Solutions Review finds the highest-rated books for authentication engineers available on Amazon right now. You need to add these to your collection today.
Solutions Review frequently shares our finds for essential cybersecurity titles and books every InfoSec professional and IT security team should have on the shelf. Here’s one of our lists.
For this list, we wanted to zoom in on a specific profession in cybersecurity – Authentication Engineer – and share the highest-rated titles that might appeal to members of said profession. These books qualify for this list by providing essential perspectives and information beneficial to Authentication Engineers and by having a four and having a four-star rating on Amazon at minimum.
The highest books listed here are intended for authentication engineers, whether just beginning their careers or already established as experts. All are written by authors with proficiency and/or recognition in the field of cybersecurity.
The Highest-Rated Books for Authentication Engineers on Amazon
Book Title: Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0
Our Take: Yvonne Wilson has had many roles in the software industry related to security and identity management as a developer, security architect, customer success engineer. Her experience is clear through the text.
“At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided.”
Book Title: Getting Started with OAuth 2.0: Programming Clients for Secure Web API Authorization and Authentication
Our Take: Ryan Boyd is a developer advocate at Google focused on enabling developers to extend Google Apps and build businesses on top of Google technology.
“Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application. Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.”
Our Take: Sirapat is currently a full-time lecturer at the School of Information Technology and DIGITECH at Suranaree University of Technology, Thailand.
“This book begins with the theoretical background of cryptography and the foundations of authentication technologies and attack mechanisms. You will learn about the mechanisms that are available to protect computer networks, systems, applications, and general digital technologies. Different methods of authentication are covered, including the most commonly used schemes in password protection: two-factor authentication and multi-factor authentication. You will learn how to securely store passwords to reduce the risk of compromise. Biometric authentication―a mechanism that has gained popularity over recent years―is covered, including its strengths and weaknesses.”
Our Take: Jonathan LeBlanc is a software engineer and the Head of Global Developer Advocacy for PayPal. Prior to joining PayPal, Tim Messerschmidt worked with Neofonie Mobile and Samsung focusing on several mobile projects.
“Developers, designers, engineers, and creators can no longer afford to pass responsibility for identity and data security onto others. Web developers who don’t understand how to obscure data in transmission, for instance, can open security flaws on a site without realizing it. With this practical guide, you’ll learn how and why everyone working on a system needs to ensure that users and data are protected.”
Book Title: Identity Management with Biometrics: Explore the latest innovative solutions to provide secure identification and authentication
Our Take: Lisa Block is a Security Ambassador with a broad range of IT skills and knowledge, including networking, Cisco CyberOps, Wireshark, biometrics, and the IoT. She also conducts courses for LinkedIn Learning.
“Starting with an overview of biometrics, you’ll learn the various uses and applications of biometrics in fintech, buildings, border control, and many other fields. You’ll understand the characteristics of an optimal biometric system and then review different types of errors and discover the benefits of multi-factor authentication. You’ll also get to grips with analyzing a biometric system for usability and accuracy and understand the process of implementation, testing, and deployment, along with addressing privacy concerns. The book outlines the importance of protecting biometric data by using encryption and shows you which factors to consider and how to analyze them before investing in biometric technologies.”
Book Title: Hacking Multifactor Authentication
OUR TAKE: Roger Grimes is a Principal Security Architect at Microsoft, and works with Microsoft Windows, Linux, and BSD. He is also a prolific author and speaker.
“This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You’ll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers’) needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book.”
Book Title: Password Authentication for Web and Mobile Apps: The Developer’s Guide To Building Secure User Authentication
OUR TAKE: Dmitry Chestnykh has been writing software for over twenty years, and now consults on applied cryptography and software security.
“Authenticating users with passwords is a fundamental part of web and mobile security. It is also the part that’s easy to get wrong. This book is for developers who want to learn how to implement password authentication correctly and securely. It answers many questions that everyone has when writing their own authentication system or learning a framework that implements it.”
Book Title: Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution
Our Take: Morey J. Haber is Chief Technology Officer at BeyondTrust and Darran Rolls is CISO and Chief Technology Officer at SailPoint. Greater experts are hard to come by.
Description: As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber-attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.
Our Take: Simon Moffatt is a recognized expert in the field of digital identity and access management, having spent nearly 20 years working in the sector. It comes through in the book.
Description: Modern organizations need to not only meet end-user privacy, security, and usability requirements but also provide business enablement opportunities that are agile and can respond to market changes rapidly. The modern enterprise architect and CISO is no longer just focused upon internal employee security – they now need to address the growing need for digital enablement across consumers and citizens too. A CISO and architect view on designing the fundamental building blocks of a scalable, secure and usable consumer identity and access management (CIAM) system. Covering: business objectives, drivers, requirements, CIAM life-cycle, implementer toolkit of standards, design principles, and vendor selection guidance.
Our Take: Phillip J. Windley is an Associate Professor of Computer Science at Brigham Young University.
Description: Author Phil Windley likens IMA to good city planning. Cities define uses and design standards to ensure that buildings and city services are consistent and workable. Within that context, individual buildings–or system architectures–function as part of the overall plan. With Windley’s experience as VP of product development for Excite@Home.com and CIO of Governor Michael Leavitt’s administration in Utah, he provides a rich, real-world view of the concepts, issues, and technologies behind identity management architecture.
Our Take: Mike Chapple is Senior Director for IT Service Delivery at the University of Notre Dame. This is an in-depth text for cybersecurity students.
Description: Revised and updated with the latest data from this fast-paced field, Access Control and Identity Management defines the components of access control, provides a business framework for implementation, and discusses legal requirements that impact access control programs. Focusing on Identity and Security Management, this new edition looks at the risks, threats, and vulnerabilities prevalent in information systems and IT infrastructures and how to handle them. This valuable resource provides both students and professionals with details and procedures on implementing access control systems as well as managing and testing those systems.
Solutions Review participates in affiliate programs. We may make a small commission from products purchased through this resource.
- The Best Books for Identity Security Available Now - September 16, 2021
- Authentication Apps: Best of 2021 and Beyond from Solutions Review - September 15, 2021
- Authentication Platforms: Best of 2021 and Beyond from Solutions Review - September 14, 2021