Top 9 Authentication Books for Professionals

Top 9 Authentication Books for Professionals

Solutions Review compiles the 9 essential authentication books professionals need to add to their reading lists.

Authentication forms a critical component of identity and access management and cybersecurity in general. It constitutes the heart of modern digital perimeter security and a tool in the fight against external threat actors. We’ve listed the top nine authentication books professionals should add to their reading lists. These books are intended for beginners and experts alike and are written by authors with proficiency and/or recognition in the field of identity management.

Be sure to also consult our Identity Management Buyer’s Guide for information on the top solution providers on threat intelligence. It’s the perfect resource if you don’t want your organization to suffer from credentials compromise and breaches.

Note: Titles are listed in no particular order.

Top 9 Authentication Books for Professionals

Book Title: Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0

Our Take: Yvonne Wilson has had many roles in the software industry related to security and identity management as a developer, security architect, customer success engineer. Her experience is clear through the text. 

authentication booksAt a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided.

 

Go to this book

Book Title: OAuth 2 in Action

Our Take: Justin Richer is a systems architect, software engineer, standards editor, and service designer. Antonio Sanso works as Security Software Engineer. 

OAuth 2 in Action teaches you the practical use and deployment of this HTTP-based protocol from the perspectives of a client, authorization server, and resource server. You’ll learn how to confidently and securely build and deploy OAuth on both the client and server sides…Think of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.

Go to this book

Book Title: Getting Started with OAuth 2.0: Programming Clients for Secure Web API Authorization and Authentication

Our Take: Ryan Boyd is a developer advocate at Google focused on enabling developers to extend Google Apps and build businesses on top of Google technology. 

authentication booksWhether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application. Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.”

Go to this book

Book Title: Authentication and Access Control: Practical Cryptography Methods and Tools

Our Take: Sirapat is currently a full-time lecturer at the School of Information Technology and DIGITECH at Suranaree University of Technology, Thailand. 

This book begins with the theoretical background of cryptography and the foundations of authentication technologies and attack mechanisms. You will learn about the mechanisms that are available to protect computer networks, systems, applications, and general digital technologies. Different methods of authentication are covered, including the most commonly used schemes in password protection: two-factor authentication and multi-factor authentication. You will learn how to securely store passwords to reduce the risk of compromise. Biometric authentication―a mechanism that has gained popularity over recent years―is covered, including its strengths and weaknesses.

Go to this book

Book Title: Identity and Data Security for Web Development: Best Practices

Our Take: Jonathan LeBlanc is a software engineer and the Head of Global Developer Advocacy for PayPal. Prior to joining PayPal, Tim Messerschmidt worked with Neofonie Mobile and Samsung focusing on several mobile projects.

Developers, designers, engineers, and creators can no longer afford to pass responsibility for identity and data security onto others. Web developers who don’t understand how to obscure data in transmission, for instance, can open security flaws on a site without realizing it. With this practical guide, you’ll learn how and why everyone working on a system needs to ensure that users and data are protected.

 

Go to this book

Book Title: Identity Management with Biometrics: Explore the latest innovative solutions to provide secure identification and authentication

Our Take: Lisa Block is a Security Ambassador with a broad range of IT skills and knowledge, including networking, Cisco CyberOps, Wireshark, biometrics, and the IoT. She also conducts courses for LinkedIn Learning. 

authentication booksStarting with an overview of biometrics, you’ll learn the various uses and applications of biometrics in fintech, buildings, border control, and many other fields. You’ll understand the characteristics of an optimal biometric system and then review different types of errors and discover the benefits of multi-factor authentication. You’ll also get to grips with analyzing a biometric system for usability and accuracy and understand the process of implementation, testing, and deployment, along with addressing privacy concerns. The book outlines the importance of protecting biometric data by using encryption and shows you which factors to consider and how to analyze them before investing in biometric technologies.

Go to this book

Book Title: Hacking Multifactor Authentication

OUR TAKE: Roger Grimes is a Principal Security Architect at Microsoft, and works with Microsoft Windows, Linux, and BSD. He is also a prolific author and speaker. 

authentication booksThis book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You’ll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers’) needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book.

 

Go to this book

Book Title: Zero Trust Networks: Building Secure Systems in Untrusted Networks 

OUR TAKE: Evan Gilman is an Operations Engineer with a background in computer networks. Doug Barth is a software engineer. Together, they share their experience with readers and researchers. 

Perimeter defenses guarding your network aren’t as secure as you might think. Hosts behind the firewall have no defenses of their own, so when a host in the “trusted” zone is breached, access to your data center is not far behind. This practical book introduces you to the zero trust model, a method that treats all hosts as if they’re internet-facing, and considers the entire network to be compromised and hostile.

 

Go to this book

Book Title: Password Authentication for Web and Mobile Apps: The Developer’s Guide To Building Secure User Authentication

OUR TAKE: Dmitry Chestnykh has been writing software for over twenty years, and now consults on applied cryptography and software security. 

Authenticating users with passwords is a fundamental part of web and mobile security. It is also the part that’s easy to get wrong. This book is for developers who want to learn how to implement password authentication correctly and securely. It answers many questions that everyone has when writing their own authentication system or learning a framework that implements it.

 

 

Go to this book

Thanks for checking out our list of top nine authentication books for professionals. Be sure to also check out our Identity Management Buyer’s Guide. Also, check out the Solutions Suggestion Engine, our new tool which can match your enterprise with a vendor-created profile in seconds. 

Solutions Review participates in affiliate programs. We may make a small commission from products  purchased through this resource.
Ben Canner