Loading…
Welcome to Diana Initiative 2020 Virtual Conference.
For more information, please see our web site here :
https://www.dianainitiative.org
Back To Schedule
Friday, August 21 • 9:00am - 10:00am
Application Security: OAuth 2.0 and OpenID Connect

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Video Stream


Feedback Survey
OAuth and OpenID Connect are the two widely used protocols for authentication and authorization of delegated access to third party applications. Not only they provide a common framework that can be implemented across different platforms, but also allow a user to grant limited access to their resources without having to expose their credentials, thus making them inherently more secure. But OAuth can be exploited to steal the access tokens, which can then be used in lieu of user credentials. This presentation will discuss the key concepts related to OAuth and OpenID and the relevant security issues with them. The presentation will also give an insight into how we can mitigate the risks to OAuth and detect the abuse of access tokens
Speakers
avatar for Nitya Garg

Nitya Garg

LinkedIn, Speaker
Nitya works with LinkedIn Technology as Information Security Engineer – Threat Mitigation and Incident Response. She has about 7 years of experience in Information Security, most of which has been on Threat Detection, Intrusion Analysis, and Incident Response.She is passionate about... Read More →
avatar for Akanksha Chaturvedi

Akanksha Chaturvedi

LinkedIn, Speaker
Akanksha works with LinkedIn Technology as a Senior Identity & Access Management Engineer. She has been working in this domain since past 7 years. She has an expertise in SSO, Active Directory, Authentication, Azure AD fields. Prior to joining LinkedIn, she has worked for Microsoft... Read More →

Friday August 21, 2020 9:00am - 10:00am PDT
Stage 2
  Talk Track2

Attendees (35)