OAuth 2.0 Bearer Token Profile Vs MAC Token Profile
Almost all the implementation I see today are based on OAuth 2.0 Bearer Token Profile. Of course its an RFC proposed standard today. OAuth 2.0 Bearer Token profile brings a simplified scheme for...
View ArticleWhy OAuth it self is not an authentication framework ?
Let’s straight a way start with definitions to avoid any confusions. Authentication is the act of confirming the truth of an attribute of a datum or entity. If I say, I am Prabath – I need to prove...
View ArticleBuilding a Manufacturing Service Bus (MSB) with WSO2 ESB
Before getting in to the subject, I would like to introduce few terminology commonly used in the manufacturing industry. The term Manufacturing Execution System (MES) was coined by AMR Research in...
View ArticleLandscapes in Mobile Application Security
There are different aspects in Cloud and Mobile application security – and in different angles you can look in to it. Within the first decade of the 21st century – internet worldwide increased from 350...
View ArticleChained Access Delegation Pattern
Suppose a medium-scale enterprise that sells bottled water has a RESTful API (Water API) that can be used to update the amount of water consumed by a registered user. Any registered user can access the...
View ArticleIdentity Anti-patterns: Federation Silos and Spaghetti Identity
A recent research done by the analyst firm Quocirca confirms that many businesses now have more external users than internal ones: in Europe 58 percent transact directly with users from other...
View ArticleWSO2 Identity Server 5.0.0 Authentication Framework
The WSO2 Identity Server 5.0.0 takes the identity management into a new direction. No more there will be federation silos or spaghetti identity anti-patterns. The authentication framework we introduced...
View ArticleSingle Sign-On with the Delegated Access Control Pattern
Suppose a medium-scale enterprise has a limited number of RESTful APIs. Company employees are allowed to access these APIs via web applications while they’re behind the company firewall. All user data...
View ArticleSecuring the Insecure
The 33 years old, Craig Spencer returned back to USA on 17th October from Africa after treating Ebola patients. Just after few days, he was tested positive for Ebola. Everyone was concerned – specially...
View ArticleRevamping WSO2 API Manager Key Management Architecture around Open Standards
WSO2 API Manager is a complete solution for designing and publishing APIs, creating and managing a developer community, and for scalably routing API traffic. It leverages proven, production-ready...
View Article
More Pages to Explore .....