Angebote zu "Oauth" (21 Treffer)

Kategorien

Shops

OAuth 2 in Action
24,99 € *
ggf. zzgl. Versand

Summary OAuth 2 in Action teaches you the practical use and deployment of this HTTP-based protocol from the perspectives of a client, authorization server, and resource server. You'll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology Think of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services. About the Book OAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You'll begin with an overview of OAuth and its components and interactions. Next, you'll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you'll dig into tokens, dynamic client registration, and more advanced topics. By the end, you'll be able to confidently and securely build and deploy OAuth on both the client and server sides. What's Inside Covers OAuth 2 protocol and design Authorization with OAuth 2 OpenID Connect and User-Managed Access Implementation risks JOSE, introspection, revocation, and registration Protecting and accessing REST APIs About the Reader Readers need basic programming skills and knowledge of HTTP and JSON. About the Author Justin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source. Table of Contents Part 1 - First steps What is OAuth 2.0 and why should you care? The OAuth dance Part 2 - Building an OAuth 2 environment Building a simple OAuth client Building a simple OAuth protected resource Building a simple OAuth authorization server OAuth 2.0 in the real world Part 3 - OAuth 2 implementation and vulnerabilities Common client vulnerabilities Common protected resources vulnerabilities Common authorization server vulnerabilities Common OAuth token vulnerabilities Part 4 - Taking OAuth further OAuth tokens Dynamic client registration User authentication with OAuth 2.0 Protocols and profiles using OAuth 2.0 Beyond bearer tokens Summary and conclusions

Anbieter: buecher
Stand: 09.04.2020
Zum Angebot
Angriffsflächen von OAuth 2.0 und OpenID Connect
41,90 € *
ggf. zzgl. Versand

Um bei einem Zugriff auf externe Webservices sensible Benutzerdaten nicht an Dritte weitergeben zu müssen, werden Authentifizierungs- und Autorisierungsverfahren eingesetzt, wie die derzeit populären Protokolle OAuth 2.0 und OpenID Connect. Das Ziel dieses vorliegenden Buches ist, Internetgrößen als Protokollanbieter (z. B. Facebook, Google, Microsoft), auf Angriffsflächen hin zu untersuchen, ob AngreiferInnen diese mit vertretbarem Aufwand nutzen können. Hierzu werden die Begriffe Authentifizierung und Autorisierung im Internet und häufig verwendete Verfahren beschrieben. Der theoretische Protokollablauf von OAuth 2.0 und OpenID Connect wird detailliert erläutert, um eine Analyse der Sicherheitsbedrohungen durchführen zu können. Gegliedert in neun Sicherheitsbedrohungen wurden 18 systematisch durchgeführte Versuchsreihen dokumentiert und die Ergebnisse diskutiert. Es konnten drei Sicherheitsbedrohungen nachgewiesen werden, unter anderem ein erfolgreich durchgeführter Cross-Site Request Forgery Angriff auf eine populäre österreichische Website, die OAuth 2.0 als Single Sign-On Protokoll verwendet.

Anbieter: Dodax
Stand: 09.04.2020
Zum Angebot
Advanced API Security
29,95 € *
ggf. zzgl. Versand

