Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAE.IF-RFC6819 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2017-12-13 ÃÑÆäÀÌÁö 81
ÇѱÛÇ¥ÁØ¸í °ø°³ ÀÎÁõ 2.0 À§Çù ¸ðµ¨°ú º¸¾È °í·Á »çÇ×
¿µ¹®Ç¥Áظí OAuth 2.0 Threat Model and Security Considerations
Çѱ۳»¿ë¿ä¾à º» Ç¥ÁØÀº ´ÙÀ½°ú °°Àº »çÇ×À» Á¦°øÇÑ´Ù.
— À§Çù ¸ðµ¨ÀÌ »ý¼ºµÉ ¶§ÀÇ °¡Á¤°ú ¹üÀ§¸¦ ¹®¼­È­
— °ø°³ ÀÎÁõ ÇÁ·ÎÅäÄÝ¿¡ ¼³Ä¡µÈ º¸¾È ±â´ÉµéÀÌ ¾î¶² Àǵµ·Î °ø°ÝÀ» ¾àÈ­ÇÏ´ÂÁö¸¦ ±â¼ú
— °ø°³ ÀÎÁõ¿¡ ´ëÇÑ Á¾ÇÕÀûÀÎ À§Çù ¸ðµ¨À» Á¦½ÃÇÏ°í, Á¦½ÃÇÑ À§Çù ¸ðµ¨µéÀ» ¾àÈ­ÇÏ´Â °³º°Àû ¹æ¾È¿¡ ´ëÇÑ ¼³¸í
¿µ¹®³»¿ë¿ä¾à The standard contains the following content:
— Documents any assumptions and scope considered when creating the threat model.
— Describes the security features built into the OAuth protocol and how they are intended to thwart attacks.
— Gives a comprehensive threat model for OAuth and describes the respective countermeasures to thwart those threats.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAE.IF-RFC6819.pdf TTAE.IF-RFC6819.pdf            

ÀÌÀü
ÀüÀÚÁ¾ÀÌÀÇ ±¤ÇÐÀû Ư¼º ÃøÁ¤ ¹æ¹ý
´ÙÀ½
Æú¸®¸Ó ¾×Ãß¿¡ÀÌÅÍ º¯À§ÀÇ È¯°æ Ư¼º ÃøÁ¤: Part 1 ½Àµµ ȯ°æ Ư¼º