Authentication and Authorization security mechanisms - testing techniques

Information is an asset for today’s organizations and individuals. Information may be less or more important and very often has a monetary value. The disclosure, improper modification, or unavailability of information may incur expenses (loss) or missed profits for the organization or the individual. Therefore, most organizations and individuals protect information to a certain extent. Authentication and Authorization are the main security processes working together to provide access to assets in a controlled manner.

 

Security testing is most trending and happening subject in IT. It is very important aspect of testing and tricky thing. Authentication and Authorization plays an vital role in security testing. This session gives complete understanding of Authentication and Authorization mechanisms that are available in application security, challenges in managing user identity in distributed environments and techniques to test them thoroughly.

 
1 favorite thumb_down thumb_up 1 comment visibility_off  Remove from Watchlist visibility  Add to Watchlist
 

Outline/structure of the Session

Overview of Application Security

In-detailed authentication and Authorization

                Identification and Authentication

                Authorization

                User Logon Process

Evaluation of Authentication and Authorization

Importance of Authentication and Authorization in security testing

Different threats to User Identification and Authorization

                Bypassing Authentication

                Default Passwords

                Privilege Escalation

                Password Guessing: Dictionary, Brute Force, and Rainbow Attacks

                Sniffing Credentials off the Network

                Downgrading Authentication Strength

                Man-in-the-Middle Attacks

                Session Hijacking

                Keyboard Loggers, Trojans, and Viruses

                Offline Attacks

                Social Engineering            

Different techniques to secure your credentials

                Password Authentication

                Asymmetric Keys and Certificate-Based Credentials

                Biometric Credentials

Enterprise User Identification and Authentication Challenges

Testing techniques for authentication and authorization

Learning Outcome

The participants will get to know:

                Understanding importance of security testing

 Different Authentication & Authorization security mechanisms

                Authentication Challenges in Enterprise applications

                Testing techniques

                A case study for better understanding

Target Audience

Quality Assurance Engineer

schedule Submitted 1 year ago

Comments Subscribe to Comments

comment Comment on this Proposal
  • Schalk Cronjé
    By Schalk Cronjé  ~  1 year ago
    reply Reply

    The cntent looks interetsting, but I have one main concern - this is the testing tools track, but I see no mention of specific tools in this session