users, the mobile apps, and the backend services have to be managed, i.e. registration, activation/deactivation, and removal.
That management will be done by administrators via a web-based Angular UI which communicates via a RESTful interface with the upcoming "Device Manager" component.
These administrators and the users get role-based access to Device Manager's functionality, which have to be managed too.
The plug-and-play of the backend services will be supported by Apache Kafka as message broker.

Tasks
Design and Implementation of the Device Manager as Spring Boot application with embedded Tomcat for the REST interface and a PostgreSQL database.
The Device Manager realizes the bi-directional asynchronous gateway with routing functionality and implements the management for mobile apps, backend services as well as for users and administrators available via secured REST.

Furthermore, it integrates a webservice to an external user directory for local user import and remote user authentication.
Additionally, a Java library "Mapper Broker" has to be designed and implemented which supports the plug-and-play of backend services and the exchange of management, data, and push notifications.

Finally, an Attribute Based Access Control (ABAC/XACML) has been integrated.

Results
The completely tested infrastructure with Device Manager, Mapper Broker, and a car logistic backend service runs on docker containers as reference installation for the product.

Programming Language
Java JDK 8

IDE

  • IntelliJ IDEA 2018
  • Eclipse JEE 2018-12-R


Software Management

  • Git for Windows 2.20, GitLab Community Edition 11.7
  • Apache Maven 3.6, Jenkins 2.150, SonarQube


Database
SQL Developer, H2, Oracle, PostgreSQL, JDBC

Platform
Windows 10

Tools

  • Atlassian JIRA 7.1, Atlassian Confluence 5.10
  • Axiomatics Policy Server ABAC/XACML


Technologies

  • Spring Boot 2.0.6, embedded Tomcat, logback
  • Spring MVC 5.0, Spring Data JPA, Spring Security 5.0
  • Spring RESTful services, JSON Web Token Authorization (jjwt 0.9), Jackson 2.9
  • Hibernate 5.2, Hibernate Envers
  • Zookeeper 2.0, Apache Kafka 2.11, Kafka Manager, Trifecta-UI 0.22, spring-kafka, spring-kafka-test
  • swagger, swagger-ui, springfox 2.8

Test

JUnit 4.12, Hamcrest, Mockito

Teamware GmbH
München
9 Monate
2019-05 - 2020-01

Secure Web Box

Java Software Developer
Java Software Developer

The Secure Web Box (SWB) provides a secure platform for asynchronous communication between mobile apps and backend services.

Description

The Secure Web Box is an intermediate server system between mobile apps and backend services. It is reachable via Internet with RESTful interfaces and provides a secure asynchronous communication platform with end-to-end security over networks with firewalls, proxies and load balancers. The SWB is operated as a cluster of docker containers managed by Kubernetes. To use this platform, the SWB clients, i.e. mobile apps (Android, iOS) and backend services (Spring Boot, IBM WebSphere AS), integrate SWB-Connectors.

Tasks

Specifications for the SWB platform and implementations in SWB-Server and SWB-Connector:

  • New features
    • Mobile app deletion message to backend
    • Mobile app infos for backend (REST extension)
    • sendSilentPushNotification (protocol header extension)
  • Extension for end-to-end communication:
    Application level protocol specification and implementation for request-response communication and StatusInfo messages
  • Proof of concept: Message exchange over WebSockets connections
  • Architectural extensions and implementations for new communication flows and signalling messages: Message signalling over MQTT via MQTT-Broker (Mosquitto) for SWB-Server and SWB-Connector, supporting TLS, forward and reverse proxies with authentication. Protocol stack: MQTT / WebSockets / HTTP / TLS / TCP/IP
  • New SWB-Connector variant for Server-to-Server communication.
  • Linux Docker containers in test environment: SWB-Server, Squid proxy with Basic Authentication, NGINX load balancer with TLS endpoint, Mosquitto, MQTT test driver and monitoring

Results

New releases of SWB-Server and SWB-Connector.

Programming Language

IBM Java 8, Oracle Java 8

IDE

IntelliJ IDEA 2019

Software Management

Git, Maven, Jenkins, SonarQube

Application Server

Spring Boot, IBM WebSphere

Database

MongoDB

Platform

Windows 10, Linux Docker

Tools

  • NoSQLBooster for MongoDB
  • MQTT Paho/Hive Test Clients, MQTT.fx
  • Tcp Trace, TunnelliJ
  • Atlassian Confluence (with Gliffy UML Diagrams)
  • Atlassian JIRA 7.1, Atlassian Confluence 5.10