This book will prepare you to meet the next wave of challenges in enterprise security, guiding you through and sharing best practices for designing APIs for rock-solid security. It will explore different security standards and protocols, helping you choose the right option for your needs. Advanced API Security, Second Edition explains in depth how to secure APIs from traditional HTTP Basic Authentication to OAuth 2.0 and the standards built around it. Keep your business thriving while keeping enemies away. Build APIs with rock-solid security. The book takes you through the best practices in designing APIs for rock-solid security, provides an in depth understanding of most widely adopted security standards for API security and teaches you how to compare and contrast different security standards/protocols to find out what suits your business needs, the best. This new edition enhances all the topics discussed in its predecessor with the latest up to date information, and provides more focus on beginners to REST, JSON, Microservices and API security. Additionally, it covers how to secure APIs for the Internet of Things (IoT). Audience: The Advanced API Security 2nd Edition is for Enterprise Security Architects and Developers who are designing, building and managing APIs. The book will provide guidelines, best practices in designing APIs and threat mitigation techniques for Enterprise Security Architects while developers would be able to gain hands-on experience by developing API clients against Facebook, Twitter, Salesforce and many other cloud service providers. What you'll learn - Build APIs with rock-solid security by understanding best practices and design guidelines. - Compare and contrast different security standards/protocols to find out what suits your busine ss needs, the best.- Expand business APIs to partners and outsiders with Identity Federation. - Get hands-on experience in developing clients against Facebook, Twitter, and Salesforce APIs. - Understand and learn how to secure Internet of Things.

Anbieter: Dodax
Stand: 09.04.2020
Zum Angebot
OAuth 2 in Action
34,23 € *
ggf. zzgl. Versand

KEY FEATURES- Hands-on examples- Connect with major online services like Google, Facebook,Twitter- Takes the reader from beginner to advanced OAuth 2 topics.AUDIENCEReaders need basic programming skills and knowledge of HTTP andJSON.

Anbieter: Dodax
Stand: 09.04.2020
Zum Angebot
Apress Beginning PhoneGap Software-Handbuch 344...
40,65 € *
ggf. zzgl. Versand

PhoneGap is a growing and leading open-source mobile web apps development framework that lets developers build JavaScript and HTML5-based web applications with native wrappers for more than six mobile platforms, including iOS, Android, and BlackBerry. This framework lets you build HTML- and JavaScript-based apps and still take advantage of native mobile device capabilities like camera, localStorage, geolocation, storage and much more, irrespective of the mobile platform you target. It also lets you use more specialized JavaScript frameworks like jQuery Mobile and more. Beginning PhoneGap is a definitive, one-of-a-kind book that teaches the fundamentals and strategies behind cross-platform mobile application development. Instead of learning languages like Objective-C, focus on building apps from day one for Android, iOS, Blackberry, WebOS and Symbian—without the complexities of these platforms. This book shows how to build apps which makes use of Google Local Search to create a Restaurant finder apps (which uses Maps to layout locations and uses internal database to store your favorite restaurants. Furthermore, you'll learn how to extend PhoneGap's functionality by using PhoneGap plugins to write apps like Dropbox (syncing files in the background outside HTML/JavaScript code and in native code). By the time you finish Beginning PhoneGap, you'll know PhoneGap inside and out, and, consequently, be able to develop mobile web apps faster and more efficiently than ever before. Make more money in less time! What you’ll learn This book offers an examples-based approach on how to build PhoneGap-based HTML and JavaScript that integrates device features like geolocation, camera, storage, and more. - To understand mobile web applications development using the PhoneGap framework - How to build simple apps for iPhone, Android, BlackBerry, WebOS and Symbian - The differences in capabilities across various mobile devices - How to integrate other popular mobile JavaScript frameworks to build user interfaces in PhoneGap - All the major features in PhoneGap, like geolocation, camera, media, storage, and more. - How to build app which make use of OAuth for authentication with services like Facebook - How to extend PhoneGap using the PhoneGap plugin development framework Who this book is for This book is for project managers and developers of mobile applications who plan to develop for more than one platform, and are interested in saving money and time in the development process.

