Editing Chapter 6: Edge Security and Privacy (section)

==='''Authorization and Authentication Attacks'''===

When these attacks happen, an attacker can bypass authentication processes and gain unauthorized access by using four techniques: dictionary attacks, attacks exploiting vulnerabilities in authorization protocols, attacks exploiting vulnerabilities in authorization protocols, and overprivileged attacks. 

*''Dictionary attack'' is when an attacker possesses a dictionary containing the most used credentials or passwords and inputs all possible entries in this dictionary in order to brute force a match. 

*''Attacks exploiting vulnerabilities in authorization protocols'' are when attackers look for design flaws in how authentication protocols are being used, like finding vulnerabilities in WPA2 or WPA3 protocols which can give an attacker messages that have encrypted information. They can also use 4G or 5G vulnerabilities in order to find a person's location and inject fabricated paging messages to mess with them and gain more information.

*''Attacks exploiting vulnerabilities in authorization protocols'' are when attackers look for flaws in how authorization protocols are designed, such as an attacker using vulnerabilities in OAuth single sign-in which let them access victims personal information without authorization. 

*''Overprivileged attacks'' are when attackers are able to develop malicious apps that can do things that they do not have permission to do without needing to authenticate, such as changing door pins and setting off fire alarms in a house. 

[[File: dictionaryattack.png|300px]]