Technologies

  • Spring 5, Spring Boot 2
  • Spring Integration, Spring Messaging, Spring MQTT, Spring WebSockets
  • Spring Security, Spring Data MongoDB
  • REST, Javax.ws.rs(-api), swagger, swagger-codegen (jersey client)
  • JWT, com.google.guava
  • MessagePack 0.8.16 (Java), JSON
  • Forward Proxy (Squid), Load Balancer/Reverse Proxy (NGINX)
  • Docker, Dockerfile
  • Eclipse Paho MQTT Client, HiveMQ MQTT Client, Mosquitto MQTT Broker, MQTT.fx
  • TLS PKI
  • WebSockets: Glassfish Tyrus

Test

JUnit, Hamcrest, Mockito, org.awaitility

Teamware GmbH
München
5 Monate
2019-08 - 2019-12

SGL Order Tracking System

Java Software Developer, Architect
Java Software Developer, Architect

Order tracking by mobile app and backend system.

Description

Implementation of backend system (Spring Boot) with interfaces to mobile apps (Android), RESTful management GUI (Angular2, webjar), and third-party system for order event notifications.

Order events are StatusUpdates (created, started, stopped, arrived, delivered), LocationUpdates (geo-coordinates), ErrorIndications, DamageReports. The backend system manages mobile apps, orders, administrators.

Tasks

  • Architecture (Apps, Server, UI, interfaces)
  • Protocol-Specification between mobile Apps and Server
  • SW- and DB-Design
  • Server Implementation
  • Linux Docker containers in test environment.

Results

Released and publicly available order tracking server for pilot phase.

Programming Language

Java JDK 8

IDE

IntelliJ IDEA 2019

Software Management

Git, Maven, Jenkins

Application Server

Spring Boot (embedded Tomcat)

Database

PostgreSQL 11, JDBC, SQL Developer, HeidiSQL

Platform

Windows 10, Docker (Linux)

Tools

JIRA, Confluence (Wiki)

Atlassian Confluence (with Gliffy UML Diagrams)

Technologies

  • Spring 5, Spring Boot 2
  • Spring Security, Spring Data JPA
  • Hibernate, Hibernate Envers
  • REST, swagger, TLS, JSON, JWT
  • Docker, Dockerfile

Test

JUnit, Mockito

Teamware GmbH
München
2 Monate
2019-07 - 2019-08

EVxBM - CoRE-Anbindung

Java Software Developer
Java Software Developer

Rich clients (RCP) communicate over SOAP with application servers which in turn communicate with backend services by exchange of XML documents either via SOAP or via message queues.

Description

For development and tests a MQ server providing message queues and a mock backend service simulating the CoRE service are required.

Tasks

  • Setup of a MQ Server (IBM MQ 9.1) providing request and reply queues.
  • Implementation of a CoRE-Mock simulating the CoRE backend service with receiving messages (XML documents) from a request queue and sending answers (XML documents) to a reply queue.
  • Extension of the existing application by EJBs (IBM WebSphere 9.0) to communicate via JMS and MQ Server with the CoRE (Mock) backend service.
  • Setup of TLS based communication with client/server authentication between MQ Server and its clients, i.e. WebSphere and CoRE.

Results

Deployment of IBM MQ server in development and production environments. Depoyment of CoRE-Mock in development environment.

Programming Language

Oracle Java JDK 8, IBM Java JDK 8

IDE

  • Eclipse IDE (Java EE) for application server (EJBs)
  • IntelliiJ IDEA for CoRE Mock

Software Management

GIT, Maven

Application Server

IBM WebSphere Application Server 9 (JEE 7, EJB 3.2, JMS 2.0)

IBM MQ 9.1

Platform

Windows 10, CentOS, Linux

Tools

IBM WebSphere (Web) Console, IBM MQ Explorer, IBM MQ (Web) Console, MobaXterm

Technologies

  • Spring Boot, Spring JMS, JMS API 2.0
  • EJB 3.2, JSSE, TLS
  • XML, JAXB, SAX
  • IBM JMS Provider

Teamware GmbH
München
4 Monate
2018-08 - 2018-11

Software Infrastructure Prototype

Java Developer
Java Developer

Feasibility and evaluation of a complete Spring based EAC Software. Same control and data flows as with “VD EAC-CM V2”. Re-design and re-implementation of the software infrastructure realizing business cases and operational flows required by a distributed EAC PKI system (but implemented with mocked cryptography functionality). Support of RESTful services.

