I just came across with Don Tapscott’s TED Talk titled “How the blockchain is changing money and business” . In it, he talks about 5 potential…
View More Blockchain Use cases and Identity
Category: security
Attack Vectors on Modern Cars – Side Effects of Automotive Digitalization
The keynote presentation at the #EIC17 by Stephan Gerhager was an intriguing one. It amply told us that the security model around cars is really scary.…
View More Attack Vectors on Modern Cars – Side Effects of Automotive Digitalization
APIDays 2016: Financial Grade OAuth & OpenID Connect
Here is the slide I used in API Days Paris 2016, for the Banking track. Direct link to slideshare: http://www.slideshare.net/nat_sakimura/financial-grade-oauth-openid-connect Hope they are useful.
View More APIDays 2016: Financial Grade OAuth & OpenID Connect
Fixing OAuth?
On the 14th and 15th of July, we had the OAuth Security Workshop 2016 at the University of Trier. Further, we had a IETF 96 side meeting…
View More Fixing OAuth?
Why is internet openness important? #OECDDigitalMX
(Following is the transcript of my speech at the TUAC Forum at the 2016 OECD Ministerial on the Digital Economy) Q. Why is access to an…
View More Why is internet openness important? #OECDDigitalMX
FAPI Presentation at Open Data in Finance Conference @ London
Here is the presentation file that I used for my 10 minutes OpenID Foundattion Financial API WG presentation at the Open Data in Finance Conference ( June 15,…
View More FAPI Presentation at Open Data in Finance Conference @ London
Open Data in Finance Conference: Chair’s Welcome
Here is the script of the Chair’s remark at the opening of the Open Data in Fianance Conference in London (June 15, 2016) 09:00 –…
View More Open Data in Finance Conference: Chair’s Welcome
GSA 18F’s unauthorized Slack use caused breach of 100 GSA Google Drives?
@JamieXML pinged me about the @18F breach that I completely missed. I quickly googled it and found this article. IG report:18F’s unauthorized Slack use caused…
View More GSA 18F’s unauthorized Slack use caused breach of 100 GSA Google Drives?
Cut and pasted code attack in OAuth 2.0 [RFC6749]
The so called ‘cut and pasted code attack’ also known as ‘Frankenstein Monster Attack’ is an attack that the adversary swaps the ‘code’ in the…
View More Cut and pasted code attack in OAuth 2.0 [RFC6749]
Code phishing attack on OAuth 2.0 [RFC6749]
Code phishing attack is the attack that the adversary obtains the code and client credentials from the legitimate client and uses them against the honest token…
View More Code phishing attack on OAuth 2.0 [RFC6749]
You must be logged in to post a comment.