Authorization and Access Control
- Length: 74 pages
- Edition: 1
- Language: English
- Publisher: CRC Pr I Llc
- Publication Date: 2022-02-28
- ISBN-10: 103221452X
- ISBN-13: 9781032214528
- Sales Rank: #0 (See Top 100 Books)
This book focuses on various authorization and access control techniques, threats and attack modelling including overview of open Authorization 2.0 (Oauth2.0) framework along with User managed access (UMA) and security analysis. Important key concepts are discussed on how to provide login credentials with restricted access to third parties with primary account as a resource server. Detailed protocol overview and authorization process along with security analysis of Oauth 2.0 is discussed in this book. This book also includes case studies of websites for vulnerability issues.
Features:
Provides overview of security challenges of IoT and mitigation techniques with a focus on authorization and access control mechanisms.
Discusses behavioral analysis of threats and attacks using UML base modelling.
Covers use of Oauth2.0 Protocol and UMA for connecting web applications.
Includes Role Based Access Control (RBAC), Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Permission Based Access Control (PBAC).
Explores how to provide access to third party web applications through resource server by use of secured and reliable Oauth2.0 framework. This book aims at Researchers and Professionals in IT Security, Auditing, and Computer Engineering.
Cover Half Title Title Page Copyright Page Table of Contents Preface Authors 1 Introduction 1.1 Internet to Internet of Things 1.2 ICT Standardization 1.3 Convergence 1.4 Industry 4.0 Standards 1.5 Security Issues and Challenges 1.6 Summary References 2 Authorization and Access Control 2.1 Introduction 2.2 Threats and Attacks Modeling 2.3 Overview of Authentication and Authorization 2.4 Access Control Paradigms 2.5 Implementation Perspective 2.6 Summary References 3 Open Authorization 2.0 3.1 Introduction 3.1.1 OAuth Roles/Main Actors of OAuth2.0 3.2 Motivation 3.3 Protocol Overview 3.4 Use Case 3.4.1 User Agent as Use Case 3.4.1.1 Educational Application 3.4.2 Web Server in Web Application 3.5 Authorization Process 3.5.1 Authorization Code Grant 3.5.1.1 Authorization Code 3.5.2 Implicit Grant 3.5.3 Resource Owner Password Credential Grant 3.5.4 Client Credentials Grant 3.5.4.1 Types of Token 3.6 Security Analysis 3.6.1 Phishing Attacks 3.6.2 Countermeasures 3.6.3 Clickjacking 3.7 Summary References 4 User-Managed Access 4.1 Introduction 4.1.1 Roles of UMA Protocol 4.1.1.1 Resource Owner 4.1.1.2 Client Application 4.1.1.3 Authorization Server 4.1.1.4 Resource Server 4.1.1.5 Requesting Party 4.2 Motivation 4.3 Protocol Overview 4.4 Use Cases 4.4.1 Healthcare Application 4.4.2 Personal Loan Approval Scenario 4.5 Authorization Process 4.5.1 Claim Collection 4.5.2 Authorization Result Determination 4.6 Security Analysis 4.6.1 PCT and RPT Vulnerability 4.6.2 Cross-Site Request Forgery Attack (CSRF) 4.7 Summary References 5 Conclusions Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.