Crumbling the Cookie Fixing a Weak Link in Authentication on the Web

Sdílet
Vložit
  • čas přidán 16. 06. 2024
  • Speaker: Zachary Voase - Senior Security Software Engineer - Netflix
    Date: Thursday, June 1, 2023
    Location: ARIA Resort & Casino | Las Vegas, NV
    #identiverse2023
    identiverse.com
    Description: WebAuthn, OAuth 2.0, passkeys, ... the list goes on. We've never had so many tools to securely establish user and application identity while maintaining privacy and convenience. But we risk turning back the clock and squandering those gains when we tie it all together with a session identifier or simple JWT stored in a cookie. Still, browsers and HTTP clients offer few other options for securely proving identity over the course of a browsing session. In this talk we'll go over the issues that cookies and bearer tokens present, detail some application-level mitigations, and address ongoing developments in browser- and protocol-level standards to fill this gap in our industrywide security posture.
  • Věda a technologie

Komentáře •

Další v pořadí
Automatické přehrávání
Authentication Tales from the Field25:01Authentication Tales from the Field
Authentication Tales from the FieldIdentiverse - A CRA Resource
zhlédnutí 32
Bringing National Australia Bank’s Digital Identity to Life: From Ideation to Market Launch50:03Bringing National Australia Bank’s Digital Identity to Life: From Ideation to Market Launch
Bringing National Australia Bank’s Digital Identity to Life: From Ideation to Market LaunchIdentiverse - A CRA Resource
zhlédnutí 35
TOP 5 Ways To Get Ready For The War Within! (Do This Before Launch) | World of Warcraft14:23TOP 5 Ways To Get Ready For The War Within! (Do This Before Launch) | World of Warcraft
TOP 5 Ways To Get Ready For The War Within! (Do This Before Launch) | World of WarcraftOsterberg501 - MMO Central
zhlédnutí 15K
Happy 4th of July 😂00:12Happy 4th of July 😂
Happy 4th of July 😂Alyssa's Ways
zhlédnutí 63M
🇰🇷🤝🇯🇵 ISSEI × Byungari 병아리언니 funny video | Sneak a piece of ISSEI cake🍰00:29🇰🇷🤝🇯🇵 ISSEI × Byungari 병아리언니 funny video | Sneak a piece of ISSEI cake🍰
🇰🇷🤝🇯🇵 ISSEI × Byungari 병아리언니 funny video | Sneak a piece of ISSEI cake🍰ISSEI / いっせい
zhlédnutí 37M
100❤️00:19100❤️
100❤️MY💝No War🤝
zhlédnutí 23M
Best KFC Homemade For My Son #cooking #shorts00:58Best KFC Homemade For My Son #cooking #shorts
Best KFC Homemade For My Son #cooking #shortsBANKII
zhlédnutí 49M
Zero Trust Architecture for B2C Identity at General Motors26:49Zero Trust Architecture for B2C Identity at General Motors
Zero Trust Architecture for B2C Identity at General MotorsIdentiverse - A CRA Resource
zhlédnutí 63
The Laws of Identity in the Era of Ubiquitous Identity50:11The Laws of Identity in the Era of Ubiquitous Identity
The Laws of Identity in the Era of Ubiquitous IdentityIdentiverse - A CRA Resource
zhlédnutí 52
The Impact of AI and LLMs - The Future of Digital Identity with Patrick Parker11:30The Impact of AI and LLMs - The Future of Digital Identity with Patrick Parker
The Impact of AI and LLMs - The Future of Digital Identity with Patrick ParkerKuppingerCole
zhlédnutí 186
Identity Security - A Link between the Identity and Security Worlds | Analyst Chat 22037:26Identity Security - A Link between the Identity and Security Worlds | Analyst Chat 220
Identity Security - A Link between the Identity and Security Worlds | Analyst Chat 220KuppingerCole
zhlédnutí 55
How NVIDIA just defeated every other tech company9:20How NVIDIA just defeated every other tech company
How NVIDIA just defeated every other tech companyMrwhosetheboss
zhlédnutí 778K
Kerberos Authentication Explained | A deep dive16:52Kerberos Authentication Explained | A deep dive
Kerberos Authentication Explained | A deep diveDestination Certification
zhlédnutí 332K
I Was An MIT Educated Neurosurgeon Now I'm Unemployed And Alone In The Mountains How Did I Get Here?48:22I Was An MIT Educated Neurosurgeon Now I'm Unemployed And Alone In The Mountains How Did I Get Here?
I Was An MIT Educated Neurosurgeon Now I'm Unemployed And Alone In The Mountains How Did I Get Here?Goobie and Doobie
zhlédnutí 9M
Bill Gates on AI, Elon Musk & Why 2050 Climate Goals Still Possible24:07Bill Gates on AI, Elon Musk & Why 2050 Climate Goals Still Possible
Bill Gates on AI, Elon Musk & Why 2050 Climate Goals Still PossibleBloomberg Television
zhlédnutí 57K
Sky News host brutally takes down Joe Biden after he lies in interview12:22Sky News host brutally takes down Joe Biden after he lies in interview
Sky News host brutally takes down Joe Biden after he lies in interviewSky News Australia
zhlédnutí 2,8M
:(07:51:(
:(TechLinked
zhlédnutí 356K
$20 Fake iPhone 15 Pro Max... #Shorts00:44$20 Fake iPhone 15 Pro Max... #Shorts
$20 Fake iPhone 15 Pro Max... #ShortsPhone Repair Guru
zhlédnutí 2,1M
Samsung Galaxy 🔥 #shorts #trending #youtubeshorts #shortvideo ujjawal4u00:10Samsung Galaxy 🔥 #shorts #trending #youtubeshorts #shortvideo ujjawal4u
Samsung Galaxy 🔥 #shorts #trending #youtubeshorts #shortvideo ujjawal4uUjjawal4u. 120k Views . 4 hours ago
zhlédnutí 8M
These spy cameras are terrifying!00:59These spy cameras are terrifying!
These spy cameras are terrifying!Mrwhosetheboss
zhlédnutí 4,5M
New Batteries: It’s Not All Hype07:00New Batteries: It’s Not All Hype
New Batteries: It’s Not All HypeSabine Hossenfelder
zhlédnutí 480K
Samsung laughing on iPhone #techbyakram00:12Samsung laughing on iPhone #techbyakram
Samsung laughing on iPhone #techbyakramTech by Akram
zhlédnutí 633K
iPad calculator 🤯💕 iPadOS 18 | apple WWDC 2024 | apple pencil | math notes00:16iPad calculator 🤯💕 iPadOS 18 | apple WWDC 2024 | apple pencil | math notes
iPad calculator 🤯💕 iPadOS 18 | apple WWDC 2024 | apple pencil | math notesHappyDownloads
zhlédnutí 1,8M
Tohle je nový Samsung Galaxy Z Fold 6! #SamsungUnpacked #TeamGalaxy #PlayGalaxy @czsamsung00:47Tohle je nový Samsung Galaxy Z Fold 6! #SamsungUnpacked #TeamGalaxy #PlayGalaxy @czsamsung
Tohle je nový Samsung Galaxy Z Fold 6! #SamsungUnpacked #TeamGalaxy #PlayGalaxy @czsamsungNatálka
zhlédnutí 63K