Descriptions and links to various presentations from Kevin Hakanson.


Kevin Hakanson (@hakanson) is an experienced Software Architect focused on highly scalable web applications, especially the JavaScript and security aspects. His background includes both .NET and Java, but he is most nostalgic about Lotus Notes. He has been developing professionally since 1994 and holds a Master’s degree in Software Engineering. When not staring at a computer screen, he is probably staring at another screen, either watching TV or playing video games with his family.

Who’s in your Cloud? Cloud State Monitoring

When it comes to cloud operations, monitoring security and visibility are critical. Integration by other systems via Cloud APIs is one of the most powerful value drivers of the hyperscale cloud providers.

In this session, we will describe Cloud State Monitoring, including why it is important and who needs awareness in your organization. An explanation of the categories of Cloud APIs (including the management plane, control plane, and data plane) will give us background. Specific use cases across AWS, Azure, and GCP will dive deep into various changes you might not have considered monitoring.

  • MN ISSA and CSA MN Joint Chapter Meeting (15 December 2020) ( presentation, video )

Adopting Multi-Cloud Services with Confidence

In transitioning to multi-cloud, IT organizations have the same responsibility to provide quality service and operational security, yet have a much greater need to understand how to efficiently govern and manage these disparate cloud services.

In this session, we will examine some key patterns and models taken from a Cloud Adoption Framework through a multi-cloud lens. The presentation will include a mixture of high-level guidance, examples where vocabulary and terminology differ, and opinions on when to utilize cloud-agnostic vs cloud-native technologies for strategic decisions. Attendees will leave with a better understanding of how to implement a Cloud Adoption Framework across multiple clouds and a higher level of confidence in their multi-cloud adoption plans.

Aumentum Cloud Strategy: Public Cloud vs. Government Cloud

As Aumentum transitions to a cloud hosted SaaS product, the conversation about “public cloud” vs. “government cloud” is of interest to customers. This session will review some cloud computing definitions, discuss what is commonly referred to as “government cloud,” and provide a preview of the Aumentum cloud strategy.

  • Thomson Reuters Synergy 2019 (23-26 September 2019) ( presentation )

Introduction to Speech Interfaces for Web Applications

Speaking with your computing device is becoming commonplace. Most of us have used Apple’s Siri, Google Now, Microsoft’s Cortana, or Amazon’s Alexa - but how can you speak with your web application? The Web Speech API can enable a voice interface by adding both Speech Synthesis (Text to Speech) and Speech Recognition (Speech to Text) functionality.

This session will introduce the core concepts of Speech Synthesis and Speech Recognition. We will evaluate the current browser support and review alternative options. See the JavaScript code and UX design considerations required to add a speech interface to your web application. Come hear if it’s as easy as it sounds?

  • Twin Cities Code Camp 20 (16 April 2016)
  • MinneBar 11 (23 April 2016)
  • Midwest JS (10-12 August 2016) ( presentation )
  • Thomson Reuters Beyond the Edge - Ann Arbor (12 September 2016)

Learning to Mod Minecraft: A Father/Daughter Retrospective

What do Minecraft and Blockly have in common? Minecraft is a popular, open world video game where players can build structures using digital blocks. Blockly is a open source visual programming language where students can build programs using blocks. LearnToMod combined these together to teach students how to modify Minecraft using either the Blockly visual editor or JavaScript.

This session will be the retrospective of an enthusiastic father teaching his hesitant daughter (who loves Minecraft) about programming. We started with Hour of Code and pair-programmed through LearnToMod’s video lessons. What did we create? How did we like it? What would we recommend to others? Come learn about our experience and ask questions.

ng-owasp: OWASP Top 10 for AngularJS Applications

The OWASP Top 10 provides a list of the 10 most critical web application security risks. How do these relate to AngularJS applications? What security vulnerabilities should developers be aware of beyond XSS and CSRF?

This session will review the OWASP Top 10 with a front-end development focus on HTML and JavaScript. It will look at patterns to implement and others to consider avoiding. We will also explore several built-in features of AngularJS that help secure your application.

  • Thomson Reuters Beyond the Edge - Ann Arbor (17 September 2014)
  • AngularMN Monthly Meetup (4 March 2015) ( presentation, video )
  • Twin Cities Code Camp 18 (25 April 2015)
  • NDC Oslo (17-19 June 2015) ( presentation, video )
  • That Conference (10-12 August 2015) ( presentation )
  • DevFestMN 2016 (6 February 2016)

Securing TodoMVC Using the Web Cryptography API

The open source TodoMVC project implements a Todo application using popular JavaScript MV* frameworks. Some of the implementations add support for compile to JavaScript languages, module loaders and real time backends. This presentation will demonstrate a TodoMVC implementation which adds support for the forthcoming W3C Web Cryptography API, as well as review some key cryptographic concepts and definitions.

Instead of storing the Todo list as plaintext in localStorage, this “secure” TodoMVC implementation encrypts Todos using a password derived key. The PBKDF2 algorithm is used for the deriveBits operation, with getRandomValues generating a cryptographically random salt. The importKey method sets up usage of AES-CBC for both encrypt and decrypt operations. The final solution helps address item “A6-Sensitive Data Exposure” from the OWASP Top 10.

With the Web Cryptography API being a recommendation in 2014, any Q&A time will likely include browser implementations and limitations, and whether JavaScript cryptography adds any value.

