![esecurity](https://raw.githubusercontent.com/billbuchanan/esecurity/master/z_associated/esecurity_graphics.jpg)

# Investigation of Tokens, Authorization and Docker
The key concepts are:

* Token creation and usage, including JWT, Fernet, OAuth and ERC20.
* Federated ID systems.
* Outline of the usage of Docker for building security infrastructure for SSH and authorization.

## What you should know at the end of unit?

* Define how ERC-20 tokens are used within Ethereum.
* Understand the scope of tokens and how they could be used for authorization.
* Define the signing methods used in tokens, such as with HMAC and RSA, and the weakness of token which are not signed (OAuth)
* Able to setup a simple Docker container which implements a security function.

## Material

* Week 10 Lecture (Video): [here](https://youtu.be/iddk9k_-shc).
* Week 10 Lecture (PDF): [here](https://asecuritysite.com/public/unit09_host_services.pdf)
* Week 10 Lab (PDF): [here](https://github.com/billbuchanan/esecurity/blob/master/unit10_services/lab/unit10_tokens.pdf).

## Related topics

The following are some related presentations:

* JSON Web Tokens: [here](https://asecuritysite.com/encryption/js_jwt).
* Fernet Tokens: [here](https://asecuritysite.com/encryption/fernet).
* Fernet Tokens (with PBKDF2): [here](https://asecuritysite.com/encryption/fernet2).
* Fernet Tokens (with Key rotation): [here](https://asecuritysite.com/encryption/fernet3).
* Fernet Tokens (Autokeying): [here](https://asecuritysite.com/encryption/fer).