September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
94
|
第
7
章
团队在推动
FIDO
安全密钥机制的过程中确实遇到了一些问题,比如过时的固件。在可能
的情况下,我们以自助方式解决这些问题,例如允许用户自己更新安全密钥固件。
然而,让用户可以访问安全密钥只解决了问题的一半。使用
OTP
的系统还需要转换为使
用安全密钥的系统。在
2013
年
,许多应用程序本身并不支持这一项新开发的技术。我们
的团队优先关注
Google
员工日常使用的应用程序
,比如内部代码审查工具和仪表盘。在
不支持安全密钥的情况下,
Google
直接与供应商沟通使用请求并添加支持
。然后,我们不
得不处理申请的长尾问题。因为所有的
OTP
都是集中生成的
,所以我们能通过跟踪发出
OTP
请求的客户端来确定下一个目标是哪个应用程序。
2015
年
,我们的团队专注于完成推广并弃用
OTP
服务。当用户使用动态口令而不是安全
密钥时,我们会向他们发送提醒消息,最终阻止通过动态口令进行访问。尽管我们已经处
理了
OTP
应用的大部分长尾问题,
但仍有一些例外情况,比如移动设备的设置。对于这些
特殊情况,我们专门创建了一个基于
We
b
的动态口令生成器。用户需要用他们的安全密钥
验证他们的身份,这是一种合理的故障模式,但比较耗时。在
2015
年
,我们成功地完成
了全公司安全密钥的推广工作。
这一经历说明了几个普遍适用的经验教训,与建立安全性和可靠性的文化相关(参见第
21
章
)。
确保你选择的解决方案适用于所有用户
关键是
2
FA
解决方案是可用的,这样视力受损的用户才不会被排除在外。
让变更简单易学,并且尽可能不费力
如果解决方案比最初的情况更人性化,那么这一点尤其适用。这对于你期望用户频繁执 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.