Skip to main content
Software Engineering

Questions tagged [security]

Ask Question

For questions relating to cryptography and IT security. This can be computer, network, or database security.

934 questions
Newest Active Bountied Unanswered
3 votes
1 answer
256 views

I'm building a web app using Spring Boot (backend) and React (frontend). My authentication is based on JWT, with both access token and refresh token. The refresh token is stored in an HTTP-only ...
Conquer the world's user avatar
  • 71
6 votes
2 answers
1k views

Since I started studying security in web applications, it seems that everyone always says to never store sensitive information (e.g., refresh tokens, access tokens, and so on) due to the risk of ...
ikiwq's user avatar
  • 165
2 votes
3 answers
426 views

Recently, I’ve found myself designing a microservices system, and I’m currently facing some challenges with authentication and authorization. Context All my microservices will be placed behind an API ...
ikiwq's user avatar
  • 165
2 votes
2 answers
315 views

I'm designing a password manager app for Android that prioritizes offline first security the idea is to store the vault locally and avoid any cloud dependencies during normal usage. However, I'm ...
dev4Life's user avatar
  • 79
0 votes
1 answer
136 views

I'm considering embarking on an operating system kernel project. One of the "features" that I intend it to have, is a mandatory access control framework that can be purposed to sandbox ...
DannyNiu's user avatar
  • 374
21 votes
5 answers
5k views

I've heard that I should never use Java serialization (Serializable/ObjectInputStream/ObjectOutputStream) because of security. What's the problem?
Stack Exchange Broke The Law's user avatar
  • 5,417
5 votes
3 answers
435 views

I'm having a hard time of understanding at what point is multiple layers of validation protection necessary rather than a single point of failure and if the performance hit is a concern Lets say you ...
Observable Stone's user avatar
  • 69
3 votes
2 answers
512 views

I'm working on a Spring-based micro service project and considering different approaches for handling authentication and authorization. Instead of setting up a dedicated authorization server, I'm ...
GeekChap's user avatar
  • 59
6 votes
1 answer
1k views

Our Windows application makes use of some open source components in the form of their publicly released executables. (One example is 7za.exe that we use to zip old log files.) We do not want users to ...
Martin Ba's user avatar
  • 7,861
-2 votes
1 answer
81 views

I have a website with an online keyboard. Essentially people can type on this online keyboard and send messages worldwide. My problem is users can easily intercept the POST network call to the backend ...
Mason Smith's user avatar
  • 1
2 votes
3 answers
2k views

I'm developing a web application that uses tokens for authentication. Users often open multiple browser tabs, and each tab has a client-side timer to refresh the authentication tokens before they ...
Bad Boy's user avatar
  • 73
1 vote
1 answer
108 views

I'm trying to figure out the best approach for handling external requests. I am working on a system where the application is currently sitting outside (DMZ) and the DB is inside. The specific port ...
Shahzad's user avatar
  • 19
0 votes
1 answer
193 views

I am writing an API for a payment system. Third parties can register callback URLs that are linked to an account ID so that whenever a transaction involving that account ID is updated, my API calls ...
Adrian Albert Koch's user avatar
  • 241
4 votes
1 answer
180 views

I plan to have a frontend web app written with Next.js using the AuthJS library to provide user authentication using Oauth. This frontend application depends on a backend API. I want to make sure my ...
Romuloux's user avatar
  • 149
-1 votes
1 answer
187 views

Recently, I spoke to an Engineering Manager about some work I've done: I had to implement a micro-service to a third party API contract (that they will call). Part of the requirement is to ...
Ahmed Tawfik's user avatar
  • 139

15 30 50 per page
1
2 3 4 5
63