Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAE.IF-RFC6819 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2017-12-13 ÃÑÆäÀÌÁö 81
ÇѱÛÇ¥ÁØ¸í °ø°³ ÀÎÁõ 2.0 À§Çù ¸ðµ¨°ú º¸¾È °í·Á »çÇ×
¿µ¹®Ç¥Áظí OAuth 2.0 Threat Model and Security Considerations
Çѱ۳»¿ë¿ä¾à º» Ç¥ÁØÀº ´ÙÀ½°ú °°Àº »çÇ×À» Á¦°øÇÑ´Ù.
— À§Çù ¸ðµ¨ÀÌ »ý¼ºµÉ ¶§ÀÇ °¡Á¤°ú ¹üÀ§¸¦ ¹®¼­È­
— °ø°³ ÀÎÁõ ÇÁ·ÎÅäÄÝ¿¡ ¼³Ä¡µÈ º¸¾È ±â´ÉµéÀÌ ¾î¶² Àǵµ·Î °ø°ÝÀ» ¾àÈ­ÇÏ´ÂÁö¸¦ ±â¼ú
— °ø°³ ÀÎÁõ¿¡ ´ëÇÑ Á¾ÇÕÀûÀÎ À§Çù ¸ðµ¨À» Á¦½ÃÇÏ°í, Á¦½ÃÇÑ À§Çù ¸ðµ¨µéÀ» ¾àÈ­ÇÏ´Â °³º°Àû ¹æ¾È¿¡ ´ëÇÑ ¼³¸í
¿µ¹®³»¿ë¿ä¾à The standard contains the following content:
— Documents any assumptions and scope considered when creating the threat model.
— Describes the security features built into the OAuth protocol and how they are intended to thwart attacks.
— Gives a comprehensive threat model for OAuth and describes the respective countermeasures to thwart those threats.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAE.IF-RFC6819.pdf TTAE.IF-RFC6819.pdf            

ÀÌÀü
ÁÖÁ¶ ¾÷Á¾ ½º¸¶Æ® °øÀå Àû¿ë Áöħ – Á¦2ºÎ: Á¤º¸ ±³È¯ ÀÎÅÍÆäÀ̽º
´ÙÀ½
¸ÂÃãÇü Á¦Ç° Á¦Á¶ ¼­ºñ½º ½Ã³ª¸®¿À