Programming Language:

  • Oracle Java 8/10 JDK

IDE:

  • Eclipse IDE Neon/2018-09
  • JUnit V4, TestNG

Software Management:

  • Apache Maven V3.5.2, Git V2.17

Application Server

  • Apache Tomcat V8.5
  • Spring Boot Embedded

Database:

  • MariaDB V10.2, SQL Developer

Platform:

  • Windows

Technologies:

  • Spring Boot V2.1.0, Spring V5.1.8 (Core, WebMVC, Test)
  • Spring Data JPA V2, RestTemplate
  • Logback V1.2.3
  • Hibernate V5.3.7 Final, JPA V2.2
  • MariaDB Java Client (JDBC) V2.2.6
  • Gson V2.8.5, Jackson V2.9

Company in Munich, Germany
1 Jahr 5 Monate
2017-03 - 2018-07

VD EAC-CM V2

Full stack Java Developer, Architect
Full stack Java Developer, Architect

Support of an “ePass/eID PKI Appliance”.

Partly re-design, refactoring and updates of the existing Java software “VD EAC-CM”. The new version 2 realizes EAC PKI entities and web-services compliant to BSI TR-03110 V1.11/V2.0 and BSI TR-03129 respectively. It supports several databases (JDBC) and HSMs (PKCS#11) and can be installed standalone on Windows or Linux and is prepared to be integrated into a PKI Appliance.

 

Software has two technical applications:

  • Command Line Interface (CLI), and
  • Web-application with Web-GUI, Healthcheck, and Webservices (CAWS and TAWS)

 

Updates:

  • Java 8 (language and RTE), JAX-WS, Apache Tomcat, Repositories

 

Extension of the Java software “VD EAC-CM V2” with new features, like

  • Access Control, User Management, Session Control
  • TLS based web interfaces with client/server authentication
  • Syslog, encrypted credential management
  • CVCA cross-certifications, self-signed link certificates
  • Integrable into PKI Appliance

 

Results:

  • Standalone implementations on Windows and Linux
  • Integrated into the ePass/eID PKI Appliance

 

Programming Language:

  • Oracle Java 8 JDK
  • Windows batch scripts, Linux bash scripts

 

IDE:

  • Eclipse IDE, Release 4.6.1 Neon (XML, Web, JavaEE, …)
  • Junit 4.12
  • m2e plug-in 1.7.0
  • TestNG plug-in 6.10.0
  • MercurialEclipse plug-in 2.2.0  

 

Software Management:

  • Team Explorer Everywhere 14.114 (Team Foundation Server)
  • Mercurial 4.0, TortoiseHg 4.0
  • Apache Maven 3.3.9 (repositories, code generations for XML schemas and WSDLs)

 

Application Server:

Apache Tomcat 8.5.14, Servlet Spec V3.1

 

Database:

  • MariaDB 10.2.11
  • MS SQL Server

 

Platform:

  • Windows Server 2016 64-bit
  • Ubuntu 16.04.2 LTS Server AMD 64-bit (Linux) (OpenJDK)
  • Thales nShield Connect (12.10)
  • Utimaco HSM Simulator

 

Tools:

Oracle SQL Developer 4.1, HeidiSQL 9.4.0, ERMaster

 

Technologies:

  • Secunet CVC-CA V4.0
  • IAIK (ECC V2.17, JCE V3.16, PKCS#11 Wrapper V1.2.17, PKCS#11 Provider V1.2.5)
  • Hibernate V5.3.2 Final
  • JPA V2.2
  • MariaDB Java Client (JDBC) V2.0.3
  • JTDS (MS SQL Server protocol) V1.3.1
  • c3p0 (JDBC connection pool) V0.9.5.2
  • Quartz Scheduler V2.2.1
  • Log4J V1.2.15
  • Apache Commons
  • SecretStore V2.0
  • JAX-WS V2.2.10
  • JAXB/XJB V2.2.10
  • Struts2 V2.1.6
  • Spring V2.5.6
Company in Munich, Germany
4 Monate
2017-12 - 2018-03

Governmental mDL/TLS PKI

Specification and implementation of a governmental mDL/TLS PKI supporting mobile driver licenses and governmental portals.

 

Results:

One offline Root CA, two internal online issuing sub CAs, two external available OCSP responders.

  • Productive system with PKI Appliance.
  • Reference system has been set-up with
  • Windows Server 2016 VM (HyperVisor)
    • Java JDK 8
    • WildFly 11.0.0
    • EJBCA 6.5.0.5
    • MariaDB 10.2.11,HeidiSQL 9.4.0
    • THALES nShield Connect (12.10)
Country in south-eastern Europe
7 Monate
2017-03 - 2017-09

VD COS-EACCM

Architect, Developer
Architect, Developer

Realization of an “ePass/eID PKI Appliance” supporting governmental PKIs, e.g. for ePass/eID passive and terminal authentication or for citizen authentication/identification, according to ICAO, BSI, ETSI and RFC (IETF) standards.

Creation of a virtual machine “VD COS-EACCM” (Linux) and its integration into PKI Appliance. That virtual machine has an installed and running “VD EAC-CM V2” software.

