The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs
sponsored by Ping Identity Corporation
WHITE PAPER:
OAuth defeats the password anti-pattern, creating a consistent, flexible identity and policy architecture for web applications, web services, devices, and desktop clients attempting to communicate with Cloud APIs.
Posted: 21 Jun 2011 | Published: 21 Jun 2011
|
|
| |
SECURITY TOKENS DEFINITION (continued): … A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service. The device may be in the form of a smart card or may be embedded in a commonly used object such as a key fob. Security tokens provide an extra level of assurance through a method known as two-factor authentication: the user has a personal identification number (PIN), which authorizes them as the owner of that particular device; the device then displays a number which uniquely identifies the user to the service, allowing them to log in. The identification number for each user is changed frequently, usually every five minutes or so. Unlike a password, a security token is a physical object. A key fob, for example, is practical and easy to carry, and thus, easy for the user to protect. Even if the key fob falls into the wrong hands, however, it can't be used to gain access because the PIN (which only the rightful user knows) is also needed. Security Tokens definition sponsored by SearchSecurity.com, powered by WhatIs.com an online computer dictionary
|
|
|
|
TechTarget provides enterprise IT professionals with the information they need to perform their jobs
- from developing strategy, to making cost-effective IT purchase decisions and managing their
organizations' IT projects - with its network of
|
|
|
Definitions:
|
|
 |
|
All Rights Reserved,
Copyright 2000 - 2012, TechTarget |
|
|
|
|
