Security

OAuth

OAuth & OAuth 2: data usage across platforms

The “pathway to hell” – this is how Eran Hammer-Lahav once called the security protocol OAuth 2.0, on which he himself had worked for years. Others, however, use the service without issue. It enables users to use data and functions across multiple platforms in multiple services – for example, with the convenient single sign-on – using secure API authorisation. But how exactly does OAuth2 work and...

What is FIDO2?

FIDO2: The new standard for secure web log-in

Passwords are not an ideal way to surf the World Wide Web safely. They are either so complex that they are hard to remember, or so simple that they can be guessed in next to no time. FIDO2 takes a different approach and relies on modern technology. The open standard has the potential to make surfing the net safer and more convenient at the same time.

What is role-based access control (RBAC)?

How does role-based access control (RBAC) work?

Organisations restrict access permissions in systems to protect sensitive data from unauthorised access and modification. However, assigning access permissions to users individually is a high-maintenance and error-prone process. In the case of role-based access control (RBAC), permissions are assigned based on previously assigned roles. Here, we explain how role-based access control works.

QUIC – the Internet Transport Protocol based on UDP

QUIC: What is behind the experimental Google Protocol?

Quick UDP Internet Connections (QUIC for short), is an experimental network protocol from Google. Further development of the protocol is being driven by IETF, which has set up a dedicated group working towards it. The QUIC protocol is intended to offer a speed-optimized alternative to the current transport standard TCP and builds on the connectionless protocol UDP to achieve this.

What is HTTPS?

HTTPS: what it means and why it’s important

Current web browsers are increasingly refusing to accept unencrypted websites and insist that the encrypted version of the Hypertext Transfer Protocol (i.e. HTTPS) be used. Why is this important? What is actually encrypted? What information can my browser provide me with about this? Here you will find the answers to these questions.

SAML

SAML: the XML framework for SSO at a glance

Simplifying log-in processes makes websites more user friendly, and also helps to increase the security of user data. One of the most popular solutions for implementing authentication processes is SAML (security assertion mark-up language). Through a variety of components such as special protocols and message formats, this XML-based framework helps to implement internal and cross-company log-on...

WebAuthn

WebAuthn (Web Authentication)

Passwords have long ceased to offer sufficient protection when surfing the internet: They are easy to crack, easily tapped, and difficult to remember. Together with the FIDO Alliance, the World Wide Web Consortium has developed a new standard. WebAuthn is intended to make logging into social media or online shopping portals easier and safer. How does it work?

What is spoofing?

What is spoofing?

Spoofing attacks encompass a wide range of potential attack scenarios. Besides conventional approaches like IP spoofing and DNS spoofing, they also include particularly dangerous phishing attacks. Read this article to find out how spoofing attacks work and what measures you can take to protect yourself effectively.

SYN flood

SYN flood attack: variants and countermeasures

The attack pattern of a SYN flood attack has been known since the early years of the World Wide Web. Over time, new attack variants and appropriate protective measures have arisen. DDoS attacks with massive data flows originating from botnets are currently the norm. Learn how SYN flood attacks work. We will explain the concepts of these attacks and countermeasures.

What is DoS (denial of service)?

Denial of service: what happens during a DoS attack?

Denial of service attacks – also called DoS attacks – are a relatively simple and effective method for cyber criminals to bring down a website, email traffic, or an entire network. Besides businesses, institutions such as the German parliament or Wikipedia have been victims of these types of attacks. This has raised the question: What exactly is denial of service, and what happens during an...


Wait! We’ve got something for you!
Get your .co.uk domain for just £1/1st year.

Enter the web address of your choice in the search bar to check its availability.
12 months for £1
then £10/year