Instant Java Password and Authentication Security
暫譯: 即時 Java 密碼與身份驗證安全
Fernando Mayoral
- 出版商: Packt Publishing
- 出版日期: 2013-12-05
- 售價: $1,350
- 貴賓價: 9.5 折 $1,283
- 語言: 英文
- 頁數: 38
- 裝訂: Paperback
- ISBN: 1849697760
- ISBN-13: 9781849697767
-
相關分類:
Java 程式語言、Word、資訊安全
海外代購書籍(需單獨結帳)
相關主題
商品描述
A practical, hands-on guide to securing Java application passwords with hashing techniques
Overview
- Learn something new in an Instant! A short, fast, focused guide delivering immediate results
- Learn to use the basic MD5 hash
- Introduces and details the concept of a strong SHA-based hash
- Add salt to strengthen hashes and create nearly unbreakable hashes
In Detail
Password security is a critical matter when it comes to protecting the interests of application users and their data for a satisfactory user experience. With the advancement in technology, now more than ever, application developers need to be able to implement reliable mechanisms to prevent passwords from being stolen. Java Password and Authentication Security provides a practical approach to implement these reliable mechanisms with the possibility to make password authentication stronger as technology makes it easier to break them.
Java Password and Authentication Security is a practical, hands-on guide covering a number of clear, step-by-step exercises and code examples that will help you to implement strong password authentication solutions for your project in no time.
This book starts off with the most basic and well known hashing technique to quickly get an application developer started with implementing a standard password protection mechanism. Furthermore, it covers the stronger SHA (standard hashing algorithm) family in detail and brings up a technique to improve the hash security with a technique called “salting”.
You will also learn how to use these hashes, and more importantly, when to use each technique. You will learn that not every hash algorithm is good in every situation, and how to deal with password recovery, password authentication, and timing attacks.
What you will learn from this book
- How and when to use the MD5 hash
- Create every SHA-based hash
- Use SHA hashes, and learning their weaknesses
- Add salt to a hash
- Store salts and regenerate the hash using the original salt
- Implement an iterative hashing mechanism
- Increase the strength of your hashes with an iterative hashing mechanism
- Implement a length-constant time comparison to avoid timing attacks
Approach
Filled with practical, step-by-step instructions and clear explanations for the most important and useful tasks. This book takes a hands-on approach to Java-based password hashing and authentication, detailing advanced topics in a recipe format.
Who this book is written for
This book is ideal for developers new to user authentication and password security, and who are looking to get a good grounding in how to implement it in a reliable way.
It's assumed that the reader will have some experience in Java already, as well as being familiar with the basic idea behind user authentication.
商品描述(中文翻譯)
一個實用的、動手操作的指南,使用雜湊技術來保護 Java 應用程式的密碼
概述
- 立即學習新知!一本短小、快速、專注的指南,提供即時的結果
- 學習使用基本的 MD5 雜湊
- 介紹並詳細說明強大的 SHA 基礎雜湊概念
- 添加鹽以增強雜湊,創建幾乎無法破解的雜湊
詳細內容
密碼安全是保護應用程式使用者及其數據利益的重要問題,以確保良好的使用者體驗。隨著技術的進步,現在比以往任何時候都更需要應用程式開發者能夠實施可靠的機制來防止密碼被盜取。《Java 密碼與身份驗證安全》提供了一種實用的方法來實施這些可靠的機制,並有可能隨著技術的進步使密碼身份驗證變得更強。
《Java 密碼與身份驗證安全》是一本實用的、動手操作的指南,涵蓋了多個清晰的、逐步的練習和代碼範例,幫助您迅速為您的專案實施強大的密碼身份驗證解決方案。
本書從最基本且最知名的雜湊技術開始,迅速讓應用程式開發者入門,實施標準的密碼保護機制。此外,還詳細介紹了更強大的 SHA(標準雜湊算法)系列,並提出了一種名為“加鹽”的技術來提高雜湊的安全性。
您還將學習如何使用這些雜湊,更重要的是,何時使用每種技術。您將了解到並非每種雜湊算法在每種情況下都適用,以及如何處理密碼恢復、密碼身份驗證和時間攻擊。
您將從本書中學到的內容
- 如何以及何時使用 MD5 雜湊
- 創建每一種基於 SHA 的雜湊
- 使用 SHA 雜湊,並了解其弱點
- 為雜湊添加鹽
- 儲存鹽並使用原始鹽重新生成雜湊
- 實施迭代雜湊機制
- 通過迭代雜湊機制增強雜湊的強度
- 實施長度恆定時間比較以避免時間攻擊
方法
本書充滿了實用的、逐步的指導和對最重要、最有用任務的清晰解釋。這本書採取了動手操作的方法來處理基於 Java 的密碼雜湊和身份驗證,詳細說明了以食譜格式呈現的進階主題。
本書的讀者對象
本書非常適合對使用者身份驗證和密碼安全不熟悉的開發者,並希望獲得如何以可靠方式實施的良好基礎。
假設讀者已經具備一定的 Java 經驗,並且熟悉使用者身份驗證的基本概念。
