Home > Categories > Cybersecurity > Cloud Native Data Security with OAuth
Cloud Native Data Security with OAuth
📥 Download PDF

Cloud Native Data Security with OAuth

by Gary Archer, Judith Kahrer

Cybersecurity

Book Details

Book Title

Cloud Native Data Security with OAuth

Author

Gary Archer, Judith Kahrer, and Michał Trojanowski

Publisher

O'Reilly Media, Inc

Publication Date

2025

ISBN

9781098164881

Number of Pages

782

Language

English

Format

PDF

File Size

9.45MB

Subject

Cybersecurity

Table of Contents

  • Contents
  • Foreword
  • Preface
  • Part I. Introducing Cloud Native OAuth
  • Chapter 1. Why Do You Need OAuth?
  • API-First Security
  • What Is OAuth 2.0?
  • Zero Trust Security
  • API Supporting Components
  • Cloud Native Platforms
  • Summary
  • Chapter 2. OAuth 2.0 Distilled
  • Roles
  • The Abstract Flow
  • The Access Token
  • Client Capabilities
  • OpenID Connect
  • OAuth Evolution
  • Sessions and Lifecycle
  • Summary
  • Chapter 3. Security Architecture
  • What Is an API Security Architecture?
  • Functions in the API Security Architecture
  • The Role of the Client
  • The Role of the Access Token
  • What Security Components Do You Need?
  • The Role of the Authorization Server
  • The Role of the API Gateway
  • The Role of the Policy Engine
  • API Responsibilities
  • Client Responsibilities
  • Operating Security Components
  • Extending OAuth
  • Summary
  • Chapter 4. OAuth Data Design
  • Authorization Server Data
  • OAuth Configuration Settings
  • Designing User Accounts
  • User Management APIs
  • Multiregion
  • Multitenancy
  • User Migration Code Example
  • Summary
  • Part II. Securing APIs with Tokens
  • Chapter 5. Secure API Development
  • Unified API Security with JWT Access Tokens
  • Validating JWT Access Tokens
  • API Authorization Logic
  • Handling Token Expiry in APIs
  • Testing Zero Trust APIs
  • API Code Example
  • Summary
  • Chapter 6. Access Token Design
  • The Access Token Contract
  • Understanding Token Scope
  • Understanding Token Claims
  • Obtaining the User’s Consent
  • Managing Access Tokens at Scale
  • Designing Token Sharing
  • Summary
  • Chapter 7. Secure Access Tokens
  • Secure Access Token Requirements
  • Access Token Formats
  • Access Token Delivery
  • Hardening Access Tokens
  • Summary
  • Chapter 8. Proxies, Gateways, and Sidecars
  • HTTP Proxies, Ingress, and Egress
  • The API Gateway Role
  • Exposing APIs in Kubernetes
  • Terminating Tokens
  • The Service Mesh Role
  • API Gateway Extensibility Example
  • Summary
  • Chapter 9. Entitlements
  • Access Control Models
  • The Role of Token-Based Authorization
  • Benefits of an Entitlement Management System
  • Scalable Authorization
  • Open Policy Agent
  • Summary
  • Part III. Operating Cloud Native OAuth
  • Chapter 10. Workload Identities
  • Workload Identity Issuance
  • Implementing Request Confidentiality
  • Restricting Workload Access
  • Hardening Credentials
  • Limitations of Workload Identities
  • Workload Identities Code Example
  • Summary
  • Chapter 11. Managing a Cloud Native Authorization Server
  • Hosting
  • Deployment
  • Data Operation
  • Reliability
  • Security Auditing
  • Summary
  • Part IV. Securing API Clients
  • Chapter 12. OAuth for Native Applications
  • The Code Flow
  • Implementing OAuth Clients
  • Hardening Security
  • Browserless User Authentication
  • Code Examples
  • Summary
  • Chapter 13. OAuth for Browser-Based Applications
  • Web Application Basics
  • Browser Security Threats
  • Web Security Mechanisms
  • Implementing OAuth Using JavaScript
  • Implementing OAuth Using a Backend for Frontend
  • Browser-Based Application Code Example
  • Summary
  • Chapter 14. User Authentication
  • Modern Authentication Flows
  • User Authentication Methods
  • User Authentication Techniques
  • User Authentication Lifecycle
  • Zero Trust User Authentication Example
  • Summary
  • Index
  • About the Authors