eBooks-it.org Logo
eBooks-IT.org Inner Image

Advanced API Security

Securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE

Advanced API Security Image

Book Details:

Publisher:Apress
Series: Apress
Author:Prabath Siriwardena
Edition:1
ISBN-10:1430268182
ISBN-13:9781430268185
Pages:260
Published:Aug 10 2014
Posted:Nov 26 2014
Language:English
Book format:PDF
Book size:2.69 MB

Book Description:

Advanced API Security is a complete reference to the next wave of challenges in enterprise security--securing public and private APIs. API adoption in both consumer and enterprises has gone beyond predictions. It has become the 'coolest' way of exposing business functionalities to the outside world. Both your public and private APIs, need to be protected, monitored and managed. Security is not an afterthought, but API security has evolved a lot in last five years. The growth of standards, out there, has been exponential. That's where AdvancedAPI Security comes in--to wade through the weeds and help you keep the bad guys away while realizing the internal and external benefits of developing APIs for your services. Our expert author guides you through the maze of options and shares industry leading best practices in designing APIs for rock-solid security. The book will explain, in depth, securing APIs from quite traditional HTTP Basic Authentication to OAuth 2.0 and the standards built around it. Build APIs with rock-solid security today with Advanced API Security.Takes you through the best practices in designing APIs for rock-solid security.Provides an in depth tutorial of most widely adopted security standards for API security.Teaches you how to compare and contrast different security standards/protocols to find out what suits your business needs the best.What youll learnBuild APIs with rock-solid security by understanding best practices and design guidelines.Get a thorough understanding about widely adopted security standards for API security.Compare and contrast different security standards/protocols to find out what suits your business needs, the best.Expand business APIs to partners and outsiders with Identity Federation.Get hands-on experience in developing clients against Facebook, Twitter, and Salesforce APIs.Understand and learn how to mitigate security threats.Who this book is forAdvanced API Security is for enterprise security architects and developers who are designing, building and managing APIs. The book will provide guidelines, best practices in designing APIs and threat mitigation techniques for enterprise security architects while developers would be able to gain hands-on experience by developing API clients against Facebook, Twitter, Salesforce and many other cloud service providers.Table of ContentsManaged APIsSecurity by DesignHTTP Basic/Digest AuthenticationMutual Authentication and Transport Level SecurityIdentity DelegationOAuth 1.0OAuth 2.0 AND Bearer Token ProfileOAuth 2.0 MAC Token ProfileOauth 2.0 ProfilesUser Managed Access (UMA)FederationOpenID ConnectJWT, JWS, and JWEPatterns Practices

Download Link:

Related Books:

Pro ASP.NET Web API Security

Securing ASP.NET Web API
Pro ASP.NET Web API Security Image
ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP.With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols youre familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with.Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and s...

Inside Java 2 Platform Security

Architecture, API Design, and Implementation
Inside Java 2 Platform Security Image
2nd Edition
Series: The Java Series Security is an integral part of the Java platform; all Java APIs are built on a solid security model. That model has always been stronger than the security of other platforms, never allowing for the proliferation of a large virus such as "Melissa" or "I Love You." Now improved security and robust performance peacefully coexist. This book provides a detailed look into the central workings of the Java security architecture, including coverage of the many v1.4 enhancements. This book reviews multiple security threats, such as Trojan horses and denial of service attacks, and the strategies used to combat them. St...

Advanced DPA Theory and Practice

Towards the Security Limits of Secure Embedded Circuits
Advanced DPA Theory and Practice Image
Advanced DPA Theory and Practice provides a thorough survey of new physical leakages of embedded systems, namely the power and the electromagnetic emanations. The book presents a thorough analysis about leakage origin of embedded system. This book examines the systematic approach of the different aspects and advanced details about experimental setup for electromagnetic attack. The author discusses advanced statistical methods to successfully attack embedded devices such as high-order attack, template attack in principal subspaces, machine learning methods. The book includes theoretical framework to define side-channel based on two metrics: mutual information and success rate....



2007 - 2021 © eBooks-IT.org