Data on EU #novelfood regulations & #innovations suggests a #regulation meant to simplify product #authorisation is limited by precautionary & risk analysis principles, undermining #investors' expectations & adding uncertainty, leading to delayed #investments in new products: https://doi.org/10.1111/1477-9552.12622

Эта уязвимость позволяла злоумышленникам получать доступ к учетным записям, изменяя лишь параметры в публично-доступном URL, что могло привести к компрометации конфиденциальных данных.

Вечером 12 декабря в 19:00 за чашечкой чая ☕️ с Алёной Батицкой и Егором Левченко
@frtvt из Доки обсудим подобные угрозы безопасности веба 🕸️Присоединяйтесь, чтобы узнать, как защитить свои интерфейсы! 💻🔒

#WebSecurity #Security #WebAuthn #Passkey #Authentication #IDOR #Authorisation

https://www.youtube.com/watch?v=yr_pupMqzgw

Microsoft office declaring that files can't be found/saved/printed because I lack authorisation. Is anyone having these problems suddenly? Nightmare
#MS #MSoffice #MSExcel #MSword #authorisation

All Maybank2u Biz Transactions Will Require Secure2u Authorisation Starting 26 November 2023 #authorisation #banking #biz #maybank #maybank2u #secure2u

https://www.lowyat.net/2023/310900/maybank2u-biz-require-secure2u/

"Why not just implement Feature Flags as #authorisation
^ has probably popped into someone's head more than once.

It's a fairly reasonable thought, but the devil is in the details. IMO it's like saying we should put up traffic lights instead of using traffic cones.

https://ntietz.com/blog/feature-flags-and-authorization/

#featureflags vs #authz #rbac

#Germany proposes #rules to #ease #legal #changes of #gender.

The new #law would end #expert #assessments and #court #authorisation for #adults to change their #firstname and #legalgender.

#Women #Nonbinary #Transgender #LGBTQ #Transitioning #NameChanges #SelfID

https://www.express.co.uk/news/world/1768419/Germany-proposes-rules-to-ease-legal-changes-of-gender

A lot has happened since Wonderful’s #FCA authorisation in October, but it’s never too late to say a huge thank you to DWF, who supported us throughout. 🙏🙏🙏

#payments #authorisation #OpenBanking

https://dwfgroup.com/en/news-and-insights/insights/2022/12/wonderful-payments

Anyone willing to share learning resources re: how to approach/think about and implement a general #authorisation solution for multiple services?

One that I’ve found useful is Oso’s auth academy https://www.osohq.com/academy ; it gives overviews of different approaches and the concrete pros and cons of each.

Overall, I’ve found it quite difficult to find good, hands-on resources for _developers_ (seems most are sysadmin-focused) when it comes to #IAM, and I don’t think I’m alone.

#authorization

I’ve turned off the #Mastodon-to-#Twitter cross-poster I was using, as it’s no longer useful to me

I’ve also deauthorised the tool at the Twitter end

How do I revoke the tool’s ability to access my account on Mastodon? 🤷‍♀️

(Same question applies to apps etc.)

#oauth #authorisation #authorization #revoke

This is a very great OIDC overview. If are about to implement an application, you should consider using this for your user backend.

If you are a user and want to know how "Sign-in with Google" or "Sign-in with Facebook" works, this is your chance.

https://www.youtube.com/watch?v=t18YB3xDfXI

#OIDC #infosec #authorisation #identity #SSO

RT @cyberwatchingeu@twitter.com

Be inspire with the case study of @AARC_Project@twitter.com on how a consortium of #e-infrastructures used #AARC #BlueprintArchitecture to respond to #Authentication #Authorisation #Infrastructure requirements of #Biomedical #ResearchInfrastructures of @CORBEL_eu@twitter.com http://ow.ly/phRO30nG4Eb

🐦🔗: https://twitter.com/cyberwatchingeu/status/1095666418123714561