🎬 How to implement secure MCP patterns: Identity, authorization, and runtime protection
Video Details
Channel: Google Cloud Tech
URL: https://www.youtube.com/watch?v=9CoVNqbLdZU
Relevance: ⭐⭐⭐⭐⭐
Summary
Google Cloud’s official presentation on securing MCP deployments: OAuth 2.0 flows for MCP server authentication, capability-based authorisation (each agent gets only the minimum MCP capabilities needed), input sanitisation to prevent tool injection attacks, audit logging for all MCP calls, and runtime policy enforcement with OPA (Open Policy Agent).
PUMA Relevance
Critical for PUMA Stage 5 governance design. PUMA’s Smart PMO agents will have MCP connections to production Jira — they need exactly the security patterns described: OAuth for Jira authentication, capability-limited access (triage agent gets read-only Jira, planning agent gets write access), and audit logs for HITL review. The OPA integration directly supports PUMA’s bounded autonomy design.