top

  Info

  • Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.

  Info

  • Utilizzare questo link per rimuovere la selezione effettuata.

Biblioteca

MARC Lista (tabellare)
Advanced API Security [[electronic resource] ] : OAuth 2.0 and Beyond / / by Prabath Siriwardena
Advanced API Security [[electronic resource] ] : OAuth 2.0 and Beyond / / by Prabath Siriwardena
Autore Siriwardena Prabath
Edizione [2nd ed. 2020.]
Pubbl/distr/stampa Berkeley, CA : , : Apress : , : Imprint : Apress, , 2020
Descrizione fisica 1 online resource (xix, 449 pages) : illustrations
Disciplina 005.1068
Collana Books for professionals by professionals
Soggetto topico Data protection
Special purpose computers
Computer security
Programming languages (Electronic computers)
Security
Special Purpose and Application-Based Systems
Systems and Data Security
Programming Languages, Compilers, Interpreters
ISBN 1-4842-2050-1
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto 1. APIs Rule!.-2. Designing Security for APIs.-3. Securing APIs with Transport Layer Security (TLS).-4. OAuth 2.0 Fundamentals.-5. Edge Security with an API Gateway.-6. OpenID Connect (OIDC).-7. Message Level Security with JSON Web Signature.-8. Message Level Security with JSON Web Encryption.-9. OAuth 2.0 Profiles.-10. Accessing APIs via Native Mobile Apps.-11. OAuth 2.0 Token Binding.-12. Federating Access to APIs.-13. User Managed Access.-14. OAuth 2.0 Security -- 15. Patterns and Practices -- 16: A. The Evolution of Identity Delegation -- 17: B. OAuth 1.0 -- 18: C. How Transport Layer Security Works -- 19: D. UMA Evolution -- 20: E. Base64URL Encoding -- 21: F. Basic/Digest Authentication -- 22: G. OAuth 2.0 MAC Token Profile.
Record Nr. UNINA-9910369901303321
Siriwardena Prabath  
Berkeley, CA : , : Apress : , : Imprint : Apress, , 2020
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
Advanced API Security : Securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE / / by Prabath Siriwardena
Advanced API Security : Securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE / / by Prabath Siriwardena
Autore Siriwardena Prabath
Edizione [1st ed. 2014.]
Pubbl/distr/stampa Berkeley, CA : , : Apress : , : Imprint : Apress, , 2014
Descrizione fisica 1 online resource (248 p.)
Disciplina 004
004.6
Soggetto topico Data protection
Software engineering
Special purpose computers
Security
Software Engineering/Programming and Operating Systems
Special Purpose and Application-Based Systems
ISBN 1-4302-6817-4
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto ""Contents at a Glance""; ""Contents""; ""About the Author""; ""About the Technical Reviewer""; ""Acknowledgments""; ""Introduction""; ""Chapter 1: Managed APIs""; ""The API Evolution""; ""API vs. Managed API""; ""API vs. Service""; ""Discovering and Describing APIs""; ""Managed APIs in Practice""; ""Twitter API""; ""Salesforce API""; ""Summary""; ""Chapter 2: Security by Design""; ""Design Challenges""; ""User Comfort""; ""Performance""; ""Weakest Link""; ""Defense in Depth""; ""Insider Attacks""; ""Security by Obscurity""; ""Design Principles""; ""Least Privilege""; ""Fail-Safe Defaults""
""Economy of Mechanism""""Complete Mediation""; ""Open Design""; ""Separation of Privilege""; ""Least Common Mechanism""; ""Psychological Acceptability""; ""Confidentiality, Integrity, Availability (CIA)""; ""Confidentiality""; ""Integrity""; ""Availability""; ""Security Controls""; ""Authentication""; ""Something You Know""; ""Something You Have""; ""Something You Are""; ""Authorization""; ""Discretionary Access Control (DAC) vs. Mandatory Access Control (MAC)""; ""Nonrepudiation""; ""Auditing""; ""Security Patterns""; ""Direct Authentication Pattern""; ""Managing Credentials""
""Biometric Authentication""""Sealed Green Zone Pattern""; ""Least Common Mechanism Pattern""; ""Brokered Authentication Pattern""; ""Policy-Based Access Control Pattern""; ""Threat Modeling""; ""Summary""; ""Chapter 3: HTTP Basic/Digest Authentication""; ""HTTP Basic Authentication""; ""HTTP Digest Authentication""; ""Summary""; ""Chapter 4: Mutual Authentication with TLS""; ""Evolution of TLS""; ""How TLS Works""; ""TLS Handshake""; ""Application Data Transfer""; ""Summary""; ""Chapter 5: Identity Delegation""; ""Direct Delegation vs. Brokered Delegation""
""Evolution of Identity Delegation""""Google ClientLogin""; ""Google AuthSub""; ""Flickr Authentication API""; ""Yahoo! Browser-Based Authentication (BBAuth)""; ""Summary""; ""Chapter 6: OAuth 1.0""; ""The Token Dance""; ""Temporary-Credential Request Phase""; ""Resource-Owner Authorization Phase""; ""Token-Credential Request Phase""; ""Invoking a Secured Business API with OAuth 1.0""; ""Demystifying oauth_signature""; ""Three-Legged OAuth vs. Two-Legged OAuth""; ""OAuth WRAP""; ""Summary""; ""Chapter 7: OAuth 2.0""; ""OAuth WRAP""; ""Client Account and Password Profile""
""Assertion Profile""""Username and Password Profile""; ""Web App Profile""; ""Rich App Profile""; ""Accessing a WRAP-Protected API""; ""WRAP to OAuth 2.0""; ""OAuth 2.0 Grant Types""; ""Authorization Code Grant Type""; ""Implicit Grant Type""; ""Resource Owner Password Credentials Grant Type""; ""Client Credentials Grant Type""; ""OAuth 2.0 Token Types""; ""OAuth 2.0 Bearer Token Profile""; ""OAuth 2.0 Client Types""; ""OAuth 2.0 and Facebook""; ""OAuth 2.0 and LinkedIn""; ""OAuth 2.0 and Salesforce""; ""OAuth 2.0 and Google""; ""Authentication vs. Authorization""; ""Summary""
""Chapter 8: OAuth 2.0 MAC Token Profile""
Record Nr. UNINA-9910300476903321
Siriwardena Prabath  
Berkeley, CA : , : Apress : , : Imprint : Apress, , 2014
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui