Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAE.IF-RFC6819 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2017-12-13 ÃÑÆäÀÌÁö 81
ÇѱÛÇ¥ÁØ¸í °ø°³ ÀÎÁõ 2.0 À§Çù ¸ðµ¨°ú º¸¾È °í·Á »çÇ×
¿µ¹®Ç¥Áظí OAuth 2.0 Threat Model and Security Considerations
Çѱ۳»¿ë¿ä¾à º» Ç¥ÁØÀº ´ÙÀ½°ú °°Àº »çÇ×À» Á¦°øÇÑ´Ù.
— À§Çù ¸ðµ¨ÀÌ »ý¼ºµÉ ¶§ÀÇ °¡Á¤°ú ¹üÀ§¸¦ ¹®¼­È­
— °ø°³ ÀÎÁõ ÇÁ·ÎÅäÄÝ¿¡ ¼³Ä¡µÈ º¸¾È ±â´ÉµéÀÌ ¾î¶² Àǵµ·Î °ø°ÝÀ» ¾àÈ­ÇÏ´ÂÁö¸¦ ±â¼ú
— °ø°³ ÀÎÁõ¿¡ ´ëÇÑ Á¾ÇÕÀûÀÎ À§Çù ¸ðµ¨À» Á¦½ÃÇÏ°í, Á¦½ÃÇÑ À§Çù ¸ðµ¨µéÀ» ¾àÈ­ÇÏ´Â °³º°Àû ¹æ¾È¿¡ ´ëÇÑ ¼³¸í
¿µ¹®³»¿ë¿ä¾à The standard contains the following content:
— Documents any assumptions and scope considered when creating the threat model.
— Describes the security features built into the OAuth protocol and how they are intended to thwart attacks.
— Gives a comprehensive threat model for OAuth and describes the respective countermeasures to thwart those threats.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAE.IF-RFC6819.pdf TTAE.IF-RFC6819.pdf            

ÀÌÀü
Å׶óÇ츣Ã÷ ºÐ±¤ ¹× ¿µ»ó ½Ã½ºÅÛÀÇ ±¸¼º Áöħ
´ÙÀ½
°³ÀÎ À½Çâ °ø°£ Áö¼ö