 

Integration topics

  • Technical VM integration (SFP with KVM and additives)
  • Internal networks
  • Internal communication via SSH
  • Date and time synchronization
  • Database access (VDB)
  • HSM access (VHSM)
  • External communication via gateway (VGW)
  • Syslog support
  • Appliance Lifecycle support (backup, restore, clean-up with factory reset)

 

Results

“ePass/eID PKI Appliance” providing EAC functionality with web-GUI and web-services compliant to BSI specifications.

 

Architecture/Design    

UML 2 (Enterprise Architect V12.1), MS Visio

 

Programming Language

Linux bash scripts

 

Software Management

Team Foundation Server

 

Database

MariaDB

 

Platform

PrimeKey PKI Appliance V2.5.0 with

  • Hardened Linux (SFP – “Secure Foundation Platform”) as host system (KVM – Kernel-based Virtual Machine)
  • Virtual Gateway (VGW), VM with Apache HTTP Server 2.4 (Reverse Proxy)
  • Virtual Administration (VADM), VM for web-based administration
  • Virtual Database (VDB), VM with MariaDB server and Galera Cluster
  • Virtual Hardware Security Module (VHSM), provides PKCS#11 based access to “Utimaco CryptoServer Se50 PCIe” (FIPS 140-2 Level 3 certified)

 

External Test Environment

Oracle VM VirtualBox, Apache HTTP Proxy, Syslog Server, MariaDB Server, Utimaco HSM Simulator

 

Tools

mysql

 

Technologies

  • Ubuntu 16.04.2 LTS Server AMD 64-bit
  • GRUB boot loader
  • OpenSSH Server
  • OpenJDK 8 JDK/JRE (headless) AMD 64-bit
  • Apache Tomcat 8.5.14
  • MariaDB client 10.0
  • NTP Server
Company in Munich, Germany
3 Monate
2016-12 - 2017-02

National Identity Service

Java Developer, Architect
Java Developer, Architect

Integration of a National Identity Web-Service into publicly available PKI Appliance and comprehensive tests with web-portal and citizen client systems.

 

Results;

Readyness to be integrated into four externally available OCSP responders (PKI Appliances) distributed over two sites providing that national identity web-service.

4 Monate
2016-09 - 2016-12

ICAO PKI

Specification and implementation of an ePassport PKI with CSCA and DS, compliant to ICAO Doc9303-12, 7th Edition 2015.

 

Results:

  • Productive system with PKI Appliance.
  • Reference system has been set-up with Windows Server 2012 R2, Java 8, JBoss EAP 6.4, EJBCA EE 6.5.2, Apache ANT 1.9.7, Utimaco HSM Simulator, Microsoft SQL Server.
3 Monate
2016-05 - 2016-07

Participation in the design of a system architecture for a national ID card

Participation in the design of a system architecture for a national ID card based on JavaCard comprising following card applications:

  • PKI based authentication and signature
  • One-Time-Password (OTP)
  • Match-on-card fingerprint

 

The Card and Application Management System (CAMS) supports

  • Enrolment with biometric identity verification
  • Personalization and issuance
  • Post-issuance personalization for card application updates
  • Block, unblock, and termination

 

Beside a PKI with Issuing CA, OCSP responder, and CRL provider, a Signing Server and a Time Stamping Authority (TSA) is provided. The web services are accessible via API managers and located via a service registry. The enrolment, verification, and personalization is performed decentralized whereas the CAMS and PKI with services operate centralized and distributed over two data centers in high availability configuration and disaster recovery ability.

End customer is island country in south Asia.

10 Monate
2015-08 - 2016-05

Governmental PKI design

Governmental PKI design and system architecture for the management (issuance, post-issuance, status changes) of national ID cards with authentication certificates. Furthermore, it issues also service provider certificates and provides an identity web service for the identification of citizens for authorized provider systems. Setup of two high availability clusters spread over two sites for disaster recovery. Installation, tests, and trainings on-site.

4 Monate
2015-09 - 2015-12

Identity Service

Java Developer
Java Developer

Design and implementation of a governmental identity web-service which provides identity attributes of an individual citizen to authorized service providers. Citizens are identified by pseudonyms. Service providers can be assigned to different attribute classes. The identity attributes and the class definitions are hold in a national database.

 

Results:

Implemented, tested and accepted by first end customer (country in North-Africa).

 

Development Process:

Waterfall

 

Team Size:

2

 

Architecture/Design    

Microsoft Visio 2010, Microsoft Word 2010

 

Programming Language

Java/JEE 1.7 (OpenJDK 64bit)

 

IDE

Eclipse Kepler 64bit, TFS Plug-in for Eclipse  

 

Software Management

Team Foundation Server, Apache Maven 3.3

 

Application Server

JBoss AS V7

 

Database

Oracle 11g R2, Oracle JDBC thin driver

 

Platform

Windows 7, Ubuntu V12 as virtual machine on PKI Appliance V2.3

 

Test

Web application on IIS as test provider system calling the identity web-service.