  • JavaScriptMN Monthly Meetup (28 August 2014)
  • Thomson Reuters Eagan Technology Unconference (5 September 2014)
  • jQuery Conference (12-13 September 2014) ( presentation, code, demo, video )
  • Twin Cities Code Camp 17 (4 October 2014)

Make your own Print & Play card game using SVG and JavaScript

Want to leverage your creativity, love of board games, and web platform experience to do something different? Turn your imagination into a Print & Play card game using only a modern web browser, color printer and text editor.

This session will use the Scalable Vector Graphics (SVG) image format and JavaScript programming language to make a deck of cards for a simple game. Creating a few cards in graphics software like Inkscape is one thing, but what about 50 or 100 cards? What happens when you need to update them all? That’s the value of generating your SVG using JavaScript.

We will start with a blank screen, adding color and graphics elements like lines, shapes, text and images. Learn about container elements and defining content for re-use. Understand how units in the SVG coordinate system can transform our on-screen creation into an 8.5 by 11 inch printed page (or PDF). SVG examples will be both in their native XML format and created from JavaScript using Snap.svg, an open source library from Adobe designed for modern web browsers.

You will leave this session with a basic knowledge of SVG concepts, how to programmatically generate SVG using JavaScript, and how to make your SVG creation printer friendly.

Scaling Agility from the Trenches

Let’s start a conference with a conversation. Instead of an opening talk, Twin Cities agile practitioners will share a fishbowl with coaches in a free-for-all discussion around the good the bad and the ugly of scaling agility instead of simply adding more process. Stop back for more details or stop in and enjoy the (fishbowl) madness.

  • Agile Day Twin Cities 2013 (15 November 2013) ( panel participant; facilitated by David Hussman )

Internationalize your JavaScript Application: Prepare for “the next billion” internet users.

Are you prepared for “the next billion” internet users, most of whom don’t use English as their primary language? This session will explore the globalization (internationalization and localization) of JavaScript based applications. It will look at the ECMAScript Internationalization API and popular open source projects like AngularJS, messageformat.js, jQuery Globalize and twitter-cldr-js. Topics will include cultures/locales, character encoding, number formatting, date formatting, choice/plural formatting and translations.

A Humorous Comparison of Software Development with Star Wars: The Clone Wars

Lightning talk style presentation describing software development using references from Star Wars: The Clone Wars. ( screencast )

  • Thomson Reuters Eagan Technology Unconference (6 September 2013)
  • JavaScriptMN Monthly Meetup (26 September 2013)
  • Iowa Code Camp 12 (2 November 2013)

Developer’s Guide to JavaScript and Web Cryptography

The increasing capabilities and performance of the web platform allow for more feature-rich user experiences. How can JavaScript based applications utilize information security and cryptography principles? This session will explore the current state of JavaScript and Web Cryptography. We will review some basic concepts and definitions, discuss the role of TLS/SSL, show some working examples that apply cryptography to real-world use cases and take a peek at the upcoming W3C WebCryptoAPI. Code samples will use CryptoJS in the browser and the Node.js Crypto module on the server. An extended example will secure the popular TodoMVC project using PBKDF2 for key generation, HMAC for data integrity and AES for encryption.

  • Twin Cities Code Camp 14 (27 April 2013) ( presentation, video, demo )
  • JavaScriptMN Monthly Meetup (30 May 2013) ( presentation )
  • Iowa Code Camp 11 (8 June 2013) ( presentation )
  • Thomson Reuters Legal Market Dev Tech Forum Series (11 July 2013)
  • Minnesota Developers Conference 2013 (26 September 2013) ( presentation )
  • cf.Objective() 2014 (13-16 May 2014) ( presentation )

HTTP Potpourri

Embracing HTTP is an important property of well constructed ReSTful and web apis. Every web developer is familiar with GET and POST, 200 and 404, Accept and Content-Type; but what about 207 and 413, OPTIONS and PROPFIND, Transfer-Encoding and X-File-Size? This session will be based on usage of various HTTP methods, headers and status codes drawn from the development of large scale, web applications. Examples will include raw HTTP, mixed in with JavaScript and ASP.NET MVC code.

  • Twin Cities Code Camp 12 (14-15 April 2012) ( presentation )

Implementing Messaging Patterns in JavaScript using the OpenAjax Hub

Is your web application a tightly coupled, DOM event handler mess? Use techniques from the Enterprise Integration Patterns book to build better components. Concepts including message, publish-subscribe channel, request-reply and message filter will be demonstrated in JavaScript (along with corresponding tests) using the OpenAjax Hub.

BP101 Adding Lotus Sametime to Your Collaborative Commerce Web site

There are many statistics on the number of shopping carts being abandoned. This session will show how to use Lotus Sametime to add real-time, online customer service to your Collaborative Commerce Web site. A real-time intervention by a company representative can happen as a reaction to a customer request or a proactive response to a potential need. These and other situations will be demonstrated.

  • Lotusphere 2001 (14-18 January 2001)

BST108 eCommerce with Domino

In this session, you will learn the ins-and-outs of building an eCommerce site with Domino, and how you can build a site faster and easier with Domino than with other technologies. We will explain how to set up customer registration, build a product catalog, and manage the shopping cart. Tips on how to implement effective application security and get the best site performance will also be included. Finally, this session will describe the different ways to integrate you eCommerce applications with existing ERP applications.

  • Lotus Developers’ Conference 1999 (20-23 June 1999)

Kevin Hakanson

Multi-Cloud Certified Architect | DevSecOps | AppSec | Web Platform | Speaker | Learner | Builder
Twitter | LinkedIn | GitHub | Stack Overflow | Credly

© 2022 Kevin Hakanson (built with Gatsby)