Epizoda 1: Autentifikacija i autorizacija

Pronađite nas na našem sajtu: https://itpodkast.com/​

streaming servisima:

Spotify: https://open.spotify.com/show/6kP8vDpbiZs311d07raXEF
Deezer: https://www.deezer.com/sr/show/2573342
Google Podcasts: https://podcasts.google.com/feed/aHR0cHM6Ly9pdHBvZGthc3QuY29tL2ZlZWQvcG9kY2FzdA​
Apple Podcasts: https://podcasts.apple.com/us/podcast/podkast-it-tipa/id1564651181
Stitcher: https://www.stitcher.com/show/podkast-it-tipa

kao i na društvenim mrežama:​

Twitter: https://twitter.com/podkastittipa
Instagram: https://www.instagram.com/podkastittipa
Facebook: https://www.facebook.com/podcastittipa

TIMESTAMPS
00:00 Dobrodošli + Disclaimer
00:38 JWT fails
2:37 JWT security breach
5:20 JWT i autorizacija: sadržaj tokena
10:57 Local/Session Storage vs Cookie
12:19 Vadi pušku? Kraj podcasta?
12:58 Basic auth
14:21 Digest
15:03 SSO vs Same Sign On (distribuirani mega sistemi)
17:48 SSO ali stvarno
18:22 OAuth3
19:57 SSO i korporacije (“megacorp”)
23:49 Kerberos, NTML, NT verzija SAML-a?
28:43 Autorizacione šeme, RBAC, CBAC, ABAC, PBAC, ŠBAK
30:18 Nikola prenosi istraživačko iskustvo
36:18 Divota 2FA na Slacku
37:00 Da li hešovati na klijentu?
38:45 Minifikacija req/res body-a, bandwidth? “security through obscurity”
41:50 Client-side nounce
45:02 Odjava

Reference, hronološki kako su spomenute:

OAuth3
https://oauth.net/3/

OpenID
https://openid.net/connect/

WSO2 OpenID (on-premise/hybrid kombinacija sa AWS IAM kao custom OpenID provider)
https://wso2.com/identity-and-access-management/

Kerberos
https://web.mit.edu/kerberos/

NTML
https://docs.microsoft.com/en-us/windows-server/security/kerberos/ntlm-overview

Role-Based Access Control (RBAC)
Claim-Based Access Control (CBAC)
Attribute-Based Access Control (ABAC)
Policy Based Access Control (PBAC)
ŠBAK (škk je ovo, izbaciti iz opisa?)

WET (Write Everything Twice)

Client Side Nounce
https://security.stackexchange.com/questions/3001/what-is-the-use-of-a-client-nonce