BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

An Extensive Formal Security Analysis of the OpenID Financial Grade API

IEEE via YouTube

Start learning Write review

Overview

This course provides an extensive formal security analysis of the OpenID Financial-grade API, focusing on the security requirements for open banking APIs. The learning outcomes include understanding the security mechanisms of the FAPI, such as Code and Token Binding, JWS Client Assertions, and Proof Key for Code Exchange. The course teaches how to develop a precise model of the FAPI in the Web Infrastructure Model and define central security properties. The teaching method involves a rigorous, systematic formal analysis to uncover and mitigate severe attacks, ensuring the security of the FAPI. The intended audience for this course includes security professionals, developers, and individuals involved in the implementation of financial-grade APIs.

Syllabus

Introduction
Financial grade API
Overview
OAuth
Attacker Model
Roth Mutual TLS
Web Infrastructure Model
Browser Model
Overall Approach
Model
Security Properties
Authorization
Token Binding

Taught by

IEEE Symposium on Security and Privacy

Tags

Reviews

Start your review of An Extensive Formal Security Analysis of the OpenID Financial Grade API

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.