Anbieter: Dodax
Stand: 09.04.2020
Zum Angebot
Crenna, D: Professional Twitter Development
49,90 CHF *
ggf. zzgl. Versand

Twitter is rapidly moving up the social networking food chain and is currently outranked by only Facebook and MySpace. It features a programming API that allows you to build Web sites and applications (both desktop and mobile) for reading and posting to Twitter, finding other Twitter users, aggregating Twitter content, and other uses. This book walks you through the process of combining many programming tools in order to build exciting, useful, and profitable applications. You'll begin with a look at RESTful services and examine how to structure your queries, handle asynchronous operations, use headers, and post binary data. From there, author and TweetSharp developer Daniel Crenna explains how to authenticate with the OAuth specification for Web and Windows applications. * Twitter is growing in popularity at a rapid pace and this book shows you how to take advantage of its programming API to build applications * Explains the various ways to design a Twitter application, including caching, third party application interoperability, real-time data binding, push vs. pull data scenarios, and more * Takes an in-depth look at TweetSharp, a .NET library for developing Twitter applications-whose creator is also the author of this book * Walks you through requesting and retrieving responses from Twitter's API * Warns you of considerations to take into account regarding authentication and security Professional Twitter Development shows you how to get the most out of Twitter so that you can build your own applications for this exciting new platform.

Anbieter: Orell Fuessli CH
Stand: 09.04.2020
Zum Angebot
The Developer's Guide to Social Programming
54,90 CHF *
ggf. zzgl. Versand

'With the advent of the social web, companies must know how to leverage new technologies to stay competitive. The author, Mark Hawker, shows readers in simple steps what social programming really means. He walks you through examples of integrating with many of today's most successful social platforms-getting you up and running with social programming in no time at all.'-Joseph Annuzzi, Jr., Web Architect, PeerDynamic.com 'An essential reference for the social web, present and future...a must-have for making your website known on the social graph.'-Joshua T. Gross, Cortex Creations In this book, Mark Hawker shows developers how to build applications that integrate with Facebook, Twitter, and other social networking technologies-reaching customers wherever they prefer to be reached. Unlike competitive books that focus on a single social media platform, this book covers all three leading platforms: Facebook, Google, and Twitter. Hawker identifies the characteristics of superior, highly-engaging social media applications, and shows how to use Facebook, Google Friend Connect, and the Twitter API to create them. You'll find practical solutions and code for addressing many common social programming challenges, from site registration to search, blog commenting to creating location-based applications. Hawker concludes by walking you through building a complete, integrated social application: one that works seamlessly across all leading platforms, and draws on powerful features from each. Coverage includes · Working with the Twitter API, Twitter Search API, and API methods· Authenticating users with Twitter OAuth · Supporting retweeting, user lists, and location-based applications· Mastering Facebook, the Facebook API, FQL, and XFBML· Performing registration, authentication, and translation with Facebook · Using Facebook's tools for sharing, social commenting, stream publishing, and live conversation· Implementing application discovery, tabbed navigation, and dynamic content with Facebook Javascript Library · Exploring the Google Friend Connect JavaScript API, and integrating with the OpenSocial API · Performing server-side authentication and OpenSocial integration· Using the PHP OpenSocial Client Library with Google Friend Connect· Creating, testing, and submitting Google Friend Connect gadgets

Anbieter: Orell Fuessli CH
Stand: 09.04.2020
Zum Angebot
Beginning iOS Apps with Facebook and Twitter APIs
47,90 CHF *
ggf. zzgl. Versand

Beginning iOS Apps with Facebook and Twitter APIs shows you how to add the power of social networking to your mobile apps on iPhone, iPad, and iPod touch. With this book as your guide, you can write apps that connect to Facebook and Twitter quickly, securely, and discreetly. Instead of starting from scratch, you will build on the vast resources, data storage capacity, and familiar features of these platforms which have become part of everyday life for hundreds of millions of users worldwide. Beginning iOS Apps with Facebook and Twitter APIs introduces you to the development tools, techniques, and design practices you will need to work with the APIs. It helps you decide whether to use Facebook, Twitter, or both, and explains the important issues of design, branding, and permissible use guidelines. You will learn how to guarantee privacy and use OAuth for authentication and single sign-on. Create news apps, shopping apps, contact apps, GPS apps, guides, and more, that let users transparently: * Sign on once, then freely work with and manage their Facebook and Twitter accounts * Publish game high scores, post likes, links, and status updates * Send messages, share pictures, and forward Tweets * Tweet a link to an event, show themselves as attending, and see who else is there * Show Tweets that are relevant to a topic within a news app * Show Tweets about a restaurant * Organize a group or community From time to time, new forms of communication come along that make it easier for people to communicate and manage their social lives. Like phone calls and SMS before them, Facebook and Twitter have, in a short time, become essential parts of the social fabric of life for an ever-growing number of people throughout the world. The knowledge you'll gain from Beginning iOS Apps with Facebook and Twitter APIs will help you create exciting and popular iOS apps that your users will rely on every day to help make their lives more meaningful and connected.

