In this three-part talk, we will first analyze the fundamentals of common security protocols such as Oauth1.0/2.0, Three-legged and Pin-based Auth. Next, we will review the security models of Facebook, Twitter and Google APIs in the light of the aforementioned protocols. Finally, we will apply our learnings to construct a comprehensive security model using a dedicated trust server, handshaking token, hierarchical security matrix and dynamic secret sharing.


Comments are closed.

The examples used were comprehensive and applicable to the points made. The diagrams were helpful, but I found the text a little small at times. Maybe the speaker could split them up between slides somehow. I would've loved to talk more about mistakes other companies have made in the past (like heartbleed), but I understand if time doesn't permit that. All and all, good information and definitely relevant for everyone. The speaker definitely knew the material and was open to questions.

Trent Harvey at 13:24 on 9 Feb 2018

Material was current and comprehensive. The talk was overall informative, but as others observed there were some slides with information that was hard to see. In general, I really enjoyed the talk and would recommend it to others who are wanting to better understand the role security plays in our applications and why it's so important.

Glenn Kimble at 11:04 on 10 Feb 2018

Really good and useful info! I enjoyed this talk. I would of liked to of seen some more examples, but I understand it's hard to fit everything in.

Good information and resources.

Pablo Benitez at 14:45 on 10 Feb 2018

Great content. I think that some more hands on examples but have been better but overall it was great!

Omni Adams at 07:29 on 11 Feb 2018

Lots of great information, but that long room made the small text really hard to read.

Jeff Madsen at 11:41 on 11 Feb 2018

Enjoyed the talk. Very good how it was broken down into matrices of the different ways you need to consider what is appropriate for your situation. Gave me some good takeaways.