Capital One launched the DevExchange Beta developer site and initial API offering last month.
Google has announced at I/O 2015 the Google Identity Platform, a collection of tools and APIs for managing identities and dealing with authentication and authorization across Android, iOS and web applications.
Firebase has this week announced major updates to its user authentication, including automatic session persistence, and rich authentication tokens for use in Security Rules.
OAuth.io is an API and a service interfacing with more than 80 OAuth providers. This article contains an interview with Mehdi Medjaoui, Co-founder of OAuth.io, providing details on security, licensing and future developments.
The recently released Twitter API V1.1 ships with support for JSON and provides an ability to authenticate apps via OAuth1.0a.
Google today disclosed details of Compute Engine, an IaaS offering that runs Linux VMs on demand utilizing Google’s cloud infrastructure. Google Compute Engine (GCE) supports 1, 2, 4 and 8 virtual core VMs with 3.75GB RAM per virtual core
Twitter is the latest to experience downtime when yesterday the company issued a status update indicating instability within the site. This was the second such report from Twitter this week and follows on the heels of outages experienced this week by Google’s Blogger service and Microsoft’s Business Productivity Online Suite (BPOS).
Today Google announced experimental support for OAuth 2.0 with bearer tokens. In addition, as a side announcement they've launched a new consent page for OAuth 2.0 designed with cleanliness and simplicity in mind.
Bill Burke, JBoss's Chief Architect and REST Easy Project Lead, published last week a proposal for a Digital Signature Protocol over HTTP. "DSig" is rapidly gaining popularity, more than 10 years after it was designed, due to the emergence of composite applications and the need to establish trusted relationships between their clients and services.
Eran Hammer-Lahav, one of the editors of the OAuth 2.0 specification, published a diatribe on the latest standard draft. For him, the current proposal mortgages the future of the Web. He sees the current specification focusing too much on simplicity for the application developer while severely limiting the ability to create discoverable and interoperable services.
The WCF Data Services Team have recently been doing a series on the available authentication mechanisms for client/OData service authentication.
As more social networking sites are popping up, the questions around the data they keep are rising. Data portability has become the watch phrase across the Web 2.0 world. Is there something to be learned about data access and portability from these services?
CONTENT IN THIS BOX
PROVIDED BY OUR SPONSOR
Increase security on compromised platforms with Intel® SGX.
An Intel technology for application developers who are seeking to protect select code and data from disclosure or modification.
A Developer’s Perspective.
Developers have long been constrained by the security capabilities that major platform providers have exposed for application development. How Bromium and wolfSSL employ Intel® SGX to create more secure, next-generation solutions.
Learn more about the Intel SGX SDK, a collection of APIs, libraries, documentation, sample source code, and tools that allows software developers to create and debug Intel SGX enabled applications in C/C++.
Protect Application Code, Data, & Secrets from Attack.
Developers can partition their application into CPU hardened “enclaves” or protected areas of execution that increase security even on compromised platforms.
Intel Software Guard Extensions (SGX) for Dummies.
At its root, Intel® SGX is a set of new CPU instructions that can be used by applications to set aside private regions of code and data.