Safeguarding Web Applications Against Token Theft - Fortifying Security with DPoP
Offered By: JSConf via YouTube
Course Description
Overview
Explore a cutting-edge approach to securing web applications against token theft in this 18-minute JSConf talk. Delve into the challenges of securely storing and retrieving authentication and authorization tokens in browsers, despite the robust framework provided by OAuth 2.0. Learn about DPoP (Demonstrating Proof of Possession), an emerging standard that extends OAuth 2.0, offering an innovative solution to enhance token management security. Discover how this potential game-changer can significantly improve the safety of current web authentication and authorization mechanisms. Gain insights from Software Architect Shikhar Kapoor's 14 years of experience in building and scaling web applications. The talk covers an introduction to token theft, an explanation of DPoP, and a discussion on potential DPoP attacks, providing a comprehensive overview of this important web security topic.
Syllabus
Introduction
Token Theft
Depop
Depop Attacks
Taught by
JSConf
Related Courses
Internet History, Technology, and SecurityUniversity of Michigan via Coursera Client-Server Communication
Google via Udacity HTTP & Web Servers
Udacity Network Security
Georgia Institute of Technology via Udacity Web Security Fundamentals
KU Leuven University via edX