Multi-factor Authentication

Building a Secure and Reliable Authentication Service with Rust: From Basics to Practical Implementation

by
Building a Secure and Reliable Authentication Service with Rust: From Basics to Practical Implementation

Building a Secure and Reliable Authentication Service with Rust: From Basics to Practical Implementation Introduction: When Security Meets Performance “Another user data breach?” Such headlines have become all too familiar. In web development, authentication services act like guards at the entrance, quickly identifying legitimate users while blocking malicious intruders. Traditional authentication solutions often struggle to … Read more

Securing HTTP-Based APIs

by
Securing HTTP-Based APIs

This guide provides recommendations for securing HTTP-based APIs. It is aimed at technical personnel responsible for designing or building applications that provide HTTP APIs. Please note that you should perform threat modeling specific to your design to fully secure HTTP-based APIs. What is an HTTP-Based API? An HTTP-based API enables communication between different software systems … Read more

MQTT 5.0: Enhanced Security Features

by
MQTT 5.0: Enhanced Security Features

MQTT Introduction  MQTT[1] 5.0, launched in March 2019 by OASIS (Organization for the Advancement of Structured Information Standards), is a significant upgrade from the MQTT 3.1.1 version released in 2014.  As a messaging protocol specifically designed for the Internet of Things (IoT) and Industrial IoT, it was previously introduced in ‘MQTT, Friend of Weak Networks’, … Read more

A Reverse Engineering Journey of the Xiaomi Mi Band BLE Communication Protocol

by
A Reverse Engineering Journey of the Xiaomi Mi Band BLE Communication Protocol

AuthorForum Account:FinchK 0x0 Introduction As a pure beginner in reverse engineering, I have been involved in it for about two months. I have a Xiaomi Mi Band 4 NFC version, which has the built-in Xiao Ai assistant that can engage in voice conversations to control smart home devices and perform operations such as setting alarms. … Read more

Understanding the Fields in HTTP Request Headers

by
Understanding the Fields in HTTP Request Headers

Professionals Click the blue text to follow us Today’s article Request headers are key information sent by the client to the server when making a request, used to convey metadata about the request. Common request headers include: Host (target domain name or IP), User-Agent (information about the client and the browser used for access), Content-Length … Read more

Sharing the Linux mcookie Command

by
Sharing the Linux mcookie Command

World Trade Center 1. What is mcookie http://man.he.net/man1/mcookie mcookie – Generates authentication tokens for the X Window System authentication tool xauth mcookie is a command-line tool that runs on Unix-like operating systems, primarily used to generate random 128-bit hexadecimal numbers. These numbers are highly random and unpredictable, making them commonly used as session keys, unique … Read more

Illustration of HTTPS One-Way and Two-Way Authentication

by
Illustration of HTTPS One-Way and Two-Way Authentication

1. Http HyperText Transfer Protocol, is the most widely used protocol on the Internet, a standard that all WWW files must follow. The data transmitted using the HTTP protocol is unencrypted, which means it is in plaintext, making it very insecure to transmit private information using the HTTP protocol. Uses TCP port: 80 2. Https … Read more

HTTPS Interface Encryption and Authentication

by
HTTPS Interface Encryption and Authentication

1. Why Use HTTPS Instead of HTTP 1.1 Differences Between HTTPS and HTTP 1) The HTTPS protocol requires a certificate application from a CA, and generally, free certificates are rare and often require payment. 2) HTTP is the Hypertext Transfer Protocol, where information is transmitted in plain text, while HTTPS is a secure SSL encrypted … Read more

Security in Embedded Design

by
Security in Embedded Design

Embedded systems are the core of modern electronic devices, and their security is crucial. These systems often contain sensitive data and critical functions, and if attacked, could lead to data breaches, system failures, or even physical damage. Therefore, security must be fully considered during the embedded design process. This article will delve into the security … Read more

Flexible Authentication Methods for Secure IoT Device Connections

by
Flexible Authentication Methods for Secure IoT Device Connections

Introduction: Flexible Authentication/Authorization Mechanisms Provide Efficient Security Assurance EMQX has always placed great emphasis on security, providing continuous enhancement of security guarantees for IoT users through a wide range of out-of-the-box security features, including MQTT over TLS/SSL, transmission encryption and authentication integration based on national cryptography algorithms, as well as various identity authentication functions such … Read more