Antonio works as Senior Software Engineer at Adobe Research Switzerland where he is part of the Adobe Experience Manager security team.

He is an avid open source contributor, being the Vice President (chair) for Apache Oltu and PMC member for Apache Sling.

Antonio is co-author of “OAuth 2 in Action" book. He found vulnerabilities in popular software as OpenSSL, Google Chrome, Apple Safari and is included in the Google, Facebook, Microsoft and Github security hall of fame.

LOCATION: Zürich
KEYWORDS: Tools, Product, Technology, Open Source

SPEAKER: Antonio Sanso   COMPANY: Adobe Systems Basel

The Web Authorization (OAuth) protocol allows a user to grant a third-party Web site or application access to the user's protected resources, without necessarily revealing their long-term credentials, or even their identity.

As the web grows, more and more sites rely on distributed services and cloud computing or a third-party application utilizing APIs from multiple services.
OAuth 2 is widely used from major internet players (as Google, Facebook, Twitter) in order to secure their (also REST) APIs.

This talk will introduce the OAuth 2 framework and Apache Oltu (OAuth protocol implementation in Java). It will also show how to best use OAuth 2.0 in order to avoid security pitfalls and common mistakes.

LANGUAGE: Talk: en / Slides: en

Antonio works as Senior Software Engineer at Adobe Research Switzerland where he is part of the Adobe Experience Manager security team.

He is an avid open source contributor, being the Vice President (chair) for Apache Oltu and PMC member for Apache Sling.

Antonio is co-author of “OAuth 2 in Action" book. He found vulnerabilities in popular software as OpenSSL, Google Chrome, Apple Safari and is included in the Google, Facebook, Microsoft and Github security hall of fame.

---