 

Tools

Oracle SQL Developer

 

Technologies

JAX-WS, JNDI

4 Monate
2015-06 - 2015-09

System and software architecture for a governmental ID card system

System and software architecture for a governmental ID card system supporting application, issuance, renewal, and revocation of ID cards as well as its usage for online authentication, online signing and decryption even with smartphones.

2 Monate
2015-02 - 2015-03

eIDAS (STORK) - Analyses and Evaluations

Analysis and evaluation of the requirements and the architecture of a national system for identification, authentication, and signature (IAS) based on European regulations (eIDAS), implementing acts, STORK, eIDAS Token and further standards (ETSI).

2 Monate
2014-12 - 2015-01

Java PACE library

Design and implementation of a PACE Java library which supports a secure access to local or remote ID cards.

4 Monate
2014-08 - 2014-11

eID PKI Optimization

Linux OpenJDK HyperV ...

Optimizations of an existing PKI and infrastructure for issuing and using of ID cards

  • Problem analyses and measurements

 

Results:

Certificate issuance perfomance increased by storage enlargement. Latency reduction during distributed identification use case by card middleware bugfix.

Linux OpenJDK HyperV Virtual Box VMware JBoss Card Middleware EJBCA Wireshark
2 Monate
2014-09 - 2014-10

File encryption C library

Design and implementation of a file encryption/decryption C library based on PKI tokens

1 Jahr 6 Monate
2013-02 - 2014-07

Consumer Cards Platform

Full stack Java Developer
Full stack Java Developer

Beschreibung:

Weiterentwicklung der Consumer Cards Platform (CCP)

Die für Endkunden über Internet (Web und REST) hoch-verfügbare und mandantenfähige Kreditkarten-Plattform verwaltet Endkunden mit ihren Konten und Kreditkarten. Die Kreditkarten können sein:

  • Reguläre Kreditkarte (Plastikkarte mit CVC)
  • Virtuelle Kreditkarte (nur Kartennummer mit CVC)
  • Mobile Karte (im Secure Element des Smartphones oder der SIM)

 

Die Plattform realisiert Sign-Up Prozesse (Kundenregistrierung and Kartenaktivierung) und unterstützt monetäre Transaktionen auf den Konten wie

  • Bezahlen mit den Kreditkarten
  • Kontoaufladen über:
    • iDEAL
    • Sofortüberweisung
    • Direktüberweisung
    • Kreditkarte
    • Lastschrift (Überziehung)
    • Gutschein
    • Überweisung
    • P2P
  • Geldsenden über:
    • Überweisung
    • P2P

 

Die Plattform bietet Anwendungsschnittstellen:

  • Web-GUI für Kunden
  • Web-GUI für Callcenter
  • RESTful Webservices für mobile Applikationen („Apps“)

 

Die Plattform stützt sich auf Schnittstellen zu externen Systemen:

  • Banken (Sammelkonten und Transaktionen mit anderen Banken)
  • Kreditkarten-Prozessoren (Autorisierungen und Clearings)
  • Mobile Network Operator (Mobile Kreditkarten in Secure Elements)
  • SMS-Center, eMail-Server (Kundenkommunikation)

 

Aufgaben:

Weiter- und Neuentwicklungen (Scrum) von

  • Anwendungen
    • Web-UI, Callcenter-UI
    • Batch Jobs
  • Externen Plattformschnittstellen
    • Bereitstellung von RESTful-Services für mobile Anwendungen (“Apps”)
    • Nutzung von RESTful-Services zur Anbindung der Kreditkartenprozessoren und der Mobile Network Operators
  • Internen Schichten
    • Business und Support Services zur Verwaltung von Kunden, Konten und Karten, als auch zur Durchführung der monetären Transaktionen
    • DAO Schicht mit ORM (Hibernate Mappings) und SQL-Skripten (DDL, DML) für die Datenbank
  • Ereignisbasierte asynchrone Kommunikation (Enterprise Integration Pattern)
    • Events/Messages über Apache Camel
    • Event Hub basierend auf JMS (ActiveMQ)
  • Verschlüsselung von Datenbank-Tabellen mit versionierten Schlüsselsätzen
    • Kreditkartennummer, Activation Code, PIN, Password
  • Maintenance (Kanban) der Produktivversion durch Fehleranalysen und Hotfixes.

