Auflistung P312 - Open Identity Summit 2021 nach Schlagwort "Authentication"
1 - 1 von 1
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragFAPI 2.0: A High-Security Profile for OAuth and OpenID Connect(Open Identity Summit 2021, 2021) Fett, DanielA growing number of APIs, from the financial, health and other sectors, give access to highly sensitive data and resources. With the Financial-grade API (FAPI) Security Profile, the OpenID Foundation has created an interoperable and secure standard to protect such APIs. The first version of FAPI has recently become an official standard and has already been adopted by large ecosystems, such as OpenBanking UK. Meanwhile, the OpenID Foundation’s FAPI Working Group has started the work on a the second version of FAPI, putting a focus on robust interoperability, simplicity, a more structured approach to security, and improved non-repudiation. In this paper, we give an overview of the FAPI profiles, discuss the learnings from practice that influence the development of the latest version of FAPI, and show how formal security analysis helps to shape security decisions.