Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Enforcing Authorization with Cryptography

LASCON via YouTube

Start learning Write review
Corporate Finance Institute Ad

35% Off Finance Skills That Get You Hired - Code CFI35

Learn More → Scrimba Ad

Our career paths help you become job ready faster

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a developer-focused conference talk on enforcing authorization through cryptography. Learn about the risks of insecure direct object references and their inclusion in OWASP's Top 10 lists. Discover common solutions and their limitations, including indirect object reference maps and thorough authorization checks. Delve into a novel approach using cryptographically protected references, which balances computational time and memory requirements. Examine relevant attack vectors through threat modeling and compare secure design alternatives with benchmark results. Gain specific guidance on secure object references, access control, and database keys to share with development teams. Understand the trade-offs between security and performance in addressing this critical vulnerability.

Syllabus

Introduction
Agenda
The problem
Relevant Attacks
Common solutions
Direct object references
Sequential indirect object references
Random indirect references
Large memory footprint
Alternate approach
Referencing
Great
Benchmark Setup
Benchmark Results
Verification Time
Memory Usage
Identifier Size
Summary
Conclusions

Taught by

LASCON

Reviews

Start your review of Enforcing Authorization with Cryptography

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.