Advanced API Security: OAuth 2.0 and Beyond,2nd Edition


Advanced API Security: OAuth 2.0 and Beyond
Authors: Prabath Siriwardena
ISBN-10: 1484220498
ISBN-13: 9781484220498
Edition 版次: 2nd ed.
Publication Date 出版日期: 2019-12-17
Print Length 页数: 449 pages


Book Description
By finelybook

Prepare for the next wave of challenges in enterprise security. Learn to better protect,monitor,and manage your public and private APIs.
Enterprise APIs have become the common way of exposing business functions to the outside world. Exposing functionality is convenient,but of course comes with a risk of exploitation. This book teaches you about using OAuth 2.0 and related profiles to access APIs securely with web applications,single-page applications,native mobile applications and browser-less applications. Benefit from lessons learned from analyzing multiple attacks that have taken place by exploiting security vulnerabilities in various OAuth 2.0 implementations. Explore root causes,and improve your security practices to mitigate against similar future exploits.
Security must be an integral part of any development project. This book shares best practices in designing APIs for better security. API security has evolved since the first edition of this book,and the growth of standards related API security has been exponential. OAuth 2.0 is the most widely adopted framework that is used as the foundation for these standards. This book shows you how to apply OAuth 2.0 to your own situation in order to secure and protect your enterprise APIs from exploitations and attacks.
What You Will Learn
Securely design,develop,and deploy enterprise APIs
Pick security standards and protocols to match business needs
Mitigate security exploits by understanding the OAuth 2.0 threat landscape
Federate identities to expand business APIs beyond the corporate firewall
Protect microservices at the edge by securing their APIs
Develop native mobile applications to access APIs securely
Integrate applications with SaaS APIs protected with OAuth 2.0
1. APIs Rule!
2. Designing Security for APIs
3. Securing APIs with Transport Layer Security(TLS)
4. OAuth 2.0 Fundamentals
5. Edge Security with an API Gateway
6. OpenID Connect(OIDC)
7. Message-Level Security with JSON Web Signature
8. Message-Level Security with JSON Web Encryption
9. OAuth 2.0 Profiles
10. Accessing APIs via Native Mobile Apps
11. OAuth 2.0 Token Binding
12. Federating Access to APls
13. User-Managed Access
14. OAuth 2.0 Security
15. Patterns and Practices
The Evolution of Identity Delegation
OAuth 1.0
How Transport Layer Security Works?
UMA Evolution
Base64 URL Encoding
Basic/Digest Authentication
OAuth 2.0 MAC Token Profile

相关文件下载地址

下载地址 Download解决验证以访问链接!
打赏
未经允许不得转载:finelybook » Advanced API Security: OAuth 2.0 and Beyond,2nd Edition

评论 抢沙发

觉得文章有用就打赏一下

您的打赏,我们将继续给力更多优质内容

支付宝扫一扫

微信扫一扫