InfoQ Homepage Authentication Content on InfoQ
-
AWS Launches Open-Source Agent for AWS Secrets Manager
Amazon Web Services (AWS) has launched a new open-source agent for AWS Secrets Manager. According to the company, this agent simplifies the process of retrieving secrets from AWS Secrets Manager, enabling secure and streamlined application access.
-
RADIUS Protocol Vulnerability Exposes Network Device Authentication
A team of security researchers has discovered a significant vulnerability in the widely used RADIUS (Remote Authentication Dial-In User Service) protocol. This vulnerability could potentially allow attackers to gain unauthorised access to network devices. Cloudflare staff detailed the findings, highlighting the ongoing challenges of maintaining security in long-standing network protocols.
-
AWS Adds Passkey Support for Enhanced Security, Enforces MFA for Root Users
AWS has recently announced two new security features. First, passkeys can now be used for multi-factor authentication (MFA) for root and IAM users, providing additional security beyond just a username and password. Second, AWS now requires MFA for root users, starting with the root user account in an AWS Organization. This requirement will be expanded to other accounts throughout the year.
-
Beyond Passwords: Elastic's Proactive Move to Phishing-Resistant MFA
Recently, Elastic, a platform for search-powered solutions, discussed the advantages of phishing-resistant multi-factor authentication (MFA). This secure authentication method goes beyond traditional MFA, which uses passwords, SMS codes, or biometrics, by employing multiple layers of protection and a cryptographic registration process.
-
ASP.NET Core Updates in .NET 9 Preview 2: Blazor, OIDC, OAuth and Configuring HTTP.sys
Microsoft released .NET 9 Preview 2 which contains some updates regarding ASP.NET Core: Blazor component constructor injection, and WebSocket compression for Blazor interactive server components. Furthermore, developers can streamline authentication integration by customising OIDC and OAuth parameters and configuring HTTP.sys extended authentication flags.
-
Revolutionizing Digital Identity: How Verifiable Credentials Offer a New Era of Privacy and Control
Auth0 recently published an in-depth explanation of Verifiable Credentials (VCs). The article emphasizes the potential of VCs to transform how identities are managed online. It highlights the limitations of current identity systems and how VCs can address these gaps, particularly in allowing identity claims to be disclosed without issuers knowing, thereby enhancing privacy and control for users.
-
Introduction of Auth0 Templates for .NET
Auth0 Templates for .NET offers pre-built project templates with integrated Auth0 support for authentication and authorization. The development process is simplified, enabling the creation of Auth0-integrated .NET projects through familiar approaches from built-in templates. The project is open-source.
-
AWS Open-Sources Policy-Based Access Control Language Cedar
AWS has open-sourced Cedar, their language for defining access permissions using policies. Cedar is integrated within both Amazon Verified Permissions and AWS Verified Access. Cedar can also be integrated directly into an application via the provided SDK and language specification.
-
Microsoft Authentication Library 4.54.0 Supports Managed Identities
Version 4.54.0 of MSAL, Microsoft authentication library for .NET, brings official support for using managed identities when authenticating services that run in Azure. Furthermore, it features better error information for UWP applications and several bug fixes.
-
Google is Rolling out Passkeys to Make Passwords a Relic of the Past
Google has begun rolling out support for passkeys across Google Accounts on all major platforms. Passkeys will be available as an additional authentication option alongside pre-existing mechanisms, including passwords, 2-step verification, and so on.
-
HashiCorp Vault Improves Multi-Namespace Workflows, Adds Managed Service for Azure
HashiCorp has released version 1.13 of Vault, their secrets and identity management platform. This release includes multi-namespace access workflows, improvements to the Google Cloud secrets engine, usability improvements to MFA, and certificate revocation for cross-cluster management. HashiCorp has also released Vault as a managed service for Microsoft Azure environments.
-
AWS Creates New Policy-Based Access Control Language Cedar
AWS has created a new language for defining access permissions using policies called Cedar. Cedar is currently used within Amazon Verified Permissions and AWS Verified Access. Created by the AWS Automated Reasoning Group, Cedar is designed to be agnostic of AWS and simple to understand the effects of policies.
-
HashiCorp Boundary Adds Multi-Hop Sessions and Credential Templating
HashiCorp has released version 0.12 of Boundary, their open-source identity-based access management service for infrastructure. This release introduces support for multi-hop sessions removing the need to expose Boundary workers running on private networks. Additional improvements include support for credential injection via Vault, assigning network addresses on targets, and credential templating.
-
Permit Elements Enables Low-Code User-Managed Access Control
Permit.io has released Permit Elements, a low-code end-user authentication interface builder. Permit Elements allows developers to embed interfaces enabling their end-users to decide which roles have permission to perform actions. At the time of release, there are elements available for user management and audit logs.
-
Terraform Cloud Adds Dynamic Provider Credentials and OPA Support
Hashicorp has released several new features into Terraform Cloud, their managed service offering for Terraform. The new features include dynamic provider credentials, native OPA support, and the addition of projects as an organization tool.