 

Teamgröße:

9 MA (6 internationale Teams)

 

Entwicklungsprozeß:

Scrum, Kanban (Sprints, User Stories, Planning & Estimation, Specification, Development, Code Review, Refactoring, Business Review, Unit Tests, Integration Tests, Documentation, Demonstration, Retrospective)

 

Sprachen:

Java 1.6/1.7

 

IDE:

Eclipse Java EE IDE, IntelliJ IDEA 13.0

 

Softwareverwaltung:

Apache Subversion, Mercurial, Apache Maven 3.0, TortoiseSVN, TortoiseHg, Jenkins, Liquibase

 

Application Server:

Apache Tomcat 7.0, Oracle WebLogic Server 11g (Cluster)

 

Datenbank:

Oracle 11g, Oracle SQL Developer, Hibernate, JDBC

 

Plattform:

Windows 7 Enterprise 64-bit, Linux 2.6 (x86_64 )

 

Test:

EclEmma, Sonar, JUnit, TestNG, EasyMock, Mockito

 

Tools:

Atlassian JIRA, Atlassian FishEye, Atlassian Crucible, TWiki, Microsoft Powerpoint, PuTTY, WinSCP, Clean Code

Technologien:

Spring (DI, AOP, JDBC, Transaction, Batch),Apache Camel, JMS (ActiveMQ)

 

Ergebnisse:

Alle 3 Wochen wurde ein neues Software-Release in der Produktionsumgebung live-geschaltet.

Wirecard Technologies GmbH

Aus- und Weiterbildung

Aus- und Weiterbildung

1 Monat
2016-06 - 2016-06

Fortbildung

Certified Professional for Software Architecture ? Foundation Level, iSAQB, München
Certified Professional for Software Architecture ? Foundation Level
iSAQB, München
1 Monat
2016-03 - 2016-03

Fortbildung

Information Security Management Systeme (ISO 2700x), KESS, München
Information Security Management Systeme (ISO 2700x)
KESS, München

Position

Position

Senior Java Software Engineer

Kompetenzen

Kompetenzen

Top-Skills

Spring Boot Webservices PKI Spring Backend Microservices Docker Kubernetes AWS Cloud MQTT Websockets REST SOAP TLS Cryptography HSM Hibernate PostgreSQL

Produkte / Standards / Erfahrungen / Methoden

DDD
Git
JCE/JCA
JetBrains IntelliJ IDEA
JWT
Kanban
nShield HSM
RESTful
Spring

Online Authentication and Identification Systems (Internet)

  • Nationales eID System (eIAS) ? Webportale, Sichere eMails, Dokumentensignaturen
  • ePA Internet Pilot (Banken)? Registrierung, Anmeldung und Transaktionen mittels Chipkarten

 

Public Key Infrastructure (PKI)

  • Certificate (CA), Registration (RA) und Validation Authorities (VA), OCSP, CRL, Certificate Policies
  • X.509 PKIs for travel documents (ICAO), ID cards, Internet (TLS, ETSI, Extended Validation, Digital Signatures)
  • Card Verifiable Certificate (CVC) PKIs (BSI EAC1/2)

Card and Application Management Systems (CAMS)

  • Life Cycle Management von Chipkarten, Post-Issuance Personalization, Global Platform
  • CAMS eGK und JavaCard

 

Mediation Systems (Telekommunikation, GSM, UMTS)

  • Operative Netzknoten (ON) ? Managementsysteme (BSS, OSS)
  • Billing Mediation (Usage Data Collection, Indosat, Celcom)
  • Provisioning (SIM, Subscriber, HLR/AUC)

 

Secure Mobile Banking and Payment Systems (Banken, Telekommunikation)

  • Mobile - Gateway - Providersystem - Bankhost (D2, O2, Dt. Bank, SSKM, SIZ)
  • Kontostand, Überweisung, Umsätze, Aktienkauf
  • Payment, Kreditkartentransaktionen (Indien, Euronet)

 

Netz-, System- und Anwendungs-Management in heterogenen Netzen

  • Management von Rechner-Clustern (PCs) und Großrechnern
  • Master- & Sub-Agenten für Managed Objects in MIB, Management-GUIs

 

Datenkommunikation, Kommunikationssysteme und Protokolle

  • Webservices (SOAP, WSDL), Webservice-Security (XWSS, WSS4J)
  • Internet (TCP/IP, SOAP, FTP, HTTP, SSL, SNMP)
  • Home Banking Computer Interface (HBCI) Standard
  • Secure Mobile Banking Protocol (SMBP), Smart Messaging (Narrowband Sockets), WAP Spezifikationen (WDP, WTLS, WIM)
  • GSM und SMSC Spezifikationen (SMS, SMSC, SAT, GPRS, SMPP, EMI)
  • Wireless LAN  (IEEE 802.11), Optische Nachrichtenübertragungstechnik

