Developers, designers, engineers, and creators can no longer afford to
pass responsibility for identity and data security onto others. Web
developers who don't understand how to obscure data in transmission, for
instance, can open security flaws on a site without realizing it. With
this practical guide, you'll learn how and why everyone working on a
system needs to ensure that users and data are protected.
Authors Jonathan LeBlanc and Tim Messerschmidt provide a deep dive into
the concepts, technology, and programming methodologies necessary to
build a secure interface for data and identity--without compromising
usability. You'll learn how to plug holes in existing systems, protect
against viable attack vectors, and work in environments that sometimes
are naturally insecure.
- Understand the state of web and application security today
- Design security password encryption, and combat password attack
vectors
- Create digital fingerprints to identify users through browser, device,
and paired device detection
- Build secure data transmission systems through OAuth and OpenID
Connect
- Use alternate methods of identification for a second factor of
authentication
- Harden your web applications against attack
- Create a secure data transmission system using SSL/TLS, and
synchronous and asynchronous cryptography
