Zum Hauptinhalt springen
Dekorationsartikel gehören nicht zum Leistungsumfang.
Solving Identity Management in Modern Applications
Demystifying OAuth 2, OpenID Connect, and SAML 2
Taschenbuch von Abhishek Hingnikar (u. a.)
Sprache: Englisch

52,95 €*

inkl. MwSt.

Versandkostenfrei per Post / DHL

auf Lager, Lieferzeit 1-2 Werktage

Kategorien:
Beschreibung
Know how to design and use identity management to protect your application and the data it manages.
At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided.
Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more.
This expanded edition has been revised to provide an overview of the new version of OAuth (2.1)¿the primary changes in this version, including features that were removed from 2.1 that were in 2.0 and why they were removed. The discussion of the book's accompanying sample application has been revised to cover in more depth the approach for developing the application (also revised). A new section has been added on the OAuth 2.0 Device Authorization Grant (RFC 8628) specification, which is useful for devices with limited UI capability. Minor additions include the topics of identity proofing, the need to capture and organize consent information, the impact of tracking prevention technology on certain identity protocols, and the availability of additional options for authorization requests such as OAuth 2.0 Rich Authorization Requests and JWT-Secured Authorization Requests (RFC 9101).
What Yoüll Learn
¿ Understand key identity management concepts
¿ Incorporate essential design principles
¿ Design authentication and access control for a modern application
¿ Know the identity management frameworks and protocols used today (OIDC/OAuth 2.0/2.1, SAML 2.0)
¿ Review historical failures and know how to avoid them
Who This Book Is For
Developers, enterprise or application architects, business application or product owners, and anyone involved in an application's identity management solution
Know how to design and use identity management to protect your application and the data it manages.
At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided.
Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more.
This expanded edition has been revised to provide an overview of the new version of OAuth (2.1)¿the primary changes in this version, including features that were removed from 2.1 that were in 2.0 and why they were removed. The discussion of the book's accompanying sample application has been revised to cover in more depth the approach for developing the application (also revised). A new section has been added on the OAuth 2.0 Device Authorization Grant (RFC 8628) specification, which is useful for devices with limited UI capability. Minor additions include the topics of identity proofing, the need to capture and organize consent information, the impact of tracking prevention technology on certain identity protocols, and the availability of additional options for authorization requests such as OAuth 2.0 Rich Authorization Requests and JWT-Secured Authorization Requests (RFC 9101).
What Yoüll Learn
¿ Understand key identity management concepts
¿ Incorporate essential design principles
¿ Design authentication and access control for a modern application
¿ Know the identity management frameworks and protocols used today (OIDC/OAuth 2.0/2.1, SAML 2.0)
¿ Review historical failures and know how to avoid them
Who This Book Is For
Developers, enterprise or application architects, business application or product owners, and anyone involved in an application's identity management solution
Über den Autor

Yvonne Wilson is co-founder and Chief Strategy Officer for XploitDefense. She has had many roles in the software industry related to security and identity management as a security and identity architect; enterprise architect; director of developer success working with identity customers; sr. director of security governance, risk, and compliance (GRC); Chief Strategy Officer; and founder of cloud identity services. Yvonne was responsible for IT security strategy and architecture at Sun Microsystems, founded and designed the identity management services offered through Oracle Managed Cloud Services, created a GRC team at Auth0 and founded a world-wide developer success team for Auth0, working with customers and overseeing the creation of an identity management training program for customer-facing support and professional services engineers. Yvonne is currently Chief Strategy Officer at XploitDefense.



In working with business teams at Sun, designing and deploying identity systems for customers at Oracle, and while founding a developer success team at Auth0, Yvonne had the opportunity of working with many customers, from small startups to large enterprises. Her experience spans the implementation of SSO, identity federation, directory services, adaptive knowledge-based authentication, and identity provisioning as well as multilevel authentication systems with certificate-based authentication. She has worked with OIDC, SAML 2.0, WS-Fed, OAuth2.0/2.1, and OpenID. From this depth of experience, Yvonne realized the growing need for a basic overview of identity management concepts that is understandable to business application owners as well as architects and developers.

Abhishek Hingnikar is at Okta, the identity provider for the internet. He has several years of experience designing and demonstrating Identity Management solutions to customers using Auth0 using OAuth 2.0/2.1, OpenID Connect and SAML 2.0. His current focus areas involve Consumer IoT, Device Based Identity and designing solutions that explore web based identity in peripheral domains.