 

Public Key Infrastrukturen (PKI)

  • Certificate (CA), Registration (RA) und Validation Authorities (VA)
  • Certificate Policies (ETSI, Extended Validation, Digital Signatures)
  • X.509 PKIs für Reisepässe, ID-Karten und Webportale
  • Card Verifiable Certificate (CVC) PKIs (EAC1/2, EAP) für Chipkarten

 

Key Management und Kryptographie

  • Symmetrische und asymmetrische Kryptosysteme (TDES, IDEA, AES, RSA, ECDSA, ECDH, CMAC, HMAC Hash, Random, Comp128), GSS-API, PKCS#11
  • Hardware Security Modules (IBM 4758, Thales nShield, Chipkarten)

 

Prozessor-Chipkarten

  • Reisepässe (ePassport), ID-Karten (eID), Signaturkarten (eSign), SIM
  • Gesundheitskarten (eGK0, eGK1)
  • ZKA-Chipkarte (GeldKarte, HBCI, VAS-Container, Space-Manager)
  • JavaCard und Global Platform, Personalisierung

 

Projektaufgaben

Consultant, Präsentationen, Workshops (Deutschland, Indien, Mazedonien)

  • ID-Kartensysteme, PKIs
  • Sicherheit, Bankintegration, Key-Management, SIM-Personalisierung
  • Sales-Support, Mobile Banking Systeme, Billing Mediation

 

System- und Software-Architekt (PKI, Key Management, Mobile Banking, Billing Mediation)

  • Anforderungsanalysen, Funktionale Spezifikationen
  • System- und Komponentendesign, Schnittstellendefinitionen

 

Projektleitung / permanente Stellvertretung (4-10 Mitarbeiter)

  • Projektmanagement, Projektpläne, Systembeschreibungen
  • Entwicklungs- und Produktionsprozesse

 

Software-Entwickler

  • Softwaredesign von Komponenten, Moduln und Programmen
  • Spezifikationen: Protokolle, Client- und Serversysteme, Kryptographie  
  • Komponenten-, Modul- und Programmentwicklungen
  • Java/JEE, C#/.NET, C/C++
  • Windows und UNIX Systeme

Betriebssysteme

AIX
BS2000
CP/M
Docker
Hyper-V
KVM
KVM
Linux
MS-DOS
POSIX
SINIX
TOS
Ubuntu
Unix
VirtualBox
VMware
Windows 10
Windows Server
XENIX

Programmiersprachen

Apache
Geronimo, HTTP Server, Tomcat
Applets
ASN.1
BER, DER, Snacc4J, BinaryNotes
Assembler
R3000, 68000, 6809, 80286, Z80
Basic
C
C#
.NET Framework, Windows Forms, P/Invoke
C++
dBase
DOM/SAX
EJB
ESQL/C
Forth
HTML
Imake, GNU-Make, Make-Maker etc...
Java 1.8
JavaScript
Mozilla Rhino
JBoss
JCE
JDBC
JEE
JMS
JNDI
JNI
JSON
JSP
Modula-2
Pascal
Perl
Prolog
RMI
Servlets
Shell
Smalltalk
Sun Application Server
Swing/AWT
Tcl/Tk
TeX, LaTeX
XML
XML-DSig
XML-Enc
XPath
Xt, Motif
yacc/lex
JavaCC, SableCC

Datenbanken

Access
DB2
Galera Cluster
H2
HeidiSQL
Hibernate
Informix
JDBC
JPA 2
JTDS
MariaDB
MS SQL Server
MySQL
MySQL
ODBC
Oracle
Oracle 11g
Oracle SQL Developer
PostgreSQL
SQL

Datenkommunikation

Apache Kafka
Apache Kafka
ATM
CORBA
Ethernet
HTTP
Internet, Intranet
ISDN
ISO/OSI
LAN, LAN Manager
Message Queuing
MQ Server
MQTT
REST
RPC
RS232
SMTP
SNMP
SOAP
swagger
TCP/IP
SSL, TLS
Webservice-Security
WSS4J, XWSS
Webservices
Websockets
Winsock
WSDL

Design / Entwicklung / Konstruktion

Architecture and Design

  • UML 2.0 (Enterprise Architect 12.1), Rational Rose (UML)
  • Microsoft Word, Microsoft Viso, Mirosoft Powerpoint
  • Altova XMLSpy, ERMaster

Integrated Development Environments & Tools
  • MS Visual Studio 2005/2008/2010/2012
  • Eclipse IDE, IntelliJ IDEA 13, MyEclipse, NetBeans, AnyJ

