Data Safety and Information Security

Data Safety and Information Security

749 bookmarks
Custom sorting
Passwords and their Discontents
Passwords and their Discontents
Passwords are a poor solution for authenticating users–but none of the alternatives are very good, either. So, what do I use?
·oreilly.com·
Passwords and their Discontents
JWTs Aren’t Made for Authorization | Permit
JWTs Aren’t Made for Authorization | Permit
Learn how to use JWT for authorization, understand the basics of what JWT is, and explore examples of proper JWT usage in authentication and authorization.
·permit.io·
JWTs Aren’t Made for Authorization | Permit
Cyber Security: A Pre-War Reality Check - Bert Hubert's writings
Cyber Security: A Pre-War Reality Check - Bert Hubert's writings
This is a lightly edited transcript of my presentation today at the ACCSS/NCSC/Surf seminar ‘Cyber Security and Society’. I want to thank the organizers for inviting me to their conference & giving me a great opportunity to talk about something I worry about a lot. Here are the original slides with notes, which may be useful to view together with the text below. In the notes there are also additional URLs that back up the claims I make in what follows.
·berthub.eu·
Cyber Security: A Pre-War Reality Check - Bert Hubert's writings
Taking a 'Machine-First' Approach to Identity Management
Taking a 'Machine-First' Approach to Identity Management
Uncovering what each identity is accessing and why, startup Token Security provides essential data to understand microservices vulnerabilities.
·thenewstack.io·
Taking a 'Machine-First' Approach to Identity Management
Praying for passkeys to get better
Praying for passkeys to get better
William writing at Firstyear's blog-a-log: Passkeys: A Shattered Dream Passkeys are now seen as a way to capture users and audiences into a platform. What better way to encourage long term entrapment of users then by locking all their credentials into your platform, and even better, credentials that can't be
·birchtree.me·
Praying for passkeys to get better
The Evolution of Trust
The Evolution of Trust
an interactive guide to the game theory of why & how we trust each other
·ncase.me·
The Evolution of Trust
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security
The Internet of Things (IoT) security is one of the most important issues developers have to face. Data tampering must be prevented in IoT devices and some or all of the confidentiality, integrity, and authenticity of sensible data files must be assured in most practical IoT applications, especially when data are stored in removable devices such as microSD cards, which is very common. Software solutions are usually applied, but their effectiveness is limited due to the reduced resources available in IoT systems. This paper introduces a hardware-based security framework for IoT devices (Embedded LUKS) similar to the Linux Unified Key Setup (LUKS) solution used in Linux systems to encrypt data partitions. Embedded LUKS (E-LUKS) extends the LUKS capabilities by adding integrity and authentication methods, in addition to the confidentiality already provided by LUKS. E-LUKS uses state-of-the-art encryption and hash algorithms such as PRESENT and SPONGENT. Both are recognized as adequate solutions for IoT devices being PRESENT incorporated in the ISO/IEC 29192-2:2019 for lightweight block ciphers. E-LUKS has been implemented in modern XC7Z020 FPGA chips, resulting in a smaller hardware footprint compared to previous LUKS hardware implementations, a footprint of about a 10% of these LUKS implementations, making E-LUKS a great alternative to provide Full Disk Encryption (FDE) alongside authentication to a wide range of IoT devices.
·mdpi.com·
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security
SpiceDB | AuthZed
SpiceDB | AuthZed
SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions.
·authzed.com·
SpiceDB | AuthZed
JWT Authorization: Avoiding Common Pitfalls | AuthZed.com
JWT Authorization: Avoiding Common Pitfalls | AuthZed.com
Discover the limitations of JWTs for backend authorization and the benefits of centralized authorization with fine-grained access control. Explore AuthZed's SpiceDB and ReBAC foundation.
·authzed.com·
JWT Authorization: Avoiding Common Pitfalls | AuthZed.com
Relationship Based Access Control (ReBAC): Using Graphs to Power your Authorization System | AuthZed
Relationship Based Access Control (ReBAC): Using Graphs to Power your Authorization System | AuthZed
Learn why authentication and authorization are distinct systems, and why relying on attribute-based permission systems can lead to security vulnerabilities. Discover how ReBAC can lead to more robust permission systems that mimic the way people naturally organize their world.
·authzed.com·
Relationship Based Access Control (ReBAC): Using Graphs to Power your Authorization System | AuthZed
Fine-Grained Access Control: Can You Go Too Fine? | AuthZed.com
Fine-Grained Access Control: Can You Go Too Fine? | AuthZed.com
Learn about the advantages and disadvantages of fine-grained access control and how to model permissions for your app efficiently. Find out how to strike a balance between security, performance, and user experience.
·authzed.com·
Fine-Grained Access Control: Can You Go Too Fine? | AuthZed.com
Building Scalable Permission Systems with Caveated Relationships | AuthZed.com
Building Scalable Permission Systems with Caveated Relationships | AuthZed.com
Reduce the risk of creating a legacy bespoke system with Authzed's suite of authorization tooling, including SpiceDB, an open-source solution for implementing fine-grained permissions modeled on ABAC and now featuring caveats for dynamic policies.
·authzed.com·
Building Scalable Permission Systems with Caveated Relationships | AuthZed.com
ABAC on SpiceDB: Enabling Netflix’s Complex Identity Types
ABAC on SpiceDB: Enabling Netflix’s Complex Identity Types
Learn how AuthZed and Netflix bridged the gap between Policy-Based and Relationship-Based Access Control by adding ABAC to AuthZed's Google Zanzibar-inspired authorization system—SpiceDB.
·authzed.com·
ABAC on SpiceDB: Enabling Netflix’s Complex Identity Types
Document Verification Technology: A Step by Step Guide - MiniAiLive
Document Verification Technology: A Step by Step Guide - MiniAiLive
Document verification technology authenticates the validity of physical and digital documents. It ensures that personal and sensitive information remains secure. In today's digital age, document verification serves as a critical component for businesses in various sectors, including banking, healthcare, and government services. It utilizes a mix of artificial intelligence, machine learning, and pattern recognition to
·miniai.live·
Document Verification Technology: A Step by Step Guide - MiniAiLive
Using X.509 Certs for DID Provenance
Using X.509 Certs for DID Provenance
The abundance of X.509 certificate authorities who already perform identity proofing for businesses provides a rich resource that can be leveraged to boot the verifiable data ecosystem.
·windley.com·
Using X.509 Certs for DID Provenance
Protobom: Paving the Path for SBOM Adoption
Protobom: Paving the Path for SBOM Adoption
CISA, DHS, and OpenSSF are introducing Protobom, an open source tool they say will make it easier for enterprises protect their software supply chains.
·thenewstack.io·
Protobom: Paving the Path for SBOM Adoption