没有合适的资源?快使用搜索试试~ 我知道了~
Identity and Data Security for Web Development Best Practices 无水...
需积分: 10 24 下载量 59 浏览量
2017-10-06
18:17:44
上传
评论
收藏 13.45MB PDF 举报
温馨提示
试读
203页
Identity and Data Security for Web Development Best Practices 英文无水印pdf pdf所有页面使用FoxitReader和PDF-XChangeViewer测试都可以打开 本资源转载自网络,如有侵权,请联系上传者或csdn删除 本资源转载自网络,如有侵权,请联系上传者或csdn删除
资源推荐
资源详情
资源评论
Jonathan LeBlanc &
Tim Messerschmidt
Identity &
Data Security
for Web
Development
BEST PRACTICES
Jonathan LeBlanc and Tim Messerschmidt
Identity and Data Security
for Web Development
Best Practices
Boston Farnham Sebastopol
Tokyo
Beijing Boston Farnham Sebastopol
Tokyo
Beijing
978-1-491-93701-3
[LSI]
Identity and Data Security for Web Development
by Jonathan LeBlanc and Tim Messerschmidt
Copyright © 2016 Jonathan LeBlanc, Tim Messerschmidt. All rights reserved.
Printed in the United States of America.
Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.
O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are
also available for most titles (http://safaribooksonline.com). For more information, contact our corporate/
institutional sales department: 800-998-9938 or corporate@oreilly.com.
Editor: Meg Foley
Production Editor: Colleen Cole
Copyeditor: Kim Cofer
Proofreader: Sharon Wilkey
Indexer: WordCo Indexing Services, Inc.
Interior Designer: David Futato
Cover Designer: Karen Montgomery
Illustrator: Rebecca Demarest
June 2016: First Edition
Revision History for the First Edition
2016-06-03: First Release
See http://oreilly.com/catalog/errata.csp?isbn=9781491937013 for release details.
The O’Reilly logo is a registered trademark of O’Reilly Media, Inc. Identity and Data Security for Web
Development, the cover image, and related trade dress are trademarks of O’Reilly Media, Inc.
While the publisher and the authors have used good faith efforts to ensure that the information and
instructions contained in this work are accurate, the publisher and the authors disclaim all responsibility
for errors or omissions, including without limitation responsibility for damages resulting from the use of
or reliance on this work. Use of the information and instructions contained in this work is at your own
risk. If any code samples or other technology this work contains or describes is subject to open source
licenses or the intellectual property rights of others, it is your responsibility to ensure that your use
thereof complies with such licenses and/or rights.
Table of Contents
Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
1.
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
The Problems with Current Security Models 1
Poor Password Choices 3
Security over Usability 4
Improper Data Encryption 4
The Weakest Link: Human Beings 5
Single Sign-on 6
Understanding Entropy in Password Security 7
Entropy in Randomly Selected Passwords 8
Entropy in Human-Selected Passwords 9
Breaking Down System Usage of a Username and Password 11
Securing Our Current Standards for Identity 12
Good and Bad Security Algorithms 12
What Data Should Be Protected? 13
Account Recovery Mechanisms and Social Engineering 13
The Problem with Security Questions 14
Next Up 15
2.
Password Encryption, Hashing, and Salting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Data at Rest Versus Data in Motion 17
Data at Rest 18
Data in Motion 19
Password Attack Vectors 20
Brute-Force Attack 21
Creating a CAPTCHA with reCAPTCHA 22
Dictionary Attacks 28
iii
剩余202页未读,继续阅读
资源评论
yinkaisheng-nj
- 粉丝: 763
- 资源: 6953
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 三次样条插值的介绍-什么是三次样条插值原理
- http的一些相关介绍-对于我们来说什么是http
- 全卷积网络基于voc2012数据集简单pytorch实现
- pycharm的一些介绍-用于更好的学习python
- 基于C++的程序设计大赛天梯赛L2答案(天梯赛)
- 基于python实现的三次样条插值和均值插值法实现
- Python语言教程2-python批量图片大小处理-多文件夹
- Python语言教程1-python批量图片重命名,将后缀某几个不想要的字去除
- Space Combat Kit 太空战斗套件Unity游戏开发插件资源unitypackage C#
- Universal Device Preview 通用设备预览Unity游戏开发插件资源unitypackage
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功