Zusammenfassung

Select or design appropriate identity management approaches to protect your applications

Confidently describe the identity management for your application to prospective customers and partners

Develop your architecture and application from an identity management perspective

Inhaltsverzeichnis
Chapter 1: The Hydra of Modern Identity.- Chapter 2: The Life of an Identity.- Chapter 3: Evolution of Identity.- Chapter 4: Identity Provisioning.- Chapter 5: OAuth 2.0 and API Authorization .- Chapter 6: OIDC OpenID Connect.- Chapter 7: SAML 2.- Chapter 8: Authorization and Policy Enforcement.- Chapter 9: Sessions.- Chapter 10: Using Modern Identity to Build Applications.- Chapter 11: Single Sign-on.- Chapter 12: Strong Authentication.- Chapter 13: Logout.- Chapter 14: Account Management.- Chapter 15: Deprovisioning.- Chapter 16: Troubleshooting.- Chapter 17: Exceptions.- Chapter 18: Less Common Requirements.- Chapter 19: Failures.- Chapter 20: Compliance.- Chapter 21: Looking into the Crystal Ball.- Chapter 22: Conclusion.- Appendix A: Glossary.- Appendix B: Resources for Further Learning.- Appendix C: SAML Authentication Request and Response.- Appendix D: Public Key Cryptography.- Appendix E: Troubleshooting Tools.- Appendix F: Privacy Legislation.- Appendix G: Security ComplianceFrameworks.
Details
Erscheinungsjahr: 2022
Genre: Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: XXVIII
384 S.
35 s/w Illustr.
384 p. 35 illus.
ISBN-13: 9781484282601
ISBN-10: 1484282604
Sprache: Englisch
Ausstattung / Beilage: Paperback
Einband: Kartoniert / Broschiert
Autor: Hingnikar, Abhishek
Wilson, Yvonne
Auflage: 2nd ed.
Hersteller: Apress
Apress L.P.
Maße: 254 x 178 x 23 mm
Von/Mit: Abhishek Hingnikar (u. a.)
Erscheinungsdatum: 18.11.2022
Gewicht: 0,771 kg
Artikel-ID: 121418717
Über den Autor

Yvonne Wilson is co-founder and Chief Strategy Officer for XploitDefense. She has had many roles in the software industry related to security and identity management as a security and identity architect; enterprise architect; director of developer success working with identity customers; sr. director of security governance, risk, and compliance (GRC); Chief Strategy Officer; and founder of cloud identity services. Yvonne was responsible for IT security strategy and architecture at Sun Microsystems, founded and designed the identity management services offered through Oracle Managed Cloud Services, created a GRC team at Auth0 and founded a world-wide developer success team for Auth0, working with customers and overseeing the creation of an identity management training program for customer-facing support and professional services engineers. Yvonne is currently Chief Strategy Officer at XploitDefense.



In working with business teams at Sun, designing and deploying identity systems for customers at Oracle, and while founding a developer success team at Auth0, Yvonne had the opportunity of working with many customers, from small startups to large enterprises. Her experience spans the implementation of SSO, identity federation, directory services, adaptive knowledge-based authentication, and identity provisioning as well as multilevel authentication systems with certificate-based authentication. She has worked with OIDC, SAML 2.0, WS-Fed, OAuth2.0/2.1, and OpenID. From this depth of experience, Yvonne realized the growing need for a basic overview of identity management concepts that is understandable to business application owners as well as architects and developers.

Abhishek Hingnikar is at Okta, the identity provider for the internet. He has several years of experience designing and demonstrating Identity Management solutions to customers using Auth0 using OAuth 2.0/2.1, OpenID Connect and SAML 2.0. His current focus areas involve Consumer IoT, Device Based Identity and designing solutions that explore web based identity in peripheral domains.

Zusammenfassung

Select or design appropriate identity management approaches to protect your applications

Confidently describe the identity management for your application to prospective customers and partners

Develop your architecture and application from an identity management perspective

Inhaltsverzeichnis
Chapter 1: The Hydra of Modern Identity.- Chapter 2: The Life of an Identity.- Chapter 3: Evolution of Identity.- Chapter 4: Identity Provisioning.- Chapter 5: OAuth 2.0 and API Authorization .- Chapter 6: OIDC OpenID Connect.- Chapter 7: SAML 2.- Chapter 8: Authorization and Policy Enforcement.- Chapter 9: Sessions.- Chapter 10: Using Modern Identity to Build Applications.- Chapter 11: Single Sign-on.- Chapter 12: Strong Authentication.- Chapter 13: Logout.- Chapter 14: Account Management.- Chapter 15: Deprovisioning.- Chapter 16: Troubleshooting.- Chapter 17: Exceptions.- Chapter 18: Less Common Requirements.- Chapter 19: Failures.- Chapter 20: Compliance.- Chapter 21: Looking into the Crystal Ball.- Chapter 22: Conclusion.- Appendix A: Glossary.- Appendix B: Resources for Further Learning.- Appendix C: SAML Authentication Request and Response.- Appendix D: Public Key Cryptography.- Appendix E: Troubleshooting Tools.- Appendix F: Privacy Legislation.- Appendix G: Security ComplianceFrameworks.
Details
Erscheinungsjahr: 2022
Genre: Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: XXVIII
384 S.
35 s/w Illustr.
384 p. 35 illus.
ISBN-13: 9781484282601
ISBN-10: 1484282604
Sprache: Englisch
Ausstattung / Beilage: Paperback
Einband: Kartoniert / Broschiert
Autor: Hingnikar, Abhishek
Wilson, Yvonne
Auflage: 2nd ed.
Hersteller: Apress
Apress L.P.
Maße: 254 x 178 x 23 mm
Von/Mit: Abhishek Hingnikar (u. a.)
Erscheinungsdatum: 18.11.2022
Gewicht: 0,771 kg
Artikel-ID: 121418717
Warnhinweis

Ähnliche Produkte

Ähnliche Produkte