Version Control, Builder, Test

  • Apache Subversion, VisualSVN Server, TortoiseSVN, AnkhSVN, CVS, rcs, sccs
  • IBM Rational ClearCase, ClearQuest
  • Team Explorer Everywhere V14.114 (Team Foundation Server)
  • Mercurial 4.0, TortoiseHg 4.0, Git 2.15
  • Git, GitLab, Bitbucket
  • Apache Maven, Luntbuild, Jenkins, Liquibase
  • Apache Ant, make files, shell scripts
  • JUnit, JMock, TestNG, EclEmma, Sonar, EasyMock, Mockito
  • NUnit

GUI

  • Windows Forms (MVC Pattern)
  • Java Swing

Web-GUI

  • Apache Struts 2 Framework (Front Controller)
  • Java Server Pages (JSP), HTML
  • Java Applet, Apache Tapestry

Web-Services

  • SOAP 1.1, HTTP, WSDL, WS-I Basic Profile V1.1, WS-Policy V1.1
  • Glassfish WSIT (JAX-WS RI 2.1, XWSS 3.0)
  • Codehaus XFire Java Webservice
  • Apache WSS4J, Sun XWS-Security
  • RESTful, Swagger

Application Server

  • WildFly 11.0.0, JBoss EAP 6.4
  • Java Servlet 2.5/3.1.0
  • Apache Tomcat 6.0 (Windows Service 32/64-bit)/7.0/8.5.14
  • Oracle Weblogic Server 11g (Cluster)
  • Red Hat JBoss 4.2/AS 7
  • Sun Application Server 8.2, Apache Geronimo (OpenEJB)
  • Apache HTTP server 2.4, CGI, Perl
  • Apache Kafka

Library, Framework

  • Spring Boot V2.1.0, Spring V5.1.2 (Core, WebMVC, Test, Aspects), Spring Data JPA V2.1.2, Spring Framework 2.5.6
  • Spring DI/AOP/JDBC/Transaction/Batch/Security, Spring Remoting
  • Spring Kafka
  • IOPLEX Jespa für SSO, JCIFS 1.3, JAAS (NT Login Module)
  • Gson 2.8.5, Jackson
  • JAXB RI 2.1 (XML Schemata), JAXB/XJB 2.2.10, JDOM, JAXP, JMX, JNI
  • JAX-WS 2.2.10
  • Quartz Scheduler 2.2.1
  • Logback 1.2.3, Apache Log4J 1.2.15, Apache Commons, Sun Java Concurrency Utilities
  • JCE/JCA, IAIK-PKCS11, IAIK-JCE, IAIK-ECC, IAIK-XSECT, IAIK-PKCS#11 Wrapper, IAIK-PKCS#11 Provider
  • Bouncy Castle JCE/Crypto API, Bouncy Castle Mail, PDFBox
  • Apache XMLSec (XML-Enc, XML-DSig)
  • AspectJ (AOP), JProfiler
  • OpenJMS, OpenLDAP
  • ApacheFTP, EdtFTPj, Snacc4j
  • PPI Banking Kernel Multiuser V2.2 (HBCI)
  • XPath, SAX, DOM, XSLT
  • ASN.1 Compiler für C (asn1c)
  • BinaryNotes ASN.1 Framework (Java/C#)
  • P/Invoke (C#)
  • ActiveMQ (JMS), Apache Camel
  • WSO2 API Manager, WSO2 Identity Server

Hardware Security Module (HSM)

  • Thales nShield 500 F2/F3, Thales nShield Connect (12.10)
  • Utimaco CryptoServer Se50 PCIe/Simulator
  • IBM Cryptographic Coprocessor 4758 Model 002
  • SafeNet Luna, PKCS#11

Smartcard

  • G&D Smart Café Expert 5.0, G&D StarSign Management Suite V1.6,
  • G&D Customizer, G&D JLoad, G&D OffCard API 1.3, GemXplore 98 CASE
  • Sun smartcardio, CT-API, PC/SC, Open Card Framework (OCF)
  • Java Applet, RMI, A.E.T PKI Java Applet, Precise Biometrics
  • ePassport, eID, eSign, SIM, eGK0/1, ZKA Chipkarte (Geldkarte, HBCI), JavaCard, GlobalPlatform, Personalization

Miscellaneous

  • ASN.1, XML, JSON, SSL/TLS, OCSP
  • PrimeKey EJBCA CE 6.5.0.5, EJBCA EE 6.5.2
  • PrimeKey PKI Appliance 2.3/2.7
  • Wireshark, JIRA, Twiki, Clean Code

Branchen

Branchen

  • Government
  • Versicherungen (Krankenkassen)
  • Telekommunikation
  • Banken
  • IT-Security
  • SmartCards
  • Kreditkarten

Vertrauen Sie auf Randstad

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.