Instructions
The objective of this assignment is to explore and analyze the technical challenges that limit privacy in authentication and authorization technologies commonly used in web applications and systems. Specifically, we will examine the OWASP Top 10, username/passwords, static tokens, federated identity, OAuth, and OpenID Connect, and identify the privacy concerns associated with these technologies.
• Provide a brief overview of the OWASP Top 10, which represents the ten most critical web application security risks.
• Identify and explain how some of these risks can impact privacy in the context of authentication and authorization technologies.
• Discuss the privacy challenges associated with storing and transmitting passwords.
• Explore common password-related vulnerabilities and their impact on user privacy.
• Identify token-related vulnerabilities that can compromise privacy including
o Hard coded values
o SMS 2FA
o Push notification
o Passkeys / Hardware tokens
• Discuss the privacy challenges that arise when using federated identity solutions.
o Explore potential privacy risks associated with sharing identity information across multiple domains.
o Find examples of notable incidents related to this.
• Explain privacy concerns related to user consent and the sharing of personal information through OAuth.
• Identify privacy-related considerations when using OpenID Connect for user authentication.
- Analyze the privacy implications of relying on external identity providers through OpenID Connect.
- Reflect on the importance of addressing privacy concerns when implementing these technologies.
- OpenID connect requires a lot of information in its OAuth messaging, can you find anything specifically that leaks privacy?
- Find examples of notable incidents related to this.
• Provide as much technical detail as you can in each area. This is where the bulk of privacy problems exist for authentication and authorization today.
• Use proper citations and references to support your findings and ensure academic integrity.
• Use the preferred APA 7 format for citations, or another format if more convenient.
• 8 pages minimum.
• No maximum limit.
• Evaluation will be based on content accuracy, technical details, and the extent to which the questions and topics are effectively addressed.
Do you need help with this assignment or any other? We got you! Place your order and leave the rest to our experts.