Anbieter: Orell Fuessli CH
Stand: 09.04.2020
Zum Angebot
Single Sign-On (Sso)
83,90 CHF *
ggf. zzgl. Versand

Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems. As different applications and resources support different authentication mechanisms, single sign-on has to internally translate to and store different credentials compared to what is used for initial authentication. This book is your ultimate resource for Single sign-on (SSO). Here you will find the most up-to-date information, analysis, background and everything you need to know. In easy to read chapters, with extensive references and links to get you to know all there is to know about Single sign-on (SSO) right away, covering: Single sign-on, Password, 1dl, 2D Key, ATM SafetyPIN software, Canonical account, Challenge-Handshake Authentication Protocol, Challenge-response authentication, Cognitive password, Default password, Diceware, Draw a Secret, Duress code, LM hash, Munged password, One-time password, OpenID, OTPW, Partial Password, Passmap, PassPattern system, Passphrase, Password authentication protocol, Password cracking, Password fatigue, Password length parameter, Password management, Password manager, Password notification e-mail, Password policy, Password strength, Password synchronization, Password-authenticated key agreement, PBKDF2, Personal identification number, Pre-shared key, Privileged password management, Random password generator, Risk-based authentication, S/KEY, Secure Password Authentication, Secure Remote Password protocol, SecurID, Self-service password reset, Shadow password, Swordfish (password), Windows credentials, Zero-knowledge password proof, Federated identity, Federated identity management, Apple ID, Athens (access and identity management service), CoSign single sign on, Credential Service Provider, Crowd (software), Digital identity, E-Authentication, Enterprise Sign On Engine, EZproxy, Facebook Platform, Google Account, Higgins project, Identity Governance Framework, Identity metasystem, Information Card, Information Card Foundation, Janrain, JOSSO, Light-Weight Identity, Novell Access Manager, OneLogin, OpenAM, OpenSSO, Point of Access for Providers of Information, Pubcookie, Shibboleth (Internet2), Sun Java System Access Manager, Ubuntu Single Sign On, Windows CardSpace, Windows Live ID, Yadis, Access control list, Access Control Matrix, Atomic authorization, Authentication, Authorization, Bell-LaPadula model, Closed-loop authentication, Comparison of privilege authorization features, Computational trust, Context-based access control, Copy protection, Cryptographic log on, DACL, Database audit, DataLock Technology, Delegated administration, Delegation of Control, Digipass, Directory service, Discretionary access control, Distributed Access Control System, EAuthentication, Form-based authentication, Global Trust Council, HERAS-AF, HTTP cookie, HTTP+HTML form-based authentication, IBM Lightweight Third-Party Authentication, IBM Tivoli Access Manager, Identity Assertion Provider, Identity driven networking, Initiative For Open Authentication, Integrated Windows Authentication, Internet Authentication Service, Java Authentication and Authorization Service, Location-based authentication, Logical access control, Login, LOMAC, Mandatory access control, MicroID, Microsoft Fingerprint Reader, Mobilegov, Multi-factor authentication, Mutual authentication, NemID, NIST RBAC model, OAuth, Object-capability model...and much more This book explains in-depth the real drivers and workings of Single sign-on (SSO). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Single

Anbieter: Orell Fuessli CH
Stand: 09.04.2